Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 06-07-2020, 17:01
BlackWhite BlackWhite is offline
Friend
 
Join Date: Apr 2013
Posts: 60
Rept. Given: 4
Rept. Rcvd 4 Times in 3 Posts
Thanks Given: 9
Thanks Rcvd at 14 Times in 9 Posts
BlackWhite Reputation: 4
Wanted: old DOS debugger s-ice v1.03 & v2.1

As I remember well, I teached myself assembly language
by studying DOS viruses.
Now I want to reactivate my favorite debugger s-ice under
DosBox or Bochs so that I can debug old viruses, but I found
that s-ice v2.8 crashed under DosBox & Bochs. Bochs seems
good to start s-ice v2.8, yet if I press F8 to step, it crashes.
I have tried debugging s-ice by using both of Bochs' internal
debugger and Ollydbg which debugs Bochs, and found that
s-ice crashed at address cs:0x6F2E. When s-ice starts, I
LDR some exe say hello.exe, then I press Ctrl+C in Bochs
console window, and command "vb cs:0x6F2E" and further
command "continue" , finally I press F8 in s-ice, the breakpoint
just set will be triggered, now, if I command "s" to single step
in Bochs console, IP will be set to the entry point of an exception
handler instead of the first instruction of the far call located at
cs:0x6F2E.
Though Bochs is open source, yet I felt much hard to
locate the bug, further more, s-ice's "bpmb addr x" & "bpint"
commands do not work in Bochs.
I want s-ice 1.03 & 2.1 which were reported to work under
DosBox, so that I can make a comparing with 2.8.
Thank you.
Reply With Quote
  #2  
Old 06-07-2020, 18:18
WhoCares's Avatar
WhoCares WhoCares is offline
who cares
 
Join Date: Jan 2002
Location: Here
Posts: 366
Rept. Given: 9
Rept. Rcvd 13 Times in 11 Posts
Thanks Given: 19
Thanks Rcvd at 80 Times in 37 Posts
WhoCares Reputation: 13
dosbox author's suggestion is to use dosbox internal debugger

https://www.vogons.org/viewtopic.php?t=15940
__________________
AKA Solomon/blowfish.
Reply With Quote
  #3  
Old 06-07-2020, 21:03
BlackWhite BlackWhite is offline
Friend
 
Join Date: Apr 2013
Posts: 60
Rept. Given: 4
Rept. Rcvd 4 Times in 3 Posts
Thanks Given: 9
Thanks Rcvd at 14 Times in 9 Posts
BlackWhite Reputation: 4
Finally, I found DOS s-ice v2.0 on the internet, yet
my experiments proved that the old s-ice could not
work under DosBox or Bochs, the so-called good
working report is actually a fake.
If anyone is interested in this very old stuff, pls
download it at the following link:
http://blog.cnstock.com/UploadFiles/...2051358848.zip

Is there anybody to give me a clue to making s-ice work under Bochs?
If I give up Bochs, any suggestion to a substitution for Bochs?
Thanks.

Last edited by BlackWhite; 06-07-2020 at 21:10.
Reply With Quote
The Following User Says Thank You to BlackWhite For This Useful Post:
niculaita (06-08-2020)
  #4  
Old 06-07-2020, 23:03
chessgod101's Avatar
chessgod101 chessgod101 is offline
Co-Administrator
 
Join Date: Jan 2011
Location: United States
Posts: 506
Rept. Given: 2,104
Rept. Rcvd 668 Times in 209 Posts
Thanks Given: 504
Thanks Rcvd at 712 Times in 149 Posts
chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699
If your goal is to get softice working, I think it would be most practical to create a virtual machine with Windows 98, or the latest supported by your target application, and run it from there. You also have the alternate option of using the ring 3 debugger TRW2000.
__________________
"Real knowledge is to know the extent of one's ignorance." Confucius
Reply With Quote
The Following User Says Thank You to chessgod101 For This Useful Post:
niculaita (06-08-2020)
  #5  
Old 06-08-2020, 00:08
BlackWhite BlackWhite is offline
Friend
 
