Slashdot Mirror

← Back to Stories (view on slashdot.org)

80x86 ASM for ASP.NET

Posted by timothy on from the contrary dept.

Galen Wolffit writes "A chap out in Denmark has brought us an 80386 Assembler for ASP.NET. This interpreter supports about 61 80x86 instructions, though there are a number of limitations. Why? Why not. And when asked about pointers (which are considered evil in .NET), the author simply says 'With 80386 scripting you can still generate memory exceptions and bring the web-server down. It's things like this that make assembler programmers feel powerful.'"

17 comments

  1. power? by arnorhs · · Score: 3, Funny

    asm programmers fell powerful whenever they get to write anything... which happens very seldom :/

  2. Overhead? by exebeoex · · Score: 4, Interesting

    I wonder what kind of overhead this incurs. Afterall, for a number of reasons it would only be as fast as an x86 emulator, no? Not to mention trying to convert register based instructions for use on a stack based machine. But maybe this sort of register->stack translation scheme used can be useful for those working on making a backend to the GCC RTL (register transfer language) for the .NET runtime. Could it?

    1. Re:Overhead? by Anonymous Coward · · Score: 0


      no, assembly language is the fastest programming language there is. No interpretation is necessary if you are running on an x86 server.

    2. Re:Overhead? by GigsVT · · Score: 1

      It's right on the page.

      Speed?
      Converting a language like 80386 assember to another low-level instruction set is, as you can imagine, not a healthy thing for code performance. In other words, the performance suck big time.

      --
      I've had enough abrasive sigs. Kittens are cute and fuzzy.
    3. Re:Overhead? by yamla · · Score: 1

      This would only be true if you were not running inside of the .NET CLR.

      --

      Oceania has always been at war with Eastasia.
  3. Fun... Perhaps by foooo · · Score: 4, Insightful

    Fun... Perhaps...

    Useful? Probably not.

    I don't personaly find writing Asm to be the quickest way to code something and the benefit of superfast execution speed is lost when converting to IL.

    If you're going to actually write Assembler... do it the way it's meant to be done. Not in .NET... leave .NET to the high(er) level developers it's aimed at.

    ~foooo

  4. Important Reminder by Anonymous Coward · · Score: 0, Funny

    With 80386 scripting you can still generate memory exceptions and bring the web-server down.

    Remember do not forget to set the EVIL bit

  5. Lies! by Tuxinatorium · · Score: 2, Funny

    There is no such thing as x86 architecture! It is a silicon fabrication of the Intel Infidels!

    --(former) Iraqi Information Minister, Mohammed Saeed Al-Sahaf

    --
    Repeal the DMCA!
  6. Question by m0rph3us0 · · Score: 0, Troll

    Some of you that know more about exploits may be able to point me in the right direction. Would you be able to use this to exploit .NET ie. create exploitable app in 80386script and then have a browser load the exploitable app? or would we have to find a general exploit to the .NET VM to gain access to the system? I'm assuming unsigned .NET code for IE runs in some sort of security mode like java does.

    1. Re:Question by AssFace · · Score: 1

      huh? why would this allow exploits any more easily than any of the other languages in .NET?

      --

      There are some odd things afoot now, in the Villa Straylight.
    2. Re:Question by anarxia · · Score: 1

      In this case x86 assembly does not give you the power it traditionally does, since the compiled code will bare little resemblance to the code you write. The way to get the most power on the generated code would be to write in IL directly (you might as well write an IL assembler while you are at it).

    3. Re:Question by pchasco · · Score: 1

      I dont think so. If the assembly code is running on the web server, then it isn't running on the browser. Besides, even assembly code isn't executably by a computer. It still needs to be compiled with an assembler. That being said, if the exploit were possible then they wouldn't even need 80386script to exploit the browser. They could just send it some C#.

  7. MenuetOS by e8johan · · Score: 2, Interesting

    Does this mean that we can run MenuetOS on .Net? (MenuetOS is 100% x86 asm)...

    1. Re:MenuetOS by anarxia · · Score: 1

      From the specs on the website only a small subset of the x86 asm is supported, so I seriously doubt it.

  8. YOU FAIL IT! by Anonymous Coward · · Score: 0

    that's the saddest attempt at humour I've ever seen.

  9. More Virii! Yay! by screwthemoderators · · Score: 1

    Now script kiddies can recycle those old virii that anti-virus software now defeats. Woot! I knew Dot-NET would present new opportunities for '1ee7 exploits!

    --
    http://en.wikipedia.org/wiki/Signature_bloc
  10. This stuff has no effect on the web browser by pchasco · · Score: 2, Informative

    For all those paranoid, you can rest easy. The assembly code still runs on the web server, and not your browser. No different than C# or VB.NET code in that respect. If the web server could force your browser to compile and execute this assembly code, then it could very well just force you to compile and run some C# or VB.NET code.