HN Theater @HNTheaterMonth

The best talks and videos of Hacker News.

Hacker News Comments on
Compiling C to printable x86, to make an executable research paper

suckerpinch · Youtube · 191 HN points · 7 HN comments
HN Theater has aggregated all Hacker News stories and comments that mention suckerpinch's video "Compiling C to printable x86, to make an executable research paper".
Youtube Summary
In this oddly paced "educational" video, I explain how I created a paper for SIGBOVIK 2017 that consists of only printable ASCII bytes, but is also a valid DOS executable. This involves making a C compiler that targets the printable subset of x86 (without using self-modifying code), and just barely scraping out solutions to some tricky puzzles that arise due to the constraints. The final result is functionality that is oh so very important, however!

Download the paper/program and source code: http://tom7.org/abc/
SIGBOVIK: http://sigbovik.org/
All Tom thingies: http://tom7.org/
HN Theater Rankings

Hacker News Stories and Comments

All the comments and stories posted to Hacker News that reference this video.
That last one (Tom 7's executable x86 paper) is incomplete without the video where he demonstrates running the paper (or running the paper yourself).

https://www.youtube.com/watch?v=LA_DrBwkiJA

Apr 25, 2021 · anitil on Lipogram
tom7 made a while video explaining how to create an executable only with printable characters [0]. He even write a compiler called 'ABC' for it.

[0] https://www.youtube.com/watch?v=LA_DrBwkiJA

Apr 09, 2021 · 63 points, 15 comments · submitted by gus_massa
Rendello
tom7 / suckerpinch is great, I love his "30 Weird Chess Algorithms" video:

https://www.youtube.com/watch?v=DpXy041BIlA

FpUser
I loved the video and presentation style. And the idea itself is very much fun.
MarioMan
If you like this brand of wonderful nonsense, you should check out his other videos. He usually posts a video on at least one wacky idea each year, then publishes a research paper about it at SIGBOVIK[0], a joke computer science conference with proceedings released every April 1st.

0: http://sigbovik.org/

FpUser
Thank you.
secondcoming
I think I read about this a long time ago where it was thought that this could be used to potentially bypass anti-virus checks
gus_massa
I think antivirus would be fine. There is a test file by EICAR https://en.wikipedia.org/wiki/EICAR_test_file . It's also 100% text, but it's and ".com" instead of a ".exe" so the internal structure is easier. And more importantly, it use self-modifying code to modify an instruction and run a non printable instruction, that is somewhat cheating.
dale_glass
Why cheating?

I don't think complying with any kind of "fairness" was ever the point. EICAR was created to fulfill a need to test antiviruses with some additional requirements, and how exactly it achieved it wasn't really important.

I'm not sure if anybody ever described the official design goals for it, but based on some previous reading it seems that being able to type it on a keyboard was a requirement.

I'm guessing this is because the kind of environment in which one experiments with viruses and their detection, it's desirable to maintain physical separation, and so using any kind of media or requiring a network connection would create danger. Or perhaps they also wanted it to be suitable for testing locked down environments where a more convenient way of introducing the test would have already been removed.

gus_massa
The part about cheating was tongue in check, self modifying code makes writing printable executables easier.

An excuse to avoid it is that some operative system are trying to enforce W^X, so executable code can't be modified. (But I think the real reason is that he wanted the harder challenge.)

kuroguro
To be fair something as simple as adding a self-signed cert bypasses more AVs than it should.

It would work as long as it doesn't become popular. Very few people would put in as much effort as long as there are easier ways around.

timonoko
I have a story about executable text-file and it goes like this:

In 1990 I got Atari Portfolio from liquidation sale in Sweden. Copyright was expired so there were no romcard, which contained various tools to program the bloody thing. It was an empty MSDOS-machine without DEBUG or anything. All I could do was to copy 7 bit ASCII-characters to a file from the keyboard. After few days, or maybe weeks, I managed to construct small ASCII TXT-file, which, when renamed to EXE-file, executed a loop, which read and interpreted hexadecimal code from keyboard and executed this piece of code at <CR>.

This was the gateway and bootstrap to everything else.

And yes: I was now in Finland. So there was no other Atari Portfolio owner anywhere nearby from whom I could have borrowed this romcard.

em-bee
could you share the rest of the story please?

what does "copy from keyboard" mean? was there a way to type numbers to produce any 7bit sequence?

and with that you wrote a program that could read hex (which was easier to type than raw 7bit code)?

so you wrote the initial program in raw machinecode? not as a script that would be interpreted?

and then what did you type in hex? the whole contents of the romcard? and you got that from where? you had a printout of that?

timonoko
This is what I was trying to do:

    c:\> echo ABCDEFG > file.txt
    c:\> ren file.txt file.exe
    c:\> file.exe

    DOSBOX: Exit to error: Illegal GRP4 Call 5
Now. Imagine that you study very hard raw machine code and find a new string (replacing ABCDEFG), which constitute valid EXE-header and a piece of code, which does not cause error and does something useful.

And useful thing here was to interpret letter-pairs in the string as hexadecimal numbers, so you then can write any program you want.

Did this help any?

em-bee
yes, you are confirming what i guessed. so you were able to type out the initial program only with the keys on the keyboard? how did you find what to type?

and then once you had the hex-reader, where did you get the hexdump to type in? which programs did you create this way?

timonoko
No thank you kindly. I give up. This was 31 years ago and it was once-only issue. Who cares.

