home *** CD-ROM | disk | FTP | other *** search
open in: 
MacOS 8.1
|
Win98
|
DOS
view JSON data
|
view as text
This file was processed as: Mailbox/MIME Entity
(archive/mbox).
You can browse this item here: ANTI-D.TXT
| Confidence | Program | Detection | Match Type | Support
|
|---|
| 100%
| dexvert
| Mailbox/MIME Entity (archive/mbox)
| magic
| Supported |
| 100%
| dexvert
| Internet Message Format (text/imf)
| magic
| Supported |
| 1%
| dexvert
| Swift 3D 3D Graphic (poly/swift3D3DGraphic)
| ext
| Unsupported |
| 1%
| dexvert
| Boost Text serialization (other/boostTextSerialization)
| ext
| Unsupported |
| 1%
| dexvert
| Text File (text/txt)
| fallback
| Supported |
| 100%
| file
| Mailbox text, 1st line "From dse@pacific.net Sun Aug 21 16:22:06 1994", ASCII text
| default
| |
| 100%
| TrID
| E-Mail message (Var. 2)
| default
| |
| 100%
| checkBytes
| Printable ASCII
| default
| |
| 100%
| perlTextCheck
| Likely Text (Perl)
| default
| |
| 100%
| siegfried
| x-fmt/111 Plain Text File
| default
| |
| 100%
| gt2
| Textdatei (UNIX)
| default
| |
| 100%
| detectItEasy
| Format: plain text[LF]
| default (weak)
| |
| 100%
| xdgMime
| application/mbox
| default
|
|
hex view+--------+-------------------------+-------------------------+--------+--------+
|00000000| 46 72 6f 6d 20 64 73 65 | 40 70 61 63 69 66 69 63 |From dse|@pacific|
|00000010| 2e 6e 65 74 20 53 75 6e | 20 41 75 67 20 32 31 20 |.net Sun| Aug 21 |
|00000020| 31 36 3a 32 32 3a 30 36 | 20 31 39 39 34 0a 4e 65 |16:22:06| 1994.Ne|
|00000030| 77 73 67 72 6f 75 70 73 | 3a 20 61 6c 74 2e 6c 61 |wsgroups|: alt.la|
|00000040| 6e 67 2e 61 73 6d 0a 46 | 72 6f 6d 3a 20 64 73 65 |ng.asm.F|rom: dse|
|00000050| 40 70 61 63 69 66 69 63 | 2e 6e 65 74 20 28 44 53 |@pacific|.net (DS|
|00000060| 45 20 53 6f 66 74 77 61 | 72 65 29 0a 53 75 62 6a |E Softwa|re).Subj|
|00000070| 65 63 74 3a 20 41 6e 74 | 69 2d 64 65 62 75 67 67 |ect: Ant|i-debugg|
|00000080| 69 6e 67 20 20 20 20 20 | 20 20 20 20 20 20 0a 4f |ing | .O|
|00000090| 72 67 61 6e 69 7a 61 74 | 69 6f 6e 3a 20 50 61 63 |rganizat|ion: Pac|
|000000a0| 69 66 69 63 20 49 6e 74 | 65 72 6e 65 74 0a 44 61 |ific Int|ernet.Da|
|000000b0| 74 65 3a 20 53 75 6e 2c | 20 32 31 20 41 75 67 20 |te: Sun,| 21 Aug |
|000000c0| 31 39 39 34 20 30 34 3a | 30 30 3a 32 35 20 47 4d |1994 04:|00:25 GM|
|000000d0| 54 0a 0a 2d 3e 20 41 6e | 79 62 6f 64 79 20 63 61 |T..-> An|ybody ca|
|000000e0| 6e 20 74 65 6c 6c 20 6d | 65 20 68 6f 77 20 74 6f |n tell m|e how to|
|000000f0| 20 64 6f 20 61 20 67 6f | 6f 64 20 61 6e 74 69 2d | do a go|od anti-|
|00000100| 64 65 62 75 67 67 69 6e | 67 20 72 6f 75 74 69 6e |debuggin|g routin|
|00000110| 65 0a 2d 3e 20 66 6f 72 | 20 70 72 6f 74 65 63 74 |e.-> for| protect|
|00000120| 69 6e 67 20 6d 79 20 61 | 73 6d 20 70 72 6f 67 72 |ing my a|sm progr|
|00000130| 61 6d 73 20 66 72 6f 6d | 20 63 75 72 69 6f 75 73 |ams from| curious|
|00000140| 20 65 79 65 73 3f 20 20 | 41 6c 73 6f 2c 0a 2d 3e | eyes? |Also,.->|
|00000150| 20 68 6f 77 20 63 61 6e | 20 49 20 66 6f 6f 6c 20 | how can| I fool |
|00000160| 53 6f 75 72 63 65 72 3f | 0a 0a 0a 20 20 20 20 20 |Sourcer?|... |
|00000170| 20 20 20 20 20 20 20 20 | 20 20 20 20 20 20 20 20 | | |
|00000180| 20 20 20 20 20 20 20 41 | 6e 74 69 20 44 65 62 75 | A|nti Debu|
|00000190| 67 67 69 6e 67 20 54 72 | 69 63 6b 73 0a 0a 20 20 |gging Tr|icks.. |
|000001a0| 20 20 20 20 20 20 20 20 | 20 20 20 20 20 20 20 20 | | |
|000001b0| 20 20 20 20 20 20 20 20 | 20 20 20 20 20 20 20 20 | | |
|000001c0| 20 20 20 42 79 3a 0a 0a | 20 20 20 20 20 20 20 20 | By:..| |
|000001d0| 20 20 20 20 20 20 20 20 | 20 20 20 20 20 20 20 20 | | |
|000001e0| 20 20 20 20 20 20 20 20 | 20 20 49 6e 62 61 72 20 | | Inbar |
|000001f0| 52 61 7a 0a 0a 20 20 20 | 20 20 20 20 20 20 20 20 |Raz.. | |
|00000200| 20 20 20 20 20 20 41 73 | 73 69 73 74 61 6e 63 65 | As|sistance|
|00000210| 20 62 79 20 45 64 65 6e | 20 53 68 6f 63 68 61 74 | by Eden| Shochat|
|00000220| 20 61 6e 64 20 59 6f 73 | 73 69 20 47 6f 74 74 6c | and Yos|si Gottl|
|00000230| 69 65 62 0a 0a 20 20 20 | 20 20 20 20 20 20 20 20 |ieb.. | |
|00000240| 20 20 20 20 20 20 20 20 | 20 20 20 20 20 20 20 20 | | |
