Help With SoftIce

I'm sure you all have seen this a dozen times but when I do a search on the forums for "SoftIce" a message comes back "nothing found" so I apologize if this is redundant. I am new to cracking and reverse engineering and have tried to do a lot of research and have read as many articles as I could find on the subject. Why my search isn't working now ........I don't know. Anyway here is my situation; I have installed SoftIce "lite" from the FTP server. I have set video to universal. SoftIce loads fine and seems to be functioning. I'm trying to crack a program and follow a procedure as outlined by "The Sandman". The program is "pooldemo.exe". The instructions say to save all vectors before loading program "vecs s". This command is unrecognized is the message I receive. If I run the program and open SI the whole screen is filled with blocks of color. At this point I'm not sure where to begin with this. Is there maybe a better tut to start with or can someone help me with this?

Thanks in advance,
d

If I remember right, you are trying to follow +ORC's tutorial. Your problem is caused by the sice version - you need sice 2.6 or 2.8, those versions are for DOS. Those versions can be found on the net(try to look at Crackz's site), if you won't succeed, I can help you (I have them, along with some other tools).
Good luck,
least

Thanks least. I wondered if that might be the problem. I'm not used to running in DOS but maybe it would be a good lesson. Is there a good beginner tut to use the version of SI that I already have? I have seen so many tuts and they all seem to use a different version of SI. Any help or suggestions would be greatly appreciated.

Thanks again,
d

I'm affraid that with your current version of Sice you won't succeed, because if I remember right, +ORC uses features (like memory snaps) that is only in Sice for DOS v2.6 (?); If you don't want to run in DOS, consider trying VMWARE, it is virtual machine, where you can install any OS. I have one with DOS and both old versions of SICE installed and it seems to be usable.
On the other hand, when talking about newer Sice versions (lets say from 3.2), the commands aren't changing very much so it isn't big issue when you have other version.
Regards,
least

Thanks least. I appreciate the input. I will have a look at VMWARE and see if this works for me. On the other hand I would like also to try running in DOS. Can you tell me the beginnings of what I must do to load the programs or point me to a tut on DOS and how to load and run programs?

Again many thanks,
d

Well,
in VMWARE you can run dos, it is just like other PC;
Concerning the dos, I can write you some basic commands, but tomorow I'll put here help for MSDOS.

DIR lists files and directories
CD changes directory
A: example of change of the current disk to A: (diskette)
COPY copies file
MD make directory
DEL deletes file
RD remove directory

When you need help on certain command just type it with " /?" it will print help.
These are the basic, but for more user friendly environment try to look for some volkov commander or old norton commander
Hope it helps,
least

Thanks least this helps quite a bit. How do I get to DOS from 98 or XP?. Do I use the command line or do I have to boot to dos. One more thing, after I'm in DOS how do I run a program. This probably seems pretty elementary but I never have had any real need to learn DOS until now. I also have found a few helpful sites: hxxp://www.uv.tietgen.dk/staff/mlha/index.htm. Lots of good programming info there. Once again thanks for your help, it is very much appreciated.

d

For the first steps the commandline is good enough. But if you plan using Sice for dos, it have to be booted to dos. In XP there is no way how to do this I think; in W98 you can press F8 at the very start - it will show you menu where you can chose to run dos. The other thing is that you can write yourself structured config - it will let you choose the whole configuration.

But I would really recomend you to use that VMWARE - (it must seem to you like advertisment because if something goes wrong, then almost no harm is done, since you can backup those VMs. You can learn on it safely how to use fdisk, format, and other commands that you wouldn't try on your machine. Here you can practice safely...

Concerning running the files, just type in the filename and and press enter; beside that there are three types of executables - EXE,COM and BAT - exe and com are normal executables, bat are batch files. One more notice, there exists environment variable called path, it contains paths that are searched for executables. To be more clear - when you try to run executable, the system first looks into current directory, and then searches the path.
And the last thing - (I hope I remember it right) if files with the same name but different extensions, then bat is executed as default; if there is just com and exe then com is run.
Hope it helps,
least

Thanks again least. I have started exploring the command line a little. I ran into some problems but this is another issue related to a procedure I was trying to follow. I have downloaded VMware Workstation and have just received the 30-day trial serial (I hope this is the one you meant). I will have to work with this over the weekend and see what happens. Also thanks for the help file. All these things are helping out a lot. Got to go now.

Thanks again,
d

Few weeks ago there used to be VMWARE along with keygen you know where If it won't come back soon, I'll put it back. I also have install disks of good old MSDOS 6.2, so I can send them to you (or upload them somewhere 4x1.44MB).
Good luck,
least

Least, I so appreciate what you're doing. It's painful when you're struggling to understand and nothing is working. It is such a burden lifted when you find others who will help. The offer on the VMWARE and the DOS is super. I have been trying to bone up on DOS syntax and am anxious to get started again. With each start I get a little further. In one SI tut (SoftIce manual Release 2.5) they use a program called GDIDEMO (to debug as an example) and with DOS prompt C:\PROGRAM FILES\NUMEGA\DRIVERSTUDIO\SOFTICE\EXAMPLES\GDIDEMO>NMAKE. Must this be done to each program (NMAKE) before loading into symbol loader? Do you know where to get GDIDEMO.EXE?

Once again thanks so much,
d

In fact the nmake is program for automation of program compilation. It is part of (I think) every C compiler. Here it has debug info turned on (in the makefile), so when you debug it, you'll see to which lines the code belongs to. Also you need the exe to be run in the directory where sources are located. This means that this can be done only with programs, that you have with full source code. But this situation is quite rare in reality
The benefit is that you'll learn the basics.

To compile it, you have to load environment variables for your compiler, then run nmake with the right parameters (nmake /f makefile).
Good luck,
least

Thanks least. That��s interesting information. I found a printout of GDIDEMO done in C++ and I have installed Borland Turbo C++ (ver 3.0). With a little bit of luck I should be able to create the program and run the tut. Any suggestions?
Thanks,
d

Suggestions? Well, check a mail
You should have two new things there (gdidemo too).

PS. Isn't that C you installed for DOS? If yes then you probably will have problems, since the program is made for windows(95 at least I think).

Ok least. I checked mail, nothing there except ads. If you sent something it didn't make it. Yes you're right. C was for dos...I didn't think about that. I also downloaded some other versions from ftp but haven't had time to work with yet. Also I checked my e-mail address and it seems to be ok.

Thanks again,
d