Remembered however that COM-files were the simple ones. EXE-headers were more complicated.

But quite obviously I made a program that read stuff from serial port. And once you had ZMODEM you could copy rest of standard MSDOS command set from anywhere. The machine was truly empty, the was only hardwired COMMAND.COM running.

em-bee
well, that wasn't obvious to me. thank you. so you did have access to the right executables, just no direct way to get them into the machine.

i only dabbled with old unix workstations. the oldest one being a machine from 1989 running apollo domain OS. and i remember booting an AIX workstation into some kind of rescue mode and using ed to fix config files (fstab probably) to allow it to boot.

Every one of this guy's SIGBOVIK papers/videos are pure gold. His video about the printable x86[1] is my favorite engineering video of all time.

^1: https://www.youtube.com/watch?v=LA_DrBwkiJA

pdkl95
LOL... from "Reverse emulating the NES to give it SUPER POWERS!"[1] (which is insa^Wbizza^Wa very creative hack):

"The cartridge is the dual of the Nintendo."

[1] https://www.youtube.com/watch?v=ar9WRwCiSr0

edit: for a very impressive variation on the SMW "joke" in [1], I recommend this[2] video of TASbot streaming Skype realtime to [2xNES, SNES+SuperGameBoy] through the controller ports.

[2] https://www.youtube.com/watch?v=7CgXvIuZR40

phaedrus
"Now, for good reasons that I will explain later, this paper must contain 8,224 repetitions of the string "~~Q(", another weird flower."

Quotes like this from the paper put me in mind of exposition from a Culture series (Iain Banks) novel.

He's a mad genius! I like his compiler that generates executables made up only of printable characters: https://www.youtube.com/watch?v=LA_DrBwkiJA / https://news.ycombinator.com/item?id=16312317

He's super playful and awesomely smart!

There's a nice video that does a great job of walking through what is happening here: https://www.youtube.com/watch?v=LA_DrBwkiJA
bringtheaction
That is demoscene level awesomeness! Kudos to the author. Excellent video as well. And not least, lovely ending <3
On The Turing Completeness of PowerPoint https://www.youtube.com/watch?v=uNjxe8ShM-8

Compiling C to printable x86, to make an executable research paper https://www.youtube.com/watch?v=LA_DrBwkiJA

HDR Photography in Microsoft Excel?! https://www.youtube.com/watch?v=bkQJdaGGVM8

Zebras All the Way Down https://www.youtube.com/watch?v=fE2KDzZaxvE

Solving Layout Problems with CSS Grid and Friends https://www.youtube.com/watch?v=2XkzpgWoYEI

Console Security - Switch https://media.ccc.de/v/34c3-8941-console_security_-_switch

Let's move SMM out of firmware and into the kernel https://www.youtube.com/watch?v=6GEaw4msq6g

Bringing Linux back to server boot ROMs with NERF and Heads https://media.ccc.de/v/34c3-9056-bringing_linux_back_to_serv...

Sharing the Chisel https://youtu.be/2C8F7GBRluY?t=11m31s (looks like the actual conference video wasn't released)

Jun 05, 2017 · 3 points, 0 comments · submitted by mpweiher
and you can make plain text files that are executable in x86 land:

https://www.youtube.com/watch?v=LA_DrBwkiJA

obituary_latte
That was AWESOME. Thanks for sharing.
Apr 01, 2017 · 116 points, 11 comments · submitted by JoshTriplett
shakna
Damn. No mov (no movfuscator approach), and no interrupts. And only jumping forwards, so no loops, they have to be unfolded in the compiler.

This is awesome.

loup-vaillant
Actually, there are loops: jumps are performed modulo 2^16, so jumping past the end of the program actually wraps back to the beginning. By dividing the program into blocks, and jump as many times as required, you can perform loops. Just one problem: it takes a looong time.
jsjohnst
Movfuscator is comparably just as slow or worse.
gallerdude
Totally recommend Dr. Tom PhD. Made a great video on automatically making NES games 3D.
None
None
techwizrd
The brown paper and explanations reminded me of a Numberphile video (another good channel to check out on YouTube). I'm very impressed out how he was able to break down what he did and explain it simply.
JoshTriplett
Likewise; that impressed me just as much as the details themselves did. An explanation that clear is a rare thing.

I actually appreciated the degree to which he glossed over certain things. For instance, he described a register as a temporary thing inside the processor, and then described the stack the same way. For the purposes of the explanation he gave, it doesn't matter that the stack actually lives in memory. And anyone who already knows about the stack will already know that.

danbruc
I wonder why he implemented a | b as (a & b) - ((a ^ b ^ -1) + 1) instead of (a & b) ^ a ^ b which seems much easier.
infogulch
He acknowledged this in the comments and said that he didn't notice! But also that using add demonstrated the point he was making much better: decompose an inaccessible desired instruction into a longer series of accessible instructions. I agree.
cwyers
That was amazing.
hprotagonist
tom7 is a crazy man :D
saagarjha
Did not expect to get rickrolled while learning about assembly…
Apr 01, 2017 · 2 points, 0 comments · submitted by metin-konrad
Mar 31, 2017 · 3 points, 0 comments · submitted by dustmop
Mar 31, 2017 · 4 points, 0 comments · submitted by dgellow
HN Theater is an independent project and is not operated by Y Combinator or any of the video hosting platforms linked to on this site.
~ yaj@
;laksdfhjdhksalkfj more things
yahnd.com ~ Privacy Policy ~
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.