|00000250| 20 20 20 20 52 65 6c 65 | 61 73 65 20 6e 75 6d 62 | Rele|ase numb|
|00000260| 65 72 20 35 0a 0a 20 20 | 54 6f 64 61 79 27 73 20 |er 5.. |Today's |
|00000270| 61 6e 74 69 20 64 65 62 | 75 67 67 69 6e 67 20 74 |anti deb|ugging t|
|00000280| 72 69 63 6b 73 20 64 65 | 76 69 64 65 20 69 6e 74 |ricks de|vide int|
|00000290| 6f 20 74 77 6f 20 63 61 | 74 65 67 6f 72 69 65 73 |o two ca|tegories|
|000002a0| 3a 0a 0a 20 20 31 2e 20 | 50 72 65 76 65 6e 74 69 |:.. 1. |Preventi|
|000002b0| 76 65 20 61 63 74 69 6f | 6e 73 3b 0a 20 20 32 2e |ve actio|ns;. 2.|
|000002c0| 20 53 65 6c 66 2d 6d 6f | 64 69 66 79 69 6e 67 20 | Self-mo|difying |
|000002d0| 63 6f 64 65 2e 0a 0a 20 | 20 4d 6f 73 74 20 64 65 |code... | Most de|
|000002e0| 62 75 67 67 69 6e 67 20 | 74 72 69 63 6b 73 2c 20 |bugging |tricks, |
|000002f0| 61 73 20 66 6f 72 20 74 | 6f 64 61 79 2c 20 61 72 |as for t|oday, ar|
|00000300| 65 20 75 73 65 64 20 77 | 69 74 68 69 6e 20 76 69 |e used w|ithin vi|
|00000310| 72 75 73 65 73 2c 20 69 | 6e 20 6f 72 64 65 72 20 |ruses, i|n order |
|00000320| 74 6f 0a 61 76 6f 69 64 | 20 64 69 73 2d 61 73 73 |to.avoid| dis-ass|
|00000330| 65 6d 62 6c 79 20 6f 66 | 20 74 68 65 20 76 69 72 |embly of| the vir|
|00000340| 75 73 2c 20 61 73 20 69 | 74 20 77 69 6c 6c 20 62 |us, as i|t will b|
|00000350| 65 20 65 78 61 6d 70 6c | 65 64 20 6c 61 74 65 72 |e exampl|ed later|
|00000360| 20 69 6e 20 74 68 69 73 | 20 66 69 6c 65 2e 0a 41 | in this| file..A|
|00000370| 6e 6f 74 68 65 72 20 6c | 61 72 67 65 20 70 6f 72 |nother l|arge por|
|00000380| 74 69 6f 6e 20 6f 66 20 | 61 6e 74 69 20 64 65 62 |tion of |anti deb|
|00000390| 75 67 67 69 6e 67 20 74 | 72 69 63 6b 73 20 69 73 |ugging t|ricks is|
|000003a0| 20 66 6f 75 6e 64 20 77 | 69 74 68 20 73 6f 66 74 | found w|ith soft|
|000003b0| 77 61 72 65 0a 70 72 6f | 74 65 63 74 69 6f 6e 20 |ware.pro|tection |
|000003c0| 70 72 6f 67 72 61 6d 73 | 2c 20 74 68 61 74 20 75 |programs|, that u|
|000003d0| 73 65 20 74 68 65 6d 20 | 69 6e 20 6f 72 64 65 72 |se them |in order|
|000003e0| 20 74 6f 20 6d 61 6b 65 | 20 74 68 65 20 63 72 61 | to make| the cra|
|000003f0| 63 6b 69 6e 67 20 6f 66 | 20 74 68 65 0a 70 72 6f |cking of| the.pro|
|00000400| 74 65 63 74 69 6f 6e 20 | 68 61 72 64 65 72 2e 0a |tection |harder..|
|00000410| 0a 31 2e 20 50 72 65 76 | 65 6e 74 69 76 65 20 61 |.1. Prev|entive a|
|00000420| 63 74 69 6f 6e 73 3a 0a | 2d 2d 2d 2d 2d 2d 2d 2d |ctions:.|--------|
|00000430| 2d 2d 2d 2d 2d 2d 2d 2d | 2d 2d 2d 2d 2d 2d 0a 0a |--------|------..|
|00000440| 20 20 50 72 65 76 65 6e | 74 69 76 65 20 61 63 74 | Preven|tive act|
|00000450| 69 6f 6e 73 20 61 72 65 | 2c 20 62 61 73 69 63 61 |ions are|, basica|
|00000460| 6c 6c 79 2c 20 61 63 74 | 69 6f 6e 73 20 74 68 61 |lly, act|ions tha|
|00000470| 74 20 74 68 65 20 70 72 | 6f 67 72 61 6d 20 74 61 |t the pr|ogram ta|
|00000480| 6b 65 73 20 69 6e 20 6f | 72 64 65 72 0a 74 6f 20 |kes in o|rder.to |
|00000490| 6d 61 6b 65 20 74 68 65 | 20 75 73 65 72 20 75 6e |make the| user un|
|000004a0| 61 62 6c 65 20 74 6f 20 | 64 69 73 2d 61 73 73 65 |able to |dis-asse|
|000004b0| 6d 62 6c 65 20 74 68 65 | 20 63 6f 64 65 20 6f 72 |mble the| code or|
|000004c0| 20 74 72 61 63 65 20 69 | 74 20 77 68 69 6c 65 20 | trace i|t while |
|000004d0| 72 75 6e 6e 69 6e 67 2e | 0a 0a 31 2e 31 2e 20 49 |running.|..1.1. I|
|000004e0| 6e 74 65 72 72 75 70 74 | 20 64 69 73 61 62 6c 65 |nterrupt| disable|
|000004f0| 3a 0a 0a 20 20 20 20 20 | 20 20 49 6e 74 65 72 72 |:.. | Interr|
|00000500| 75 70 74 20 64 69 73 61 | 62 6c 65 20 69 73 20 70 |upt disa|ble is p|
|00000510| 72 6f 62 61 62 6c 79 20 | 74 68 65 20 6d 6f 73 74 |robably |the most|
|00000520| 20 63 6f 6d 6d 6f 6e 20 | 66 6f 72 6d 20 6f 66 20 | common |form of |
|00000530| 61 6e 74 69 2d 64 65 62 | 75 67 67 69 6e 67 0a 20 |anti-deb|ugging. |
|00000540| 20 20 20 20 74 72 69 63 | 6b 73 2e 20 49 74 20 63 | tric|ks. It c|
|00000550| 61 6e 20 62 65 20 64 6f | 6e 65 20 69 6e 20 73 65 |an be do|ne in se|
|00000560| 76 65 72 61 6c 20 77 61 | 79 73 3a 0a 0a 20 20 20 |veral wa|ys:.. |
|00000570| 31 2e 31 2e 31 2e 20 48 | 61 72 64 77 61 72 65 20 |1.1.1. H|ardware |
|00000580| 6d 61 73 6b 69 6e 67 20 | 6f 66 20 69 6e 74 65 72 |masking |of inter|
|00000590| 72 75 70 74 3a 0a 0a 20 | 20 20 20 20 20 20 20 20 |rupt:.. | |
|000005a0| 20 20 20 49 6e 20 6f 72 | 64 65 72 20 74 6f 20 61 | In or|der to a|
|000005b0| 76 6f 69 64 20 74 72 61 | 63 69 6e 67 20 6f 66 20 |void tra|cing of |
|000005c0| 61 20 63 6f 64 65 2c 20 | 6f 6e 65 20 75 73 75 61 |a code, |one usua|
|000005d0| 6c 6c 79 20 64 69 73 61 | 62 6c 65 73 20 74 68 65 |lly disa|bles the|
|000005e0| 0a 20 20 20 20 20 20 20 | 20 20 20 69 6e 74 65 72 |. | inter|
|000005f0| 72 75 70 74 20 76 69 61 | 20 74 68 65 20 38 32 35 |rupt via| the 825|
|00000600| 39 20 49 6e 74 65 72 72 | 75 70 74 20 43 6f 6e 74 |9 Interr|upt Cont|
|00000610| 72 6f 6c 6c 65 72 2c 20 | 61 64 64 72 65 73 73 65 |roller, |addresse|
|00000620| 64 20 62 79 20 72 65 61 | 64 2f 77 72 69 74 65 0a |d by rea|d/write.|
|00000630| 20 20 20 20 20 20 20 20 | 20 20 61 63 74 69 6f 6e | | action|
|00000640| 73 20 74 6f 20 70 6f 72 | 74 20 32 31 68 2e 20 54 |s to por|t 21h. T|
|00000650| 68 65 20 38 32 35 39 20 | 49 6e 74 65 72 72 75 70 |he 8259 |Interrup|
|00000660| 74 20 43 6f 6e 74 72 6f | 6c 6c 65 72 20 63 6f 6e |t Contro|ller con|
|00000670| 74 72 6f 6c 73 20 74 68 | 65 20 49 52 51 0a 20 20 |trols th|e IRQ. |
|00000680| 20 20 20 20 20 20 20 20 | 6c 69 6e 65 73 2e 20 54 | |lines. T|
|00000690| 68 69 73 20 6d 65 61 6e | 73 20 74 68 61 74 20 61 |his mean|s that a|
|000006a0| 6e 79 20 49 52 51 20 62 | 65 74 77 65 65 6e 20 30 |ny IRQ b|etween 0|
|000006b0| 20 61 6e 64 20 37 20 6d | 61 79 20 62 65 20 64 69 | and 7 m|ay be di|
|000006c0| 73 61 62 6c 65 64 20 62 | 79 0a 20 20 20 20 20 20 |sabled b|y. |
|000006d0| 20 20 20 20 74 68 69 73 | 20 61 63 74 69 6f 6e 2e | this| action.|
|000006e0| 20 42 69 74 20 30 20 69 | 73 20 49 52 51 30 2c 20 | Bit 0 i|s IRQ0, |
|000006f0| 62 69 74 20 31 20 69 73 | 20 49 52 51 31 20 65 74 |bit 1 is| IRQ1 et|
|00000700| 63 2e 20 53 69 6e 63 65 | 20 49 52 51 31 20 69 73 |c. Since| IRQ1 is|
|00000710| 20 74 68 65 0a 20 20 20 | 20 20 20 20 20 20 20 6b | the. | k|
|00000720| 65 79 62 6f 61 72 64 20 | 69 6e 74 65 72 72 75 70 |eyboard |interrup|
|00000730| 74 2c 20 79 6f 75 20 6d | 61 79 20 64 69 73 61 62 |t, you m|ay disab|
|00000740| 6c 65 20 74 68 65 20 6b | 65 79 62 6f 61 72 64 20 |le the k|eyboard |
|00000750| 77 69 74 68 6f 75 74 20 | 74 68 65 0a 20 20 20 20 |without |the. |
|00000760| 20 20 20 20 20 20 64 65 | 62 75 67 67 65 72 20 62 | de|bugger b|
|00000770| 65 69 6e 67 20 61 62 6c | 65 20 74 6f 20 62 79 70 |eing abl|e to byp|
|00000780| 61 73 73 20 69 74 2e 0a | 0a 20 20 20 20 20 20 20 |ass it..|. |
|00000790| 20 20 20 45 78 61 6d 70 | 6c 65 3a 0a 0a 20 20 20 | Examp|le:.. |
|000007a0| 20 20 20 20 20 20 20 43 | 53 3a 30 31 30 30 20 45 | C|S:0100 E|
|000007b0| 34 32 31 20 20 20 20 20 | 20 20 20 20 20 20 49 4e |421 | IN|
|000007c0| 20 20 20 20 20 41 4c 2c | 32 31 0a 20 20 20 20 20 | AL,|21. |
|000007d0| 20 20 20 20 20 43 53 3a | 30 31 30 32 20 30 43 30 | CS:|0102 0C0|
|000007e0| 32 20 20 20 20 20 20 20 | 20 20 20 20 4f 52 20 20 |2 | OR |
|000007f0| 20 20 20 41 4c 2c 30 32 | 0a 20 20 20 20 20 20 20 | AL,02|. |
|00000800| 20 20 20 43 53 3a 30 31 | 30 34 20 45 36 32 31 20 | CS:01|04 E621 |
|00000810| 20 20 20 20 20 20 20 20 | 20 20 4f 55 54 20 20 20 | | OUT |
|00000820| 20 32 31 2c 41 4c 0a 0a | 20 20 20 20 20 20 20 20 | 21,AL..| |
|00000830| 20 20 20 20 4a 75 73 74 | 20 61 73 20 61 20 73 69 | Just| as a si|
|00000840| 64 65 20 6e 6f 74 69 63 | 65 2c 20 74 68 65 20 6b |de notic|e, the k|
|00000850| 65 79 62 6f 61 72 64 20 | 6d 61 79 20 62 65 20 61 |eyboard |may be a|
|00000860| 6c 73 6f 20 64 69 73 61 | 62 6c 65 64 20 62 79 0a |lso disa|bled by.|
|00000870| 20 20 20 20 20 20 20 20 | 20 20 63 6f 6d 6d 61 6e | | comman|
|00000880| 64 69 6e 67 20 74 68 65 | 20 50 72 6f 67 72 61 6d |ding the| Program|
|00000890| 6d 61 62 6c 65 20 50 65 | 72 69 70 68 65 72 61 6c |mable Pe|ripheral|
|000008a0| 20 49 6e 74 65 72 66 61 | 63 65 20 28 50 50 49 29 | Interfa|ce (PPI)|
|000008b0| 2c 20 70 6f 72 74 20 36 | 31 68 2e 0a 0a 20 20 20 |, port 6|1h... |
|000008c0| 20 20 20 20 20 20 20 45 | 78 61 6d 70 6c 65 3a 0a | E|xample:.|
|000008d0| 0a 20 20 20 20 20 20 20 | 20 20 20 43 53 3a 30 31 |. | CS:01|
