Author Topic: breaking-the-x86-instruction-set  (Read 1265 times)


  • Member
  • ***
  • Posts: 474
  • ObjAsm32 + ObjAsm64 = ObjAsm
    • ObjAsm
« on: February 04, 2018, 05:38:54 AM »
Lately I saw some YouTube videos from BackHat that caught my attention.
In particular, this one by Christopher Domas

The abstract can be downloaded here

“A processor is not a trusted black box for running code; on the contrary, modern x86 chips are packed full of secret instructions and hardware bugs. In this talk, we'll demonstrate how page fault analysis and some creative processor fuzzing can be used to exhaustively search the x86 instruction set and uncover the secrets buried in your chipset. We'll disclose new x86 hardware glitches, previously unknown machine instructions, ubiquitous software bugs, and flaws in enterprise hypervisors. Best of all, we'll release our sandsifter toolset, so that you can audit - and break - your own processor.”
The talk has many interesting topics, in particular, how to discover the instruction set and all those things that are hidden in the CPU and we don’t know about.

Very interesting! By the way, there are more posts from this author that are worth listening to.

Regards, Biterider


  • Member
  • *****
  • Posts: 2014
Re: breaking-the-x86-instruction-set
« Reply #1 on: February 04, 2018, 06:17:32 AM »
This is indeed very interesting.  8)
Creative coders use backward thinking techniques as a strategy.


  • Member
  • *****
  • Posts: 1473
  • The base type of a type is the type itself
    • SmplMath macros
Re: breaking-the-x86-instruction-set
« Reply #2 on: February 04, 2018, 07:47:13 AM »
These unknown instructions beginning with 0Dxh are x87 instructions (see Intel's OpCode map), which probably lost their meaning when the FPU were integrated into the CPU. Also Olly knows 0dbe0/1 as FENI and FDISI: enable/disable Interrupts.

Anyway interesting

MREAL macros - when you need floating point arithmetic while assembling!


  • Member
  • ****
  • Posts: 642
Re: breaking-the-x86-instruction-set
« Reply #3 on: February 04, 2018, 08:44:06 AM »
Nice and interesting video


  • Administrator
  • Member
  • ******
  • Posts: 7065
  • Mnemonic Driven API Grinder
    • The MASM32 SDK
Re: breaking-the-x86-instruction-set
« Reply #4 on: February 04, 2018, 10:12:44 AM »
The instructions I am worried about are the RTN instructions (Report To NSA) or any other back doors built into the hardware. Most of the rest do not bother me, they just look like manufacturing left overs that change from processor to processor.  :biggrin:
hutch at movsd dot com    :biggrin:  :skrewy:


  • Member
  • *****
  • Posts: 1265
  • Eagles are just great!
Re: breaking-the-x86-instruction-set
« Reply #5 on: February 04, 2018, 10:52:19 AM »
By the moment i agree with you hutch. :P
Btw i think whichever processor we use, meanwhile it's connected to the internet (or any other net) it can be insecure, maybe due to bugs, intentionally flaws, etc.  :idea: