WEBVTT

1
00:01.490 --> 00:02.750
Hello and welcome back.

2
00:02.750 --> 00:06.080
We are now going to study the ADD and SUB instructions.

3
00:06.080 --> 00:07.580
So let's get started.

4
00:07.910 --> 00:13.970
So these are the few variations we have: ADD and SUB for immediate and register.

5
00:13.970 --> 00:16.700
We have ADD and SUB for register and register.

6
00:17.180 --> 00:19.760
We have ADD and SUB for memory and immediate.

7
00:19.760 --> 00:22.880
We also have ADD and SUB for register and memory.

8
00:23.030 --> 00:26.090
So open up your x64dbg.

9
00:29.670 --> 00:32.430
And then run to this point.

10
00:32.430 --> 00:38.910
Open your template two first, of course, and then put your breakpoint here and run to that location.

11
00:39.060 --> 00:41.880
Step over until you come to this blank line.

12
00:41.880 --> 00:45.720
And now we are going to put this instruction in there.

13
00:45.960 --> 00:52.740
So before that, let us modify the register we are going to use. Let's say - register.

14
00:52.740 --> 00:56.070
So you right-click on our register and modify it.

15
00:56.340 --> 00:58.500
And we put in 20.

16
00:58.500 --> 01:00.660
In there, click okay.

17
01:01.230 --> 01:04.680
So now we are ready to do this instruction.

18
01:04.680 --> 01:11.160
So click on this blank line here, spacebar, and type ADD -.

19
01:11.160 --> 01:15.960
And maybe we put a one. Click okay.

20
01:17.840 --> 01:26.480
So now we are going to execute this line and watch the register. Execute this line by stepping over it.

21
01:26.480 --> 01:32.360
And now - becomes 21 because we add one to -.

22
01:32.780 --> 01:34.970
So now - becomes 21.

23
01:35.360 --> 01:40.160
Next, we are going to try this: subtract register and immediate.

24
01:40.160 --> 01:44.570
So let's do that now. Subtract.

25
01:45.110 --> 01:48.770
And then maybe we can put two, two.

26
01:48.800 --> 01:50.030
Click okay.

27
01:50.750 --> 01:53.330
And now we are going to execute this line.

28
01:53.330 --> 01:58.250
What it does is it will minus two from the value in -.

29
01:58.430 --> 02:03.920
So let's step over, and we see now - becomes 1F.

30
02:04.520 --> 02:06.350
Let's open up our calculator.

31
02:08.060 --> 02:10.490
So open our calculator here.

32
02:12.930 --> 02:19.860
And then we change this calculator into the programmer calculator.

33
02:21.360 --> 02:26.610
So now we select the hex here and select the keyboard here.

34
02:30.060 --> 02:30.360
All right.

35
02:30.420 --> 02:30.930
Keyboard.

36
02:30.930 --> 02:36.090
So now we key in 21 because the previous value of - was 21 in hex.

37
02:36.960 --> 02:41.250
And then we are going to minus two, minus two equals.

38
02:41.250 --> 02:42.210
So we get 1F.

39
02:42.210 --> 02:43.740
So that is what we expected.

40
02:43.740 --> 02:45.120
It is correct, 1F.

41
02:45.870 --> 02:46.320
All right.

42
02:46.320 --> 02:47.910
So now we go to the next one.

43
02:47.910 --> 02:50.250
We are going to add register to register.

44
02:50.490 --> 02:52.680
So now we are going to do that.

45
02:52.680 --> 02:55.860
We are going to add - to - and see what happens.

46
02:56.280 --> 03:04.920
So we could add -, -. Click ADD.

47
03:06.270 --> 03:08.100
Then we step over it, and we see.

48
03:08.100 --> 03:13.770
Now - becomes 20 because we take one and add to 1F.

49
03:13.770 --> 03:15.000
So it becomes 20.

50
03:15.000 --> 03:21.990
We can also confirm that by doing this. If we add one plus 1F, we get 20 in hex.

51
03:22.560 --> 03:23.280
Correct.

52
03:23.670 --> 03:28.020
Next one is we are going to subtract register and register.

53
03:28.020 --> 03:30.420
So we can do that here.

54
03:30.420 --> 03:31.170
SUB.

55
03:31.890 --> 03:38.070
We take maybe -, -.

56
03:39.350 --> 03:44.960
So what this will do is it will minus - from -.

57
03:45.110 --> 03:47.780
So - is one, - is one.

58
03:47.780 --> 03:51.080
So when you minus one from -, - will become zero.

59
03:51.080 --> 03:52.520
So let's step over that.