|000008e0| 30 30 20 45 34 36 31 20 | 20 20 20 20 20 20 20 20 |00 E461 | |
|000008f0| 20 20 49 4e 20 20 20 20 | 20 41 4c 2c 36 31 0a 20 | IN | AL,61. |
|00000900| 20 20 20 20 20 20 20 20 | 20 43 53 3a 30 31 30 32 | | CS:0102|
|00000910| 20 30 43 38 30 20 20 20 | 20 20 20 20 20 20 20 20 | 0C80 | |
|00000920| 4f 52 20 20 20 20 20 41 | 4c 2c 38 30 0a 20 20 20 |OR A|L,80. |
|00000930| 20 20 20 20 20 20 20 43 | 53 3a 30 31 30 34 20 45 | C|S:0104 E|
|00000940| 36 36 31 20 20 20 20 20 | 20 20 20 20 20 20 4f 55 |661 | OU|
|00000950| 54 20 20 20 20 36 31 2c | 41 4c 0a 0a 20 20 20 31 |T 61,|AL.. 1|
|00000960| 2e 31 2e 32 2e 20 53 6f | 66 74 77 61 72 65 20 6d |.1.2. So|ftware m|
|00000970| 61 73 6b 69 6e 67 20 6f | 66 20 69 6e 74 65 72 72 |asking o|f interr|
|00000980| 75 70 74 3a 0a 0a 20 20 | 20 20 20 20 20 20 20 20 |upt:.. | |
|00000990| 20 20 54 68 69 73 20 69 | 73 20 71 75 69 74 65 20 | This i|s quite |
|000009a0| 61 6e 20 65 61 73 79 20 | 66 6f 72 6d 20 6f 66 20 |an easy |form of |
|000009b0| 61 6e 20 61 6e 74 69 2d | 64 65 62 75 67 67 69 6e |an anti-|debuggin|
|000009c0| 67 20 74 72 69 63 6b 2e | 20 41 6c 6c 20 79 6f 75 |g trick.| All you|
|000009d0| 0a 20 20 20 20 20 20 20 | 20 20 20 68 61 76 65 20 |. | have |
|000009e0| 74 6f 20 64 6f 20 69 73 | 20 73 69 6d 70 6c 79 20 |to do is| simply |
|000009f0| 72 65 70 6c 61 63 65 20 | 74 68 65 20 76 65 63 74 |replace |the vect|
|00000a00| 6f 72 73 20 6f 66 20 69 | 6e 74 65 72 72 75 70 74 |ors of i|nterrupt|
|00000a10| 73 20 64 65 62 75 67 67 | 65 72 73 0a 20 20 20 20 |s debugg|ers. |
|00000a20| 20 20 20 20 20 20 75 73 | 65 2c 20 6f 72 20 61 6e | us|e, or an|
|00000a30| 79 20 6f 74 68 65 72 20 | 69 6e 74 65 72 72 75 70 |y other |interrup|
|00000a40| 74 20 79 6f 75 20 77 69 | 6c 6c 20 6e 6f 74 20 62 |t you wi|ll not b|
|00000a50| 65 20 75 73 69 6e 67 20 | 6f 72 20 65 78 70 65 63 |e using |or expec|
|00000a60| 74 69 6e 67 20 74 6f 0a | 20 20 20 20 20 20 20 20 |ting to.| |
|00000a70| 20 20 6f 63 63 75 72 2e | 20 44 6f 20 6e 6f 74 20 | occur.| Do not |
|00000a80| 66 6f 72 67 65 74 20 74 | 6f 20 72 65 73 74 6f 72 |forget t|o restor|
|00000a90| 65 20 74 68 65 20 6f 72 | 69 67 69 6e 61 6c 20 76 |e the or|iginal v|
|00000aa0| 65 63 74 6f 72 73 20 77 | 68 65 6e 20 79 6f 75 20 |ectors w|hen you |
|00000ab0| 61 72 65 0a 20 20 20 20 | 20 20 20 20 20 20 66 69 |are. | fi|
|00000ac0| 6e 69 73 68 65 64 2e 20 | 49 74 20 69 73 20 61 64 |nished. |It is ad|
|00000ad0| 76 69 73 65 61 62 6c 65 | 20 74 6f 20 75 73 65 20 |viseable| to use |
|00000ae0| 6d 61 6e 75 61 6c 20 63 | 68 61 6e 67 65 20 6f 66 |manual c|hange of|
|00000af0| 20 76 65 63 74 6f 72 2c | 20 61 73 20 73 68 6f 77 | vector,| as show|
|00000b00| 6e 0a 20 20 20 20 20 20 | 20 20 20 20 62 65 6c 6f |n. | belo|
|00000b10| 77 2c 20 72 61 74 68 65 | 72 20 74 68 61 6e 20 74 |w, rathe|r than t|
|00000b20| 6f 20 63 68 61 6e 67 65 | 20 69 74 20 75 73 69 6e |o change| it usin|
|00000b30| 67 20 69 6e 74 65 72 72 | 75 70 74 20 32 31 68 20 |g interr|upt 21h |
|00000b40| 73 65 72 76 69 63 65 20 | 32 35 68 2c 0a 20 20 20 |service |25h,. |
|00000b50| 20 20 20 20 20 20 20 62 | 65 63 61 75 73 65 20 61 | b|ecause a|
|00000b60| 6e 79 20 64 65 62 75 67 | 67 65 72 20 74 68 61 74 |ny debug|ger that|
|00000b70| 20 68 61 73 20 67 61 69 | 6e 65 64 20 63 6f 6e 74 | has gai|ned cont|
|00000b80| 72 6f 6c 20 6f 66 20 69 | 6e 74 65 72 72 75 70 74 |rol of i|nterrupt|
|00000b90| 20 32 31 68 20 6d 61 79 | 0a 20 20 20 20 20 20 20 | 21h may|. |
|00000ba0| 20 20 20 72 65 70 6c 61 | 63 65 20 79 6f 75 72 20 | repla|ce your |
|00000bb0| 76 65 63 74 6f 72 20 77 | 69 74 68 20 74 68 65 20 |vector w|ith the |
|00000bc0| 64 65 62 75 67 67 65 72 | 27 73 2e 20 54 68 65 20 |debugger|'s. The |
|00000bd0| 65 78 61 6d 70 6c 65 20 | 73 68 6f 77 73 20 61 6e |example |shows an|
|00000be0| 0a 20 20 20 20 20 20 20 | 20 20 20 69 6e 74 65 72 |. | inter|
|00000bf0| 63 65 70 74 69 6f 6e 20 | 6f 66 20 69 6e 74 65 72 |ception |of inter|
|00000c00| 72 75 70 74 20 30 33 68 | 20 2d 20 74 68 65 20 62 |rupt 03h| - the b|
|00000c10| 72 65 61 6b 70 6f 69 6e | 74 20 69 6e 74 65 72 72 |reakpoin|t interr|
|00000c20| 75 70 74 2e 0a 0a 20 20 | 20 20 20 20 20 20 20 20 |upt... | |