Join Date: Apr 2013
Posts: 60
Rept. Given: 4
Rept. Rcvd 4 Times in 3 Posts
Thanks Given: 9
Thanks Rcvd at 14 Times in 9 Posts
BlackWhite Reputation: 4
Quote:
Originally Posted by chessgod101 View Post
If your goal is to get softice working, I think it would be most practical to create a virtual machine with Windows 98, or the latest supported by your target application, and run it from there. You also have the alternate option of using the ring 3 debugger TRW2000.
My goal is not for sice working in Windows, but rather in DOS.
Because I want to use sice as a best choice to teach my students to
debug old DOS viruses.
Reply With Quote
  #6  
Old 06-08-2020, 02:25
Archer's Avatar
Archer Archer is offline
retired
 
Join Date: Aug 2005
Posts: 227
Rept. Given: 1
Rept. Rcvd 30 Times in 18 Posts
Thanks Given: 2
Thanks Rcvd at 343 Times in 49 Posts
Archer Reputation: 30
Quote:
Originally Posted by BlackWhite View Post
I want to use sice as a best choice to teach my students to
debug old DOS viruses.
I don't judge or anything. But are you sure they need it? As I remember my university course about viruses and it was about DOS. It was like I stepped into a time machine and travelled ~20 years back. It was a completely useless and outdated experience.
Reply With Quote
  #7  
Old 06-08-2020, 04:25
chessgod101's Avatar
chessgod101 chessgod101 is offline
Co-Administrator
 
Join Date: Jan 2011
Location: United States
Posts: 506
Rept. Given: 2,104
Rept. Rcvd 668 Times in 209 Posts
Thanks Given: 504
Thanks Rcvd at 712 Times in 149 Posts
chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699
Quote:
My goal is not for sice working in Windows, but rather in DOS.
Because I want to use sice as a best choice to teach my students to
debug old DOS viruses.
In that case, you can use an ms-dos virtual machine. They would have the full operating system experience without the hassles and limitations of dosbox or bochs.

However, like Archer, I question the practicality of this teaching approach. A "back in my day, we did it this way" approach to teaching, though it certainly will give students an appreciation for technological advances, may not carry over very well to modern approaches. It would be a similar concept to teaching a Spanish major Latin prior to teaching him Spanish because its roots are founded in Latin. It doesn't seem very practical. This is merely my opinion though.

It is also important to note that depending on your country of origin's adherence to the Digital Millennium Copyright Act(DMCA), having students use SoftIce, a program classified as commercial abandonware, is a legal gray area. Legally speaking, it is still considered piracy by definition.
__________________
"Real knowledge is to know the extent of one's ignorance." Confucius
Reply With Quote
The Following User Says Thank You to chessgod101 For This Useful Post:
BlackWhite (06-08-2020)
  #8  
Old 06-08-2020, 12:33
BlackWhite BlackWhite is offline
Friend
 
Join Date: Apr 2013
Posts: 60
Rept. Given: 4
Rept. Rcvd 4 Times in 3 Posts
Thanks Given: 9
Thanks Rcvd at 14 Times in 9 Posts
BlackWhite Reputation: 4
Quote:
Originally Posted by Archer View Post
I don't judge or anything. But are you sure they need it? As I remember my university course about viruses and it was about DOS. It was like I stepped into a time machine and travelled ~20 years back. It was a completely useless and outdated experience.
Though, DOS is too old, yet
I believe, to master the concept of interrupt, DOS is still a best choice;
And, to practice the hooking techique, DOS is unparallable to Windows or Linux,
because it is simple;
Surely, the course is not limited to DOS, Windows and Linux are also
concerned.
Reply With Quote
  #9  
Old 06-09-2020, 00:25
bolo2002 bolo2002 is offline
VIP
 
