64-bit Windows Assembly is a powerful tool that offers unparalleled control over a system. While the syntax and rules—such as stack alignment and register-based argument passing—can be rigid, they provide a structured environment for writing highly efficient code. By mastering these fundamentals, you gain a deeper appreciation for how the Windows operating system executes every instruction under the hood.
To write a program, you typically use an assembler like NASM (Netwide Assembler) or MASM (Microsoft Macro Assembler). Below is a conceptual look at what a "Hello World" program looks like using the Windows API function WriteFile . Introduction to 64 Bit Windows Assembly Program...
RSI, RDI: Source and destination index registers, often used for string operations. 64-bit Windows Assembly is a powerful tool that
Shadow Space: Even if a function takes fewer than four arguments, the caller must reserve 32 bytes of "shadow space" on the stack before making the call. This space allows the called function to save those four register-based arguments if necessary. To write a program, you typically use an
; External Windows functions extern GetStdHandle extern WriteFile extern ExitProcess section .data msg db "Hello, 64-bit World!", 0 msg_len equ $ - msg section .bss bytes_written resq 1 section .text global main main: sub rsp, 40 ; Reserve shadow space + align stack ; Get handle to standard output mov rcx, -11 ; STD_OUTPUT_HANDLE call GetStdHandle mov r12, rax ; Save handle in r12 ; Write to the console mov rcx, r12 ; Arg 1: Handle lea rdx, [rel msg] ; Arg 2: Buffer address mov r8, msg_len ; Arg 3: Length lea r9, [rel bytes_written] ; Arg 4: Pointer to written count mov qword [rsp + 32], 0 ; Arg 5: Overlapped (on stack) call WriteFile ; Exit the program xor rcx, rcx ; Return code 0 call ExitProcess Use code with caution. Copied to clipboard
Each of these registers can be accessed in smaller chunks. For example, the lower 32 bits of RAX are referred to as EAX, the lower 16 bits as AX, and the lower 8 bits as AL. The Windows x64 Calling Convention