|00000c30| 45 78 61 6d 70 6c 65 3a | 0a 0a 20 20 20 20 20 20 |Example:|.. |
|00000c40| 20 20 20 20 43 53 3a 30 | 31 30 30 20 45 42 30 34 | CS:0|100 EB04|
|00000c50| 20 20 20 20 20 20 20 20 | 20 20 20 4a 4d 50 20 20 | | JMP |
|00000c60| 20 20 30 31 30 36 0a 20 | 20 20 20 20 20 20 20 20 | 0106. | |
|00000c70| 20 43 53 3a 30 31 30 32 | 20 30 30 30 30 20 20 20 | CS:0102| 0000 |
|00000c80| 20 20 20 20 20 20 20 20 | 41 44 44 20 20 20 20 5b | |ADD [|
|00000c90| 42 58 2b 53 49 5d 2c 41 | 4c 0a 20 20 20 20 20 20 |BX+SI],A|L. |
|00000ca0| 20 20 20 20 43 53 3a 30 | 31 30 34 20 30 30 30 30 | CS:0|104 0000|
|00000cb0| 20 20 20 20 20 20 20 20 | 20 20 20 41 44 44 20 20 | | ADD |
|00000cc0| 20 20 5b 42 58 2b 53 49 | 5d 2c 41 4c 0a 20 20 20 | [BX+SI|],AL. |
|00000cd0| 20 20 20 20 20 20 20 43 | 53 3a 30 31 30 36 20 33 | C|S:0106 3|
|00000ce0| 31 43 30 20 20 20 20 20 | 20 20 20 20 20 20 58 4f |1C0 | XO|
|00000cf0| 52 20 20 20 20 41 58 2c | 41 58 0a 20 20 20 20 20 |R AX,|AX. |
|00000d00| 20 20 20 20 20 43 53 3a | 30 31 30 38 20 38 45 43 | CS:|0108 8EC|
|00000d10| 30 20 20 20 20 20 20 20 | 20 20 20 20 4d 4f 56 20 |0 | MOV |
|00000d20| 20 20 20 45 53 2c 41 58 | 0a 20 20 20 20 20 20 20 | ES,AX|. |
|00000d30| 20 20 20 43 53 3a 30 31 | 30 41 20 32 36 38 42 31 | CS:01|0A 268B1|
|00000d40| 45 30 43 30 30 20 20 20 | 20 20 4d 4f 56 20 20 20 |E0C00 | MOV |
|00000d50| 20 42 58 2c 45 53 3a 5b | 30 30 30 43 5d 0a 20 20 | BX,ES:[|000C]. |
|00000d60| 20 20 20 20 20 20 20 20 | 43 53 3a 30 31 30 46 20 | |CS:010F |
|00000d70| 38 39 31 45 30 32 30 31 | 20 20 20 20 20 20 20 4d |891E0201| M|
|00000d80| 4f 56 20 20 20 20 5b 30 | 31 30 32 5d 2c 42 58 0a |OV [0|102],BX.|
|00000d90| 20 20 20 20 20 20 20 20 | 20 20 43 53 3a 30 31 31 | | CS:011|
|00000da0| 33 20 32 36 38 42 31 45 | 30 45 30 30 20 20 20 20 |3 268B1E|0E00 |
|00000db0| 20 4d 4f 56 20 20 20 20 | 42 58 2c 45 53 3a 5b 30 | MOV |BX,ES:[0|
|00000dc0| 30 30 45 5d 0a 20 20 20 | 20 20 20 20 20 20 20 43 |00E]. | C|
|00000dd0| 53 3a 30 31 31 38 20 38 | 39 31 45 30 34 30 31 20 |S:0118 8|91E0401 |
|00000de0| 20 20 20 20 20 20 4d 4f | 56 20 20 20 20 5b 30 31 | MO|V [01|
|00000df0| 30 34 5d 2c 42 58 0a 20 | 20 20 20 20 20 20 20 20 |04],BX. | |
|00000e00| 20 43 53 3a 30 31 31 43 | 20 32 36 43 37 30 36 34 | CS:011C| 26C7064|
|00000e10| 43 30 30 30 30 30 30 20 | 4d 4f 56 20 20 20 20 57 |C000000 |MOV W|
|00000e20| 6f 72 64 20 50 74 72 20 | 45 53 3a 5b 30 30 30 43 |ord Ptr |ES:[000C|
|00000e30| 5d 2c 30 30 30 30 0a 20 | 20 20 20 20 20 20 20 20 |],0000. | |
|00000e40| 20 43 53 3a 30 31 32 33 | 20 32 36 43 37 30 36 34 | CS:0123| 26C7064|
|00000e50| 45 30 30 30 30 30 30 20 | 4d 4f 56 20 20 20 20 57 |E000000 |MOV W|
|00000e60| 6f 72 64 20 50 74 72 20 | 45 53 3a 5b 30 30 30 45 |ord Ptr |ES:[000E|
|00000e70| 5d 2c 30 30 30 30 0a 0a | 20 20 20 31 2e 31 2e 33 |],0000..| 1.1.3|
|00000e80| 2e 20 56 65 63 74 6f 72 | 20 6d 61 6e 69 70 75 6c |. Vector| manipul|
|00000e90| 61 74 69 6f 6e 0a 0a 20 | 20 20 20 20 20 20 20 20 |ation.. | |
|00000ea0| 20 20 20 20 54 68 69 73 | 20 6d 65 74 68 6f 64 20 | This| method |
|00000eb0| 69 6e 76 6f 6c 76 65 73 | 20 6d 61 6e 69 70 75 6c |involves| manipul|
|00000ec0| 61 74 69 6f 6e 73 20 6f | 66 20 74 68 65 20 69 6e |ations o|f the in|
|00000ed0| 74 65 72 72 75 70 74 20 | 76 65 63 74 6f 72 73 2c |terrupt |vectors,|
|00000ee0| 0a 20 20 20 20 20 20 20 | 20 20 20 6d 61 69 6e 6c |. | mainl|
|00000ef0| 79 20 66 6f 72 20 70 72 | 6f 70 65 72 20 61 63 74 |y for pr|oper act|
|00000f00| 69 76 61 74 69 6f 6e 20 | 6f 66 20 74 68 65 20 61 |ivation |of the a|
|00000f10| 6c 67 6f 72 69 74 68 6d | 2e 20 53 75 63 68 20 61 |lgorithm|. Such a|
|00000f20| 63 74 69 6f 6e 2c 20 61 | 73 0a 20 20 20 20 20 20 |ction, a|s. |
|00000f30| 20 20 20 20 65 78 61 6d | 70 6c 65 64 2c 20 6d 61 | exam|pled, ma|
|00000f40| 79 20 62 65 20 75 73 65 | 64 20 74 6f 20 64 65 63 |y be use|d to dec|
|00000f50| 72 79 70 74 20 61 20 63 | 6f 64 65 20 28 73 65 65 |rypt a c|ode (see|
|00000f60| 20 61 6c 73 6f 20 32 2e | 31 29 2c 20 75 73 69 6e | also 2.|1), usin|
|00000f70| 67 20 64 61 74 61 0a 20 | 20 20 20 20 20 20 20 20 |g data. | |
|00000f80| 20 73 74 6f 72 65 64 20 | 4f 4e 20 74 68 65 20 76 | stored |ON the v|