60
03:52.520 --> 03:54.500
And we see now - is zero.

61
03:55.370 --> 03:58.640
Now next, we are going to try this: memory and immediate.

62
03:58.640 --> 04:00.650
So we select Dump 1.

63
04:00.830 --> 04:03.320
We put a value in the memory first.

64
04:03.320 --> 04:04.520
So we go to memory.

65
04:04.520 --> 04:06.560
Select the BSS segment.

66
04:06.560 --> 04:07.550
Double-click on it.

67
04:08.120 --> 04:09.740
We choose a blank location here.

68
04:09.740 --> 04:12.890
This one. Right-click to copy this address.

69
04:13.670 --> 04:19.850
And then here, maybe we put binary edit first. Binary edit.

70
04:19.850 --> 04:23.210
And then maybe here we put the value 20.

71
04:26.010 --> 04:27.030
Okay, okay.

72
04:27.030 --> 04:28.770
So now we got 20 there.

73
04:28.770 --> 04:32.190
So we are going to add immediate to this 20.

74
04:32.190 --> 04:33.180
So let's try that.

75
04:35.130 --> 04:43.830
So that memory location is BYTE PTR. Paste the memory.

76
04:44.130 --> 04:49.050
And then here we're going to add three. Click okay.

77
04:49.860 --> 04:51.330
So three, so immediate.

78
04:51.330 --> 04:55.290
So let's step over this and watch what happens to this value.

79
04:56.490 --> 04:57.240
Step over.

80
04:57.240 --> 04:59.370
And we see now it becomes 23.

81
04:59.370 --> 05:02.070
So exactly as we expected.

82
05:02.070 --> 05:04.650
Next, we are going to subtract immediate from memory.

83
05:04.650 --> 05:13.140
So let's go to this location. SUB, BYTE PTR, paste memory.

84
05:13.140 --> 05:15.240
And we're going to subtract one from there.

85
05:15.600 --> 05:16.470
Click okay.

86
05:16.680 --> 05:20.790
So we're going to minus one from this 23 here and see what happens.

87
05:20.790 --> 05:22.860
Step over, and now becomes 22.

88
05:22.890 --> 05:23.580
That's correct.

89
05:24.390 --> 05:30.300
And then the last one is ADD and subtract register and memory.

90
05:30.420 --> 05:36.750
So for that, we will use the register memory.

91
05:36.750 --> 05:39.330
So let's just change this register.

92
05:39.630 --> 05:41.580
Let's try to use a different register.

93
05:41.580 --> 05:43.260
Now maybe we try -.

94
05:43.560 --> 05:46.470
So we modify the value in -.

95
05:46.470 --> 05:51.750
Maybe we put here 42. Let's say 42.

96
05:52.020 --> 05:53.040
So let's do that.

97
05:53.040 --> 05:54.960
Now we are doing this one.

98
05:56.550 --> 06:03.030
So we are going to add first. ADD -.

99
06:03.030 --> 06:08.250
So this one will be -, -, and then BYTE PTR.

100
06:09.690 --> 06:13.140
And then here we put your memory.

101
06:16.350 --> 06:19.560
So it's going to take 22 plus 42.

102
06:19.590 --> 06:22.980
So let's step over, and we see it gets 64.

103
06:22.980 --> 06:24.030
So it's correct.

104
06:24.120 --> 06:27.000
Yeah, 22 plus 42 is indeed 64.

105
06:27.330 --> 06:31.080
Now next one, last one, is to minus register from memory.

106
06:31.080 --> 06:33.060
So let's try that now.

107
06:34.390 --> 06:37.720
SUB, memory will be your BYTE PTR.

108
06:39.610 --> 06:44.410
Paste your memory there and minus from register.

109
06:44.410 --> 06:46.000
So your register should.

110
06:46.330 --> 06:53.710
Maybe we put, maybe we take - or we take -.

111
06:53.710 --> 06:54.010
Okay.

112
06:54.190 --> 06:55.180
- is fine.

113
06:56.530 --> 06:57.130
Okay.

114
06:57.250 --> 07:01.780
So now it's going to minus - from here.

115
07:01.780 --> 07:05.290
So - is 20, here is 22 memory.

116
07:05.290 --> 07:10.570
So this one should become two because you're going to minus 20 from 22.

117
07:10.960 --> 07:11.560
Step over that.

118
07:11.560 --> 07:13.480
And you see now this becomes two.

119
07:13.870 --> 07:18.160
This is how you do your ADD and SUB using all these combinations.

120
07:18.160 --> 07:20.080
So that's all for this video.

121
07:20.080 --> 07:21.640
Thank you for watching.