Professional Documents
Culture Documents
Microsoft Windows OS series of graphical interface operating system, developed and sold by
Mircosoft. It is user friendly but not as much powerfull as that of linux based operating system.
Windows many windows on one screen:
1. Desktop is a windows
2. Task bar is also a windows
3. Button too is a windows
Virtual memory When the memory of my RAM runs out of storage capacity then there comes
the concept of virtual memory. Its not the physical memory but acts as the physical memory.
Imagine sb logo k pass ghar hai. Ghar ka koi physical address hai that is only your street
address not your house number. If someone wants to send a mail or letter to you, they are
gonna use the post office. no one known the relation between the letter reference and the
house address apart from the postal workers. Now only the post master knows which letter
refers to which house. So here my post office is my virtual address and postal master is my
virtual memory manager
Virtual memory may at the flash or disk. The application program uses the physical addresses
at the RAM. A virtual memory management systems maps the virtual addresses of the pages
with
the physical addresses of the pages after the pages of the program has been loaded at RAM.
Virtual Address Space virtual memory addresses set that system can use. For maintaining
this system maintains a page table for each and every process. Each process on 32-bit
Microsoft Windows has its own virtual address space that enables addressing up to 4 gigabytes
of memory. Each process on 64-bit Windows has a virtual address space of 8 terabytes.
Memory Pools pool of memory allocation blocks, it dynamically allocates the memory to
processes, application and softwares when they asked for it.
Virtual Memory Functions enables a process to manipulate and determines the status of the
page in its virtual address space
Assembly Language
What is a language these are set of rules, instructions telling my computer what to do and
what not to do. Because my computer is dumb. It does not know what to do unless and until
we ask or tell him to do.
Different types of languages:
1. High-level computer programming language
2. Middle-level computer language
3. Low-level computer language
High level programming language these are the codes and programming language which are
written in english or almost english language with some specific and defined syntax. It is
basically a symbolic language that use english words and mathematical expressions in it.
Examples are- c, c++, java, python, perl etc.
They are divided in three main categories:
1. Problem-oriented language
2. Procedural language
3. Non-procedural language
Furthermore, the whole category of programming language is also divided into the categories of
the purpose. They are:
1. Purpose e.g. business, educational, scientific.
2. Facilities provided e.g. meaningful variable names, control and data structures, error
checking facilities.
3. Ease of learning and use.
4. Portability - if a program is to he used on or in more than one system.
5. Popularity - availability of compilers/interpreters.
6. Documentation provided.
Low-level language these are machine codes, which a normal human cannot understand. Our
computer does not understand normally what we speak or what we write. It only understands
and execute the instructions that are in the form of 0 and 1. ex binary language
NUMBER SYSTEMS A number system is a system of writing for expressing numbers. It is the
mathematical notation for representing numbers of a given set by using digits or other symbols
in a consistent manner. It provides a unique representation to every number and represents the
arithmetic and algebraic structure of the figures. It also allows us to operate arithmetic
operations like addition, subtraction, and division.
There are 4 types of number system in computer system:
1. Binary 0 and 1 only numbers -- base 2
2. Decimal 0 to 9 -- 10 numbers -- base 10
3. Octal 0 to 7 -- 8 numbers -- base 8
4. Hexadecimal 0 to 9 and A to F -- 16 numbers -- base 16
Memory address A memory address is a unique identifier used by a device or CPU for data
tracking. This binary address is defined by an ordered and finite sequence allowing the CPU to
track the location of each memory byte.
Assembly language a programming language that consists of instructions that are mnemonic
codes for corresponding machine language instructions.
INC COUNT ; Increment the memory variable COUNT
MOV TOTAL, 48 ; Transfer the value 48 in the
; memory variable TOTAL
ADD AH, BH ; Add the content of the
; BH register into the AH register
AND MASK1, 128 ; Perform AND operation on the
; variable MASK1 and 128
ADD MARKS, 10 ; Add 10 to the variable MARKS
MOV AL, 10 ; Transfer the value 10 to the AL register
Registers Processor operations mostly involve processing data. This data can be stored in
memory and accessed from thereon. However, reading data from and storing data into memory
slows down the processor, as it involves complicated processes of sending the data request into
the memory storage unit and getting the data through the same channel. To speed up the
processor operations, the processor includes some internal memory storage locations, called
registers.
Register are used to quickly accept, store, and transfer data and instructions that are being
used immediately by the CPU
Registers are grouped into three categories
General registers use to hold intermediate results whilst working through a calculation
or algorithm.
Control registers changes or controls the general behavior of a CPU or other digital
device.
Segment registers hold the base value of different segments like Code Segment,
Data Segment etc.
Other registers
1. Memory Address Register (MAR): This register holds the address of memory where
CPU wants to read or write data. When CPU wants to store some data in the memory or
reads the data from the memory, it places the address of the required memory location
in the MAR.
2. Memory Buffer Register (MBR): This register holds the contents of data or instruction
read from, or written in memory. The contents of instruction placed in this register are
transferred to the Instruction Register, while the contents of data are transferred to the
accumulator or I/O register. In other words you can say that this register is used to store
data/instruction coming from the memory or going to the memory.
3. I/O Address Register (I/O AR): I/O Address register is used to specify the address of a
particular I/O device.
4. I/O Buffer Register (I/O BR): I/O Buffer Register is used for exchanging data between
the I/O module and the processor.
5. Program Counter (PC): Program Counter register is also known as Instruction Pointer
Register. This register is used to store the address of the next instruction to be fetched
for execution. When the instruction is fetched, the value of IP is incremented. Thus this
register always points or holds the address of next instruction to be fetched.
6. Instruction Register (IR): Once an instruction is fetched from main memory, it is stored
in the Instruction Register. The control unit takes instruction from this register, decodes
and executes it by sending signals to the appropriate component of computer to carry
out the task.
7. Accumulator Register: The accumulator register is located inside the ALU, It is used
during arithmetic & logical operations of ALU. The control unit stores data values fetched
from main memory in the accumulator for arithmetic or logical operation. This register
holds the initial data to be operated upon, the intermediate results, and the final result of
operation. The final result is transferred to main memory through MBR.
8. Stack Control Register: A stack represents a set of memory blocks; the data is stored
in and retrieved from these blocks in an order, i.e. First In and Last Out (FILO). The
Stack Control Register is used to manage the stacks in memory. The size of this register
is 2 or 4 bytes.
9. Flag Register: The Flag register is used to indicate occurrence of a certain condition
during an operation of the CPU. It is a special purpose register with size one byte or two
bytes. Each bit of the flag register constitutes a flag (or alarm), such that the bit value
indicates if a specified condition was encountered while executing an instruction.
Performance Registers
EAX : Extended Accumulater Register
EBX: Base Register
ECX: Counter Register
EDX: Data Register
Index of Register
Source Index Register
Destination Index Register
Data Movement Instructions: copies a byte or a word from the source location to the destination.
In general, either the source or the destination must be a register, the only exception is that an
immediate value may be moved straight to memory. Here are the accepted forms:
1. Mov The MOV instruction moves data bytes between the two specified operands. The
byte specified by the second operand is copied to the location specified by the first
operand. The source data byte is not affected.
MOV R5, A
Move the value of register A to register R5
2. Push The PUSH instruction increments the stack pointer and stores the value of the
specified byte operand at the internal RAM address indirectly referenced by the stack
pointer. No flags are affected by this instruction.
PUSH A
3. Pop The POP instruction reads a byte from the address indirectly referenced by the
SP register. The value read is stored at the specified address and the stack pointer is
decremented. No flags are affected by this instruction.
POP 34h
4. In Copies the value from the I/O port specified with the second operand to the
destination operand. The source operand can be a byte-immediate or the DX register;
the destination operand can be register AL, AX, or EAX, depending on the size of the
port being accessed.
IN AL,imm8
Input byte from imm8 I/O port address into AL.
5. Out Copies the value from the second operand to the I/O port specified with the
destination operand. The source operand can be register AL, AX, or EAX, depending on
the size of the port being accessed the destination operand can be a byte-immediate or
the DX register.
OUT imm8, AL
Output byte in AL to I/O port address imm8.
INSTRUCTIONS OPERATIONS
add D, S1, S2 D S1 + S2
S1, S2 AC S1+ S2
sub D, S1, S2 D S1 - S2
mul D, S1, S2 D S1 * S2
or D, S1, S2 D S1 or S2
not D, S1 D not S1
inc A A A+1
dec A AA-1
Conditional Instruction these are just like if and else statements in normal programming
language. Which helps in creating loops and conditions and also helps us in jumping the bunch
of statements from execution.
Ring3 application are those applications which have least privileges and are less secured
There are special gates for accessing the ring resources in a pre defined manner.
Supervisor mode can be changed and alter by running codes in the system level
Hypervisor mode it is mainly the ring 0 of the protection ring hard to compromise the
system
Ollydbg tool---> use to debug the software and specially used in reverse engineering of the
softwares. For creating their cracks, patches and getting the registration keys or so called cd
keys of the software to convert demo or trial version in to full version