Thread: Best tools for reverse engineering dos programs?
View Single Post
  #15  
Old 11-09-2015, 20:07
an0rma1 an0rma1 is offline
Friend
  
Join Date: Feb 2002
Posts: 202
Rept. Given: 101
Rept. Rcvd 29 Times in 17 Posts
Thanks Given: 350
Thanks Rcvd at 99 Times in 40 Posts
an0rma1 Reputation: 29
Hi, usually i try different approaches for debugging/reversing old DOS programs

1. Using a dos debugger under a old machine emulator

best dos debuggers are (in my opinion, there are many):
TR 2.52 by Liu Taotao (emulate instructions, very very good),
SoftIce (2.80 or 2.62, i remember 2.62 was better, but don't remember why) (also i don't think sice works under dosbox, maybe under Pcem)
Turbo Debugger o TD386 by Borland (3.1 or 5.0 versions are ok) (best gui ever)
Cup386 unpacker by Sage, contains a useful debugger, 3 versions, clasical, virtualized and emulated (a true work of art)
G3x by Wong Wing Kin, it s game oriented debugger, but useful, i've cracked many things with it

For running these programs in modern machines, i usually use dosbox (get last svn compiles in emucr.com),
but also i've set up a 486 emulated machine under PCem emulator (recently a 0.10 has been released)

Finally, dosbox has a emulated CPU debugger inside, but i've had problems using it, and sometimes don't work, but it's a very powerful option

2. Run these tools under a true dos box machine, an old 486 it's ok, but some very old softwares, need a 286, some antidebugger tricks don't work in "modern" machines (>386)

3. IDA disassembler for dos 16bit is very good, i always use it in another monitor while debugging with dosbox and TR, to make annotations, name functions, etc...

If you need some of these tools just ask me, i've already compiled a huge repository of old msdos tools time ago, and posted here, look for DOSEXE tools.

Also if you need it, i also compiled a huge pack of DOS compilers and linkers, look for DOSEXE compilers pack, already posted in this forum

if Links are not working or whatever just ask me

DOS cracking and reversing is very fun for me, i prefer it to modern windows protections

edit:
I've tried many times to use ida plugin for dos debugging with dosbox, but not been able to make it working.
Also take in account that many tips in this thread are plain wrong, for debugging old 16bit dos programs you need specific programs, not common modern tools.
Reply With Quote
The Following User Says Thank You to an0rma1 For This Useful Post:
niculaita (11-09-2015)