Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 06-11-2013, 15:35
deepzero's Avatar
deepzero deepzero is offline
VIP
 
Join Date: Mar 2010
Location: Europe
Posts: 243
Rept. Given: 100
Rept. Rcvd 60 Times in 38 Posts
Thanks Given: 104
Thanks Rcvd at 112 Times in 59 Posts
deepzero Reputation: 60
IDA and bochs

Hi,

i am trying to setup IDA PRO to run with Bochs, but no luck.

OS: xp sp3 x86 VM
IDA: IDA PRO 6.1 (leaked version, no way i can afford the real deal...yet)
Bochs: latest 2.6.2 (but i also tried some older versions)

When i select IDB mode and try to run it anyways, i get two error messages ("failed to run bochs...", see screenshot). IDA freezes for several settings, dumps below text to the output and presents me with debugger settings (screenshot).
Ida output:


Quote:
Starting emulation at 40102E ending emulation at 40104E
00000000000i[ ] reading configuration from C:\Documents and Settings\admin\Desktop\custom.bochsrc
00000000000p[CTRL ] >>PANIC<< optional plugin 'vga_update_interval' not found
00000000000e[CTRL ] notify called, but no bxevent_callback function is registered
========================================================================
Bochs is exiting with the following message:
[CTRL ] optional plugin 'vga_update_interval' not found
========================================================================
00000000000i[CPU0 ] CPU is in real mode (active)
00000000000i[CPU0 ] CS.mode = 16 bit
00000000000i[CPU0 ] SS.mode = 16 bit
00000000000i[CPU0 ] EFER = 0x00000000
00000000000i[CPU0 ] | EAX=00000000 EBX=00000000 ECX=00000000 EDX=00000000
00000000000i[CPU0 ] | ESP=00000000 EBP=00000000 ESI=00000000 EDI=00000000
00000000000i[CPU0 ] | IOPL=0 id vip vif ac vm rf nt of df if tf sf ZF af PF cf
00000000000i[CPU0 ] | SEG sltr(index|ti|rpl) base limit G D
00000000000i[CPU0 ] | CS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | DS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | SS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | ES:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | FS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | GS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | EIP=00000000 (00000000)
00000000000i[CPU0 ] | CR0=0x00000000 CR2=0x00000000
00000000000i[CPU0 ] | CR3=0x00000000 CR4=0x00000000
00000000000i[CTRL ] quit_sim called with exit code 1
Screenshot:

http://i.imgur.com/vUhess1.png

What do i do wrong? Wrong Bochs version?
As i said, ai tried a couple of older ones, too. Which version is advised for 6.1 use?

Running bochs 2.6 gives a slightly different error output:


Quote:
Starting emulation at 409540 ending emulation at 40955D
00000000000i[ ] reading configuration from C:\\protection_id.bochsrc
00000000000e[ ] C:\\protection_id.bochsrc:22: 'vga_update_interval' will be replaced by new 'vga: update_freq' option.
00000000000e[ ] C:\\protection_id.bochsrc:24: 'keyboard_serial_delay' will be replaced by new 'keyboard' option.
00000000000e[ ] C:\\protection_id.bochsrc:25: 'keyboard_paste_delay' will be replaced by new 'keyboard' option.
00000000000p[CTRL ] >>PANIC<< optional plugin 'pnic' not found
00000000000e[CTRL ] notify called, but no bxevent_callback function is registered
========================================================================
Bochs is exiting with the following message:
[CTRL ] optional plugin 'pnic' not found
========================================================================
00000000000i[CPU0 ] CPU is in real mode (active)
00000000000i[CPU0 ] CS.mode = 16 bit
00000000000i[CPU0 ] SS.mode = 16 bit
00000000000i[CPU0 ] EFER = 0x00000000
00000000000i[CPU0 ] | EAX=00000000 EBX=00000000 ECX=00000000 EDX=00000000
00000000000i[CPU0 ] | ESP=00000000 EBP=00000000 ESI=00000000 EDI=00000000
00000000000i[CPU0 ] | IOPL=0 id vip vif ac vm rf nt of df if tf sf ZF af PF cf
00000000000i[CPU0 ] | SEG sltr(index|ti|rpl) base limit G D
00000000000i[CPU0 ] | CS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | DS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | SS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | ES:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | FS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | GS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | EIP=00000000 (00000000)
00000000000i[CPU0 ] | CR0=0x00000000 CR2=0x00000000
00000000000i[CPU0 ] | CR3=0x00000000 CR4=0x00000000
00000000000i[CTRL ] quit_sim called with exit code 1