Join Date: Apr 2002
Posts: 471
Rept. Given: 101
Rept. Rcvd 11 Times in 10 Posts
Thanks Given: 129
Thanks Rcvd at 163 Times in 110 Posts
bolo2002 Reputation: 11
As said Archer:"As I remember my university course about viruses and it was about DOS. It was like I stepped into a time machine and travelled ~20 years back. It was a completely useless and outdated experience."

you said:"Because I want to use sice as a best choice to teach my students to
debug old DOS viruses."
It's a no way to teach them oldies,think that students need to learn actual methods to become the next generation of coders,reverse engineering.
__________________
I like this forum!
Reply With Quote
  #10  
Old 06-09-2020, 07:21
chants chants is offline
Family
 
Join Date: Jul 2016
Posts: 558
Rept. Given: 6
Rept. Rcvd 35 Times in 21 Posts
Thanks Given: 472
Thanks Rcvd at 833 Times in 390 Posts
chants Reputation: 35
If you wish to teach BIOS interrupts you still dont need sice. Yes modern Windows hides these though they are still there. Just write assembler, compile it and copy the machine code to sector 0 of a USB disk and MBR boot it though you have to load more sectors if you want more than 256 bytes. Can write this into the asm just look how any MBR asm works. Then you could load sector 1 and start running any asm.
Now you taught BIOS interrupts, master boot area, boot load process, real mode assembler, etc.

Of course you can also do it in a ISO booted VM even better.

Debugging requires an in circuit emulator in this context so instead just use lots of int21h calls to write messages.

The asm construction and writing raw sectors to the USB or ISO and the fake MBR are all real work but I'd love to see this idea on github just for fun and learning.
Reply With Quote
The Following User Says Thank You to chants For This Useful Post:
BlackWhite (06-09-2020)
  #11  
Old 06-14-2020, 20:27
danrevella danrevella is offline
Friend
 
Join Date: Dec 2019
Location: Italy
Posts: 13
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 15
Thanks Rcvd at 2 Times in 2 Posts
danrevella Reputation: 0
Even me have try to run Softice for dos in an emulated environment, but I always failed.
Wmvare is able (with some limitations) to run Softice for window, but not softice for dos :-(
Attached Images
File Type: jpg Softice dos.jpg (419.1 KB, 2 views)
Reply With Quote
  #12  
Old 06-15-2020, 00:35
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 847
Rept. Given: 324
Rept. Rcvd 216 Times in 110 Posts
Thanks Given: 168
Thanks Rcvd at 353 Times in 200 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
best DOS debugger I've ever seen is
avputil.com (.com file, not a site)
36.6 KB in size
amazing stuff
Reply With Quote
The Following User Says Thank You to sendersu For This Useful Post:
BlackWhite (06-18-2020)
  #13  
Old 06-15-2020, 02:09
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,169
Rept. Given: 873
Rept. Rcvd 85 Times in 57 Posts
Thanks Given: 2,852
Thanks Rcvd at 436 Times in 313 Posts
niculaita Reputation: 85
debug.exe from old windows too
__________________
Decode and Conquer
Reply With Quote
  #14  
Old 06-15-2020, 23:04
Pansemuckl Pansemuckl is offline
Friend
 
Join Date: Nov 2005
Posts: 33
Rept. Given: 5
Rept. Rcvd 4 Times in 2 Posts
Thanks Given: 14
Thanks Rcvd at 39 Times in 14 Posts
Pansemuckl Reputation: 4
Check http:// old-dos. ru/index.php?page=files&mode=files&do=list&cat=229&id=5
Reply With Quote
The Following User Says Thank You to Pansemuckl For This Useful Post:
BlackWhite (06-18-2020)
  #15  
Old 06-18-2020, 14:38
sope sope is offline
Friend
 
Join Date: May 2016
Posts: 14
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 7
Thanks Rcvd at 14 Times in 8 Posts
sope Reputation: 0
TRW 2000

TRW 2000 was the best debugger for me for DOS applications. We used to load some script to fool microcosm protection ccmove.exe once we had an valid license TR really helped at that time. Its an cool debugger.

Nice old days now vaporised.
Sope!
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 02:06.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX
( 1998 - 2020 )