assembly on X86 machines, Windows vs Linux

Question

Are they the same?

Longer version :

Say I wrote, in assembly, on a windows machine, a small app that all it does is add 1+1 and stores it in a register. THEN, I write the exact same code on a Linux machine. Would it work?

Im thinking yes, because at the hardware level, its the same machine, so the 'language of the hardware' (forgive the inexactness) would be the same.

So Im thinking a virus targeting windows but written in assembly wouldnt just be a windows virus.

Answer 1

A virus will most certainly need to interact with the operating system, and use its API. Hence it is highly platform-dependant.

In addition, an executable also has a header, and this will depend on the targeted OS. If you would create a more or less empty EXE file in Windows, this would not run (not even start) under Linux.

Answer 2

Yes and no.

The small snippet that adds 1+1 and stores it in a register is going to be exactly the same machine code -- that is, the code that run on the processor is the same no matter what the operating system.

However, you need to surround that code with other bits that interact with the OS to make your program meaningful -- you would never know that your code actually correctly stored 2 in eax if it didn't output to somewhere, for example.

Interestingly, projects like Wine allow for cross-platform interoperability by providing under Linux the same API calls that the program would expect to find under Windows, as well as providing the appropriate logic to allow Linux to properly decode a Windows executable. So, with Wine support, some Windows viruses can actually run under Windows. It may take some work, but you can make it happen.

And no, Wine doesn't have to recompile the Windows programs -- it does, in fact, run the machine code stored in the EXEs directly on the processor.