Hope someone can help me out here!

d.


p.s.
Also see my increasingly desperate thread at woody:
http://www.woodmann.com/forum/showthread.php?15209-IDA-6-1-and-Bochs
Reply With Quote
  #2  
Old 06-11-2013, 15:50
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 847
Rept. Given: 324
Rept. Rcvd 216 Times in 110 Posts
Thanks Given: 168
Thanks Rcvd at 353 Times in 200 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Hi deepzero
I've recently doing same task and you know what?
IDA (6.1) is not compatible with latest bochs editions!
I was able to run the one mentioned in ida bochs page (find for IDA_debugging_bochs.pdf)
Once you succeed with thta old version, try to setup each newer one (by the major build)
good luck
Reply With Quote
The Following User Gave Reputation+1 to sendersu For This Useful Post:
deepzero (06-11-2013)
  #3  
Old 06-11-2013, 15:55
deepzero's Avatar
deepzero deepzero is offline
VIP
 
Join Date: Mar 2010
Location: Europe
Posts: 243
Rept. Given: 100
Rept. Rcvd 60 Times in 38 Posts
Thanks Given: 104
Thanks Rcvd at 112 Times in 59 Posts
deepzero Reputation: 60
Which version are you using?
I tried 262, 260, 252, 251...no luck.
Reply With Quote
  #4  
Old 06-11-2013, 17:07
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 847
Rept. Given: 324
Rept. Rcvd 216 Times in 110 Posts
Thanks Given: 168
Thanks Rcvd at 353 Times in 200 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
try from mentioned one - 2.3.7 (it worked for me)
and I've tried one more major - 2.4.6 was also fine
Reply With Quote
The Following User Gave Reputation+1 to sendersu For This Useful Post:
deepzero (06-11-2013)
  #5  
Old 06-11-2013, 17:40
deepzero's Avatar
deepzero deepzero is offline
VIP
 
Join Date: Mar 2010
Location: Europe
Posts: 243
Rept. Given: 100
Rept. Rcvd 60 Times in 38 Posts
Thanks Given: 104
Thanks Rcvd at 112 Times in 59 Posts
deepzero Reputation: 60
Indeed, 246 works fine!
I should have tried more older versions.

Thanks!
Reply With Quote
  #6  
Old 06-02-2017, 09:15
chants chants is offline
Family
 
Join Date: Jul 2016
Posts: 559
Rept. Given: 6
Rept. Rcvd 35 Times in 21 Posts
Thanks Given: 472
Thanks Rcvd at 835 Times in 392 Posts
chants Reputation: 35
Bochs 2.6.9 was released on April 9th, 2017 and is now available at https://sourceforge.net/projects/boc...d?source=files in case anyone is still interested in experimenting with it and IDA Pro.
Reply With Quote
The Following User Says Thank You to chants For This Useful Post:
niculaita (06-02-2017)
  #7  
Old 06-07-2017, 00:21
nuemga2000 nuemga2000 is offline
Friend
 
Join Date: Jan 2002
Posts: 52
Rept. Given: 1
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 0
Thanks Rcvd at 4 Times in 4 Posts
nuemga2000 Reputation: 2
Quote:
Originally Posted by chants View Post
Bochs 2.6.9 was released on April 9th, 2017 and is now available at https://sourceforge.net/projects/boc...d?source=files in case anyone is still interested in experimenting with it and IDA Pro.
Did not work for me
Reply With Quote
  #8  
Old 06-07-2017, 02:38
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 847
Rept. Given: 324
Rept. Rcvd 216 Times in 110 Posts
Thanks Given: 168
Thanks Rcvd at 353 Times in 200 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Put details, errors, screens, what was done, etc
otehrwise you say 0 info
Reply With Quote
  #9  
Old 06-08-2017, 04:51
SinaDiR SinaDiR is offline
Friend
 