|00000f90| 65 63 74 6f 72 73 2e 20 | 4f 66 63 6f 75 72 73 65 |ectors. |Ofcourse|
|00000fa0| 2c 20 64 75 72 69 6e 67 | 20 6e 6f 72 6d 61 6c 20 |, during| normal |
|00000fb0| 6f 70 65 72 61 74 69 6f | 6e 20 6f 66 20 74 68 65 |operatio|n of the|
|00000fc0| 0a 20 20 20 20 20 20 20 | 20 20 20 70 72 6f 67 72 |. | progr|
|00000fd0| 61 6d 2c 20 76 65 63 74 | 6f 72 73 20 30 31 68 20 |am, vect|ors 01h |
|00000fe0| 61 6e 64 20 30 33 68 20 | 61 72 65 20 6e 6f 74 20 |and 03h |are not |
|00000ff0| 75 73 65 64 2c 20 73 6f | 20 75 6e 6c 65 73 73 20 |used, so| unless |
|00001000| 79 6f 75 20 61 72 65 20 | 74 72 79 69 6e 67 0a 20 |you are |trying. |
|00001010| 20 20 20 20 20 20 20 20 | 20 74 6f 20 64 65 62 75 | | to debu|
|00001020| 67 20 73 75 63 68 20 61 | 20 70 72 6f 67 72 61 6d |g such a| program|
|00001030| 2c 20 69 74 20 77 6f 72 | 6b 73 20 66 69 6e 65 2e |, it wor|ks fine.|
|00001040| 0a 0a 20 20 20 20 20 20 | 20 20 20 20 45 78 61 6d |.. | Exam|
|00001050| 70 6c 65 3a 0a 0a 20 20 | 20 20 20 20 20 20 20 20 |ple:.. | |
|00001060| 43 53 3a 30 31 30 30 20 | 33 31 43 30 20 20 20 20 |CS:0100 |31C0 |
|00001070| 20 20 20 20 20 20 20 58 | 4f 52 20 20 20 20 41 58 | X|OR AX|
|00001080| 2c 41 58 0a 20 20 20 20 | 20 20 20 20 20 20 43 53 |,AX. | CS|
|00001090| 3a 30 31 30 32 20 38 45 | 44 30 20 20 20 20 20 20 |:0102 8E|D0 |
|000010a0| 20 20 20 20 20 4d 4f 56 | 20 20 20 20 53 53 2c 41 | MOV| SS,A|
|000010b0| 58 0a 20 20 20 20 20 20 | 20 20 20 20 43 53 3a 30 |X. | CS:0|
|000010c0| 31 30 34 20 42 43 30 45 | 30 30 20 20 20 20 20 20 |104 BC0E|00 |
|000010d0| 20 20 20 4d 4f 56 20 20 | 20 20 53 50 2c 30 30 30 | MOV | SP,000|
|000010e0| 45 0a 20 20 20 20 20 20 | 20 20 20 20 43 53 3a 30 |E. | CS:0|
|000010f0| 31 30 37 20 32 45 38 42 | 30 45 33 34 31 32 20 20 |107 2E8B|0E3412 |
|00001100| 20 20 20 4d 4f 56 20 20 | 20 20 43 58 2c 43 53 3a | MOV | CX,CS:|
|00001110| 5b 31 32 33 34 5d 0a 20 | 20 20 20 20 20 20 20 20 |[1234]. | |
|00001120| 20 43 53 3a 30 31 30 43 | 20 35 30 20 20 20 20 20 | CS:010C| 50 |
|00001130| 20 20 20 20 20 20 20 20 | 50 55 53 48 20 20 20 41 | |PUSH A|
|00001140| 58 0a 20 20 20 20 20 20 | 20 20 20 20 43 53 3a 30 |X. | CS:0|
|00001150| 31 30 44 20 33 31 43 38 | 20 20 20 20 20 20 20 20 |10D 31C8| |
|00001160| 20 20 20 58 4f 52 20 20 | 20 20 41 58 2c 43 58 0a | XOR | AX,CX.|
|00001170| 20 20 20 20 20 20 20 20 | 20 20 43 53 3a 30 31 30 | | CS:010|
|00001180| 46 20 32 31 43 35 20 20 | 20 20 20 20 20 20 20 20 |F 21C5 | |
|00001190| 20 41 4e 44 20 20 20 20 | 42 50 2c 41 58 0a 20 20 | AND |BP,AX. |
|000011a0| 20 20 20 20 20 20 20 20 | 43 53 3a 30 31 31 31 20 | |CS:0111 |
|000011b0| 35 38 20 20 20 20 20 20 | 20 20 20 20 20 20 20 50 |58 | P|
|000011c0| 4f 50 20 20 20 20 41 58 | 0a 20 20 20 20 20 20 20 |OP AX|. |
|000011d0| 20 20 20 43 53 3a 30 31 | 31 32 20 45 32 46 38 20 | CS:01|12 E2F8 |
|000011e0| 20 20 20 20 20 20 20 20 | 20 20 4c 4f 4f 50 20 20 | | LOOP |
|000011f0| 20 30 31 30 43 0a 0a 20 | 20 20 31 2e 31 2e 34 2e | 010C.. | 1.1.4.|
|00001200| 20 49 6e 74 65 72 72 75 | 70 74 20 72 65 70 6c 61 | Interru|pt repla|
|00001210| 63 65 6d 65 6e 74 0a 0a | 20 20 20 20 20 20 20 20 |cement..| |
|00001220| 20 20 20 20 54 68 69 73 | 20 69 73 20 61 20 72 65 | This| is a re|
|00001230| 61 6c 6c 79 20 6e 61 73 | 74 79 20 74 72 69 63 6b |ally nas|ty trick|
|00001240| 2c 20 61 6e 64 20 69 74 | 20 73 68 6f 75 6c 64 20 |, and it| should |
|00001250| 62 65 20 75 73 65 64 20 | 4f 4e 4c 59 20 69 66 20 |be used |ONLY if |
|00001260| 79 6f 75 0a 20 20 20 20 | 20 20 20 20 20 20 61 72 |you. | ar|
|00001270| 65 20 41 42 53 4f 4c 55 | 54 45 4c 59 20 73 75 72 |e ABSOLU|TELY sur|
|00001280| 65 20 74 68 61 74 20 79 | 6f 75 72 20 70 72 6f 67 |e that y|our prog|
|00001290| 72 61 6d 73 20 6e 65 65 | 64 73 20 6e 6f 20 6d 6f |rams nee|ds no mo|
|000012a0| 72 65 20 64 65 62 75 67 | 67 69 6e 67 2e 20 57 68 |re debug|ging. Wh|
|000012b0| 61 74 0a 20 20 20 20 20 | 20 20 20 20 20 79 6f 75 |at. | you|
|000012c0| 20 73 68 6f 75 6c 64 20 | 64 6f 20 69 73 20 63 6f | should |do is co|
|000012d0| 70 79 20 74 68 65 20 76 | 65 63 74 6f 72 73 20 6f |py the v|ectors o|
|000012e0| 66 20 73 6f 6d 65 20 69 | 6e 74 65 72 72 75 70 74 |f some i|nterrupt|
