Things that need to get done to this document. Note, none of these things are going to be particularly easy. But then again, neither was writing up the rest of this tutorial.
This needs to be written for AT&T syntax and as.
Topics:
Asm Basics:
Common asm instructions and their side-effects
Link to a more complete and comprehensive opcode description page
Parts of a program
Declairing variables
Writing functions
Calling functions in libc
Calling syscalls
Linking against libc
We need someone to run through the tools showcased here and generate some sample output files for the more complicated ones. Also, diagrams for the stack section are needed, as well as the array section.
Target programs:
opera
vmware
crossover
IDA
More detail is needed in some places, especially in the area of widget interception. (describing the event loop and suggesting good breakpoint places for GTK, Qt might be nice)
Add resources and links section for each chapter (where applicable)
The simpler things to do to this script would be to clean up the FIXME's, and add options to it (such as --no-show-raw-insn) Also, making an attempt at derefrencing pointers based on some heuristic would be nice. Check out this perl disassembler for ideas (not too many ideas.. its output format sucks).
If anyone is feeling extremely hardcore and wants to help modify Steve and Nasko's perl script to make the output more intuitive, feel free. A directed graph would be fantastic, automatic determination of main would also be great (use graph theory on your directed graph). There is also a utility called ptrace that is part of the LDasm project. Interfacting it (or gdb) with disasm.pl script to set a break point for each function would be a heroic task as well (because this would be the equivalent of ltrace, except for ALL functions in a program, not just the libs).
If any of the dual booters in the crowd want to create a similar document for windows and/or give a talk, submissions are encouraged. Do note that in the meantime, all of these utils exist for windows as well, thanks to the cygwin project. (LINK). They should work the same there.