Join Date: Aug 2005
Location: Recycle Bin
Posts: 106
Rept. Given: 15
Rept. Rcvd 29 Times in 18 Posts
Thanks Given: 123
Thanks Rcvd at 178 Times in 53 Posts
SinaDiR Reputation: 29
Several months ago I have the same problem with debugging kernel image, Bochs confused me a lot and my friend suggest me VirtualKD with windbg debugger which implemented in IDA and it was my key to solved the problem with some clicks and add 2 lines in vmx(VMWare) file, that was my experience and I know it's not your (specific)question but I thought it could be useful in current thread
Reply With Quote
The Following User Says Thank You to SinaDiR For This Useful Post:
niculaita (06-08-2017)
  #10  
Old 07-11-2020, 02:42
chants chants is offline
Family
 
Join Date: Jul 2016
Posts: 559
Rept. Given: 6
Rept. Rcvd 35 Times in 21 Posts
Thanks Given: 472
Thanks Rcvd at 835 Times in 392 Posts
chants Reputation: 35
Bochs 2.6.11 is released January 5th, 2020

Quote:
https://sourceforge.net/projects/bochs/files/bochs/2.6.11/
Changelog:
Quote:
Latest release: Bochs 2.6.11

Bochs 2.6.11 is a bugfix release. Here is the summary of changes :
General
Added 64-bit support to the NSIS installer script
Several fixes in the build system based on Debian patches
CPU / CPUDB
Bugfixes for CPU emulation correctness
Many critical bugfixes for Protection Keys, AVX512*, VMX/SVM, SHA, GFNI emulation
! Implemented CET (Control Flow Enforcement Technology) emulation according to Intel SDM rev071
I/O Devices
Added missing Cirrus SVGA bitblt feature "transparent color compare"
Some fixes in HPET emulation (patch by Oleg)
Fixed disk image lock mechanism in the USB MSD case
BIOS / VGABIOS
LGPL'd VGABIOS updated to version 0.7b (Fixed VESA extension 'read EDID' for Bochs VBE and Cirrus)
Updated SeaBIOS ROM image to current version 1.13.0
Added SeaVGABIOS ROM image for the Cirrus adapter
Bochs BIOS built to work with CPU level 5 again
The binary packages for Linux and Windows are built with these features :
x86-64 emulation with all optimizations enabled
devices:
chipset: PCI (i430FX / i440FX / i440BX), ACPI
video: Bochs VBE, Cirrus SVGA and 4 Voodoo models
sound: SB16 (ISA) and ES1370 (PCI)
network: NE2000 (ISA/PCI) and E1000 (PCI)
USB: OHCI, UHCI, EHCI, xHCI and 8 pluggable device types
other: game port, bus mouse
Display libraries:
Linux: nogui, rfb, sdl2, term, vncsrv, wx, x
Windows: nogui, rfb, win32
Details on what has changed since version 2.6.10


Previous release: Bochs 2.6.10

Bochs 2.6.10 is an intermediate (bugfix+) release. Here is the summary of changes :
CPU: Bugfixes for CPU emulation correctness (critical bugfixes for PCID, ADCX/ADOX, MOVBE, AVX/AVX-512 and VMX emulation)
CPU: implemented AVX-512 VBMI2/VNNI/BITALG, VAES, VPCLMULQDQ / GFNI instructions emulation
VMX: Implement EPT-Based Sub-Page Protection
CPUID: Added new CPU models Skylake-X, Cannonlake and Icelake-U
CPUID: Implemented side-channel attack prevention reporting and corresponding MSR registers, enabled for Icelake-U
Added basic support for the i440BX PCI/AGP chipset
Added basic Voodoo Banshee / Voodoo3 emulation support
Added basic DDC support for the VGA-compatible adapters
Implemented HPET emulation (ported from Qemu)
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 07:19.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX
( 1998 - 2020 )