|000012f0| 73 20 79 6f 75 20 77 69 | 6c 6c 20 62 65 0a 20 20 |s you wi|ll be. |
|00001300| 20 20 20 20 20 20 20 20 | 75 73 69 6e 67 2c 20 73 | |using, s|
|00001310| 61 79 20 31 36 68 20 61 | 6e 64 20 32 31 68 2c 20 |ay 16h a|nd 21h, |
|00001320| 6f 6e 74 6f 20 74 68 65 | 20 76 65 63 74 6f 72 73 |onto the| vectors|
|00001330| 20 6f 66 20 69 6e 74 65 | 72 72 75 70 74 20 30 31 | of inte|rrupt 01|
|00001340| 68 20 61 6e 64 20 30 33 | 68 2c 0a 20 20 20 20 20 |h and 03|h,. |
|00001350| 20 20 20 20 20 74 68 61 | 74 20 64 6f 20 6e 6f 74 | tha|t do not|
|00001360| 20 6f 63 63 75 72 20 64 | 75 72 69 6e 67 20 6e 6f | occur d|uring no|
|00001370| 72 6d 61 6c 20 6f 70 65 | 72 61 74 69 6f 6e 20 6f |rmal ope|ration o|
|00001380| 66 20 74 68 65 20 70 72 | 6f 67 72 61 6d 2e 20 49 |f the pr|ogram. I|
|00001390| 66 20 74 68 65 0a 20 20 | 20 20 20 20 20 20 20 20 |f the. | |
|000013a0| 75 73 65 72 20 77 61 6e | 74 73 20 74 6f 20 64 65 |user wan|ts to de|
|000013b0| 62 75 67 20 74 68 65 20 | 70 72 6f 67 72 61 6d 2c |bug the |program,|
|000013c0| 20 68 65 20 77 6f 75 6c | 64 20 68 61 76 65 20 74 | he woul|d have t|
|000013d0| 6f 20 73 65 61 72 63 68 | 20 66 6f 72 20 65 76 65 |o search| for eve|
|000013e0| 72 79 0a 20 20 20 20 20 | 20 20 20 20 20 6f 63 63 |ry. | occ|
|000013f0| 75 72 61 6e 63 65 20 6f | 66 20 49 4e 54 20 30 31 |urance o|f INT 01|
|00001400| 2c 20 61 6e 64 20 72 65 | 70 6c 61 63 65 20 69 74 |, and re|place it|
|00001410| 20 77 69 74 68 20 74 68 | 65 20 61 70 70 72 6f 70 | with th|e approp|
|00001420| 72 69 61 74 65 20 49 4e | 54 0a 20 20 20 20 20 20 |riate IN|T. |
|00001430| 20 20 20 20 69 6e 73 74 | 72 75 63 74 69 6f 6e 2e | inst|ruction.|
|00001440| 20 54 68 69 73 20 74 72 | 69 63 6b 20 69 73 20 76 | This tr|ick is v|
|00001450| 65 72 79 20 65 66 66 65 | 63 74 69 76 65 20 69 66 |ery effe|ctive if|
|00001460| 20 75 73 65 64 20 74 6f | 67 65 74 68 65 72 20 77 | used to|gether w|
|00001470| 69 74 68 20 74 68 65 0a | 20 20 20 20 20 20 20 20 |ith the.| |
|00001480| 20 20 66 61 63 74 20 74 | 68 61 74 20 74 68 65 20 | fact t|hat the |
|00001490| 49 4e 54 20 33 20 69 6e | 74 72 75 63 74 69 6f 6e |INT 3 in|truction|
|000014a0| 20 68 61 73 20 61 20 4f | 4e 45 20 42 59 54 45 20 | has a O|NE BYTE |
|000014b0| 6f 70 63 6f 64 65 20 2d | 20 30 43 43 68 2c 20 77 |opcode -| 0CCh, w|
|000014c0| 68 69 63 68 0a 20 20 20 | 20 20 20 20 20 20 20 63 |hich. | c|
|000014d0| 61 6e 20 6e 6f 74 20 62 | 65 20 63 68 61 6e 67 65 |an not b|e change|
|000014e0| 64 20 74 6f 20 61 6e 79 | 20 6f 74 68 65 72 20 69 |d to any| other i|
|000014f0| 6e 74 65 72 72 75 70 74 | 2e 0a 0a 20 20 20 20 20 |nterrupt|... |
|00001500| 20 20 20 20 20 45 78 61 | 6d 70 6c 65 3a 0a 0a 20 | Exa|mple:.. |
|00001510| 20 20 20 20 20 20 20 20 | 20 43 53 3a 30 31 30 30 | | CS:0100|
|00001520| 20 46 41 20 20 20 20 20 | 20 20 20 20 20 20 20 20 | FA | |
|00001530| 43 4c 49 0a 20 20 20 20 | 20 20 20 20 20 20 43 53 |CLI. | CS|
|00001540| 3a 30 31 30 31 20 33 31 | 43 30 20 20 20 20 20 20 |:0101 31|C0 |
|00001550| 20 20 20 20 20 58 4f 52 | 20 20 20 20 41 58 2c 41 | XOR| AX,A|
|00001560| 58 0a 20 20 20 20 20 20 | 20 20 20 20 43 53 3a 30 |X. | CS:0|
|00001570| 31 30 33 20 38 45 43 30 | 20 20 20 20 20 20 20 20 |103 8EC0| |
|00001580| 20 20 20 4d 4f 56 20 20 | 20 20 45 53 2c 41 58 0a | MOV | ES,AX.|
|00001590| 20 20 20 20 20 20 20 20 | 20 20 43 53 3a 30 31 30 | | CS:010|
|000015a0| 35 20 32 36 41 31 38 34 | 30 30 20 20 20 20 20 20 |5 26A184|00 |
|000015b0| 20 4d 4f 56 20 20 20 20 | 41 58 2c 45 53 3a 5b 30 | MOV |AX,ES:[0|
|000015c0| 30 38 34 5d 0a 20 20 20 | 20 20 20 20 20 20 20 43 |084]. | C|
|000015d0| 53 3a 30 31 30 39 20 32 | 36 41 33 30 34 30 30 20 |S:0109 2|6A30400 |
|000015e0| 20 20 20 20 20 20 4d 4f | 56 20 20 20 20 45 53 3a | MO|V ES:|
|000015f0| 5b 30 30 30 34 5d 2c 41 | 58 0a 20 20 20 20 20 20 |[0004],A|X. |
|00001600| 20 20 20 20 43 53 3a 30 | 31 30 44 20 32 36 41 31 | CS:0|10D 26A1|
|00001610| 38 36 30 30 20 20 20 20 | 20 20 20 4d 4f 56 20 20 |8600 | MOV |
|00001620| 20 20 41 58 2c 45 53 3a | 5b 30 30 38 36 5d 0a 20 | AX,ES:|[0086]. |
|00001630| 20 20 20 20 20 20 20 20 | 20 43 53 3a 30 31 31 31 | | CS:0111|
