#1
|
|||
|
|||
Wanted: old DOS debugger s-ice v1.03 & v2.1
As I remember well, I teached myself assembly language
by studying DOS viruses. Now I want to reactivate my favorite debugger s-ice under DosBox or Bochs so that I can debug old viruses, but I found that s-ice v2.8 crashed under DosBox & Bochs. Bochs seems good to start s-ice v2.8, yet if I press F8 to step, it crashes. I have tried debugging s-ice by using both of Bochs' internal debugger and Ollydbg which debugs Bochs, and found that s-ice crashed at address cs:0x6F2E. When s-ice starts, I LDR some exe say hello.exe, then I press Ctrl+C in Bochs console window, and command "vb cs:0x6F2E" and further command "continue" , finally I press F8 in s-ice, the breakpoint just set will be triggered, now, if I command "s" to single step in Bochs console, IP will be set to the entry point of an exception handler instead of the first instruction of the far call located at cs:0x6F2E. Though Bochs is open source, yet I felt much hard to locate the bug, further more, s-ice's "bpmb addr x" & "bpint" commands do not work in Bochs. I want s-ice 1.03 & 2.1 which were reported to work under DosBox, so that I can make a comparing with 2.8. Thank you. |
#2
|
||||
|
||||
dosbox author's suggestion is to use dosbox internal debugger
https://www.vogons.org/viewtopic.php?t=15940
__________________
AKA Solomon/blowfish. |
#3
|
|||
|
|||
Finally, I found DOS s-ice v2.0 on the internet, yet
my experiments proved that the old s-ice could not work under DosBox or Bochs, the so-called good working report is actually a fake. If anyone is interested in this very old stuff, pls download it at the following link: http://blog.cnstock.com/UploadFiles/...2051358848.zip Is there anybody to give me a clue to making s-ice work under Bochs? If I give up Bochs, any suggestion to a substitution for Bochs? Thanks. Last edited by BlackWhite; 06-07-2020 at 21:10. |
The Following User Says Thank You to BlackWhite For This Useful Post: | ||
niculaita (06-08-2020) |
#4
|
||||
|
||||
If your goal is to get softice working, I think it would be most practical to create a virtual machine with Windows 98, or the latest supported by your target application, and run it from there. You also have the alternate option of using the ring 3 debugger TRW2000.
__________________
"As the island of our knowledge grows, so does the shore of our ignorance." John Wheeler |
The Following User Says Thank You to chessgod101 For This Useful Post: | ||
niculaita (06-08-2020) |
#5
|
|||
|
|||
Quote:
Because I want to use sice as a best choice to teach my students to debug old DOS viruses. |
#6
|
||||
|
||||
I don't judge or anything. But are you sure they need it? As I remember my university course about viruses and it was about DOS. It was like I stepped into a time machine and travelled ~20 years back. It was a completely useless and outdated experience.
|
#7
|
||||
|
||||
Quote:
However, like Archer, I question the practicality of this teaching approach. A "back in my day, we did it this way" approach to teaching, though it certainly will give students an appreciation for technological advances, may not carry over very well to modern approaches. It would be a similar concept to teaching a Spanish major Latin prior to teaching him Spanish because its roots are founded in Latin. It doesn't seem very practical. This is merely my opinion though. It is also important to note that depending on your country of origin's adherence to the Digital Millennium Copyright Act(DMCA), having students use SoftIce, a program classified as commercial abandonware, is a legal gray area. Legally speaking, it is still considered piracy by definition.
__________________
"As the island of our knowledge grows, so does the shore of our ignorance." John Wheeler |
The Following 2 Users Say Thank You to chessgod101 For This Useful Post: | ||
BlackWhite (06-08-2020), danrevella (12-04-2021) |
#8
|
|||
|
|||
Quote:
I believe, to master the concept of interrupt, DOS is still a best choice; And, to practice the hooking techique, DOS is unparallable to Windows or Linux, because it is simple; Surely, the course is not limited to DOS, Windows and Linux are also concerned. |
#9
|
|||
|
|||
As said Archer:"As I remember my university course about viruses and it was about DOS. It was like I stepped into a time machine and travelled ~20 years back. It was a completely useless and outdated experience."
you said:"Because I want to use sice as a best choice to teach my students to debug old DOS viruses." It's a no way to teach them oldies,think that students need to learn actual methods to become the next generation of coders,reverse engineering.
__________________
I like this forum! |
#10
|
|||
|
|||
If you wish to teach BIOS interrupts you still dont need sice. Yes modern Windows hides these though they are still there. Just write assembler, compile it and copy the machine code to sector 0 of a USB disk and MBR boot it though you have to load more sectors if you want more than 256 bytes. Can write this into the asm just look how any MBR asm works. Then you could load sector 1 and start running any asm.
Now you taught BIOS interrupts, master boot area, boot load process, real mode assembler, etc. Of course you can also do it in a ISO booted VM even better. Debugging requires an in circuit emulator in this context so instead just use lots of int21h calls to write messages. The asm construction and writing raw sectors to the USB or ISO and the fake MBR are all real work but I'd love to see this idea on github just for fun and learning. |
The Following User Says Thank You to chants For This Useful Post: | ||
BlackWhite (06-09-2020) |
#11
|
|||
|
|||
Even me have try to run Softice for dos in an emulated environment, but I always failed.
Wmvare is able (with some limitations) to run Softice for window, but not softice for dos :-( |
#12
|
|||
|
|||
best DOS debugger I've ever seen is
avputil.com (.com file, not a site) 36.6 KB in size amazing stuff |
The Following User Says Thank You to sendersu For This Useful Post: | ||
BlackWhite (06-18-2020) |
#13
|
||||
|
||||
debug.exe from old windows too
__________________
Decode and Conquer |
#14
|
|||
|
|||
Check http:// old-dos. ru/index.php?page=files&mode=files&do=list&cat=229&id=5
|
The Following User Says Thank You to Pansemuckl For This Useful Post: | ||
BlackWhite (06-18-2020) |
#15
|
|||
|
|||
TRW 2000
TRW 2000 was the best debugger for me for DOS applications. We used to load some script to fool microcosm protection ccmove.exe once we had an valid license TR really helped at that time. Its an cool debugger.
Nice old days now vaporised. Sope! |
|
|