|00001640| 20 32 36 41 33 30 36 30 | 30 20 20 20 20 20 20 20 | 26A3060|0 |
|00001650| 4d 4f 56 20 20 20 20 45 | 53 3a 5b 30 30 30 36 5d |MOV E|S:[0006]|
|00001660| 2c 41 58 0a 20 20 20 20 | 20 20 20 20 20 20 43 53 |,AX. | CS|
|00001670| 3a 30 31 31 35 20 42 34 | 34 43 20 20 20 20 20 20 |:0115 B4|4C |
|00001680| 20 20 20 20 20 4d 4f 56 | 20 20 20 20 41 48 2c 34 | MOV| AH,4|
|00001690| 43 0a 20 20 20 20 20 20 | 20 20 20 20 43 53 3a 30 |C. | CS:0|
|000016a0| 31 31 37 20 43 44 30 31 | 20 20 20 20 20 20 20 20 |117 CD01| |
|000016b0| 20 20 20 49 4e 54 20 20 | 20 20 30 31 20 20 20 20 | INT | 01 |
|000016c0| 20 20 20 20 20 20 20 20 | 20 20 20 20 0a 0a 31 2e | | ..1.|
|000016d0| 32 2e 20 54 69 6d 65 20 | 77 61 74 63 68 3a 0a 0a |2. Time |watch:..|
|000016e0| 20 20 20 20 20 20 20 54 | 68 69 73 20 6d 61 79 20 | T|his may |
|000016f0| 62 65 20 61 20 6c 65 73 | 73 20 63 6f 6d 6d 6f 6e |be a les|s common|
|00001700| 20 6d 65 74 68 6f 64 2c | 20 62 75 74 20 69 74 20 | method,| but it |
|00001710| 69 73 20 75 73 65 66 75 | 6c 6c 20 61 67 61 69 6e |is usefu|ll again|
|00001720| 73 74 20 64 65 62 75 67 | 67 65 72 73 0a 20 20 20 |st debug|gers. |
|00001730| 20 20 74 68 61 74 20 64 | 69 73 61 62 6c 65 20 61 | that d|isable a|
|00001740| 6c 6c 20 69 6e 74 65 72 | 72 75 70 74 73 20 65 78 |ll inter|rupts ex|
|00001750| 63 65 70 74 20 66 6f 72 | 20 74 68 65 20 74 69 6d |cept for| the tim|
|00001760| 65 20 74 68 61 74 20 74 | 68 65 20 70 72 6f 67 72 |e that t|he progr|
|00001770| 61 6d 20 69 73 0a 20 20 | 20 20 20 65 78 65 63 75 |am is. | execu|
|00001780| 74 65 64 2c 20 73 75 63 | 68 20 61 73 20 42 6f 72 |ted, suc|h as Bor|
|00001790| 6c 61 6e 64 27 73 20 54 | 75 72 62 6f 20 44 65 62 |land's T|urbo Deb|
|000017a0| 75 67 67 65 72 2e 20 54 | 68 69 73 20 6d 65 74 68 |ugger. T|his meth|
|000017b0| 6f 64 20 73 69 6d 70 6c | 79 20 72 65 74 61 69 6e |od simpl|y retain|
|000017c0| 73 0a 20 20 20 20 20 74 | 68 65 20 76 61 6c 75 65 |s. t|he value|
|000017d0| 20 6f 66 20 74 68 65 20 | 63 6c 6f 63 6b 20 63 6f | of the |clock co|
|000017e0| 75 6e 74 65 72 2c 20 75 | 70 64 61 74 65 64 20 62 |unter, u|pdated b|
|000017f0| 79 20 69 6e 74 65 72 72 | 75 70 74 20 30 38 68 2c |y interr|upt 08h,|
|00001800| 20 61 6e 64 20 77 61 69 | 74 73 20 69 6e 20 61 6e | and wai|ts in an|
|00001810| 0a 20 20 20 20 20 69 6e | 66 69 6e 69 74 65 20 6c |. in|finite l|
|00001820| 6f 6f 70 20 75 6e 74 69 | 6c 20 74 68 65 20 76 61 |oop unti|l the va|
|00001830| 6c 75 65 20 63 68 61 6e | 67 65 73 2e 20 41 6e 6f |lue chan|ges. Ano|
|00001840| 74 68 65 72 20 65 78 61 | 6d 70 6c 65 20 69 73 20 |ther exa|mple is |
|00001850| 77 68 65 6e 20 79 6f 75 | 20 6d 61 73 6b 0a 20 20 |when you| mask. |
|00001860| 20 20 20 74 68 65 20 74 | 69 6d 65 72 20 69 6e 74 | the t|imer int|
|00001870| 65 72 72 75 70 74 20 62 | 79 20 4f 52 69 6e 67 20 |errupt b|y ORing |
|00001880| 74 68 65 20 76 61 6c 75 | 65 20 49 4e 65 64 20 66 |the valu|e INed f|
|00001890| 72 6f 6d 20 70 6f 72 74 | 20 32 31 68 20 77 69 74 |rom port| 21h wit|
|000018a0| 68 20 30 31 68 20 61 6e | 64 0a 20 20 20 20 20 74 |h 01h an|d. t|
|000018b0| 68 65 6e 20 4f 55 54 69 | 6e 67 20 69 74 20 62 61 |hen OUTi|ng it ba|
|000018c0| 63 6b 2c 20 74 68 75 73 | 20 64 69 73 61 62 6c 69 |ck, thus| disabli|
|000018d0| 6e 67 20 74 68 65 20 49 | 52 51 30 20 2d 20 54 69 |ng the I|RQ0 - Ti|
|000018e0| 6d 65 72 20 69 6e 74 65 | 72 72 75 70 74 2e 20 4e |mer inte|rrupt. N|
|000018f0| 6f 74 65 20 74 68 61 74 | 0a 20 20 20 20 20 74 68 |ote that|. th|
|00001900| 69 73 20 6d 65 74 68 6f | 64 20 69 73 20 75 73 65 |is metho|d is use|
|00001910| 66 75 6c 6c 20 6f 6e 6c | 79 20 61 67 61 69 6e 73 |full onl|y agains|
|00001920| 74 20 52 55 4e 20 61 63 | 74 69 6f 6e 73 2c 20 6e |t RUN ac|tions, n|
|00001930| 6f 74 20 54 52 41 43 45 | 2f 50 52 4f 43 45 45 44 |ot TRACE|/PROCEED|
|00001940| 20 6f 6e 65 73 2e 0a 0a | 20 20 20 20 20 45 78 61 | ones...| Exa|
|00001950| 6d 70 6c 65 3a 0a 0a 20 | 20 20 20 20 43 53 3a 30 |mple:.. | CS:0|
|00001960| 31 30 30 20 32 42 43 30 | 20 20 20 20 20 20 20 20 |100 2BC0| |
|00001970| 20 20 20 53 55 42 20 20 | 20 20 41 58 2c 41 58 0a | SUB | AX,AX.|
|00001980| 20 20 20 20 20 43 53 3a | 30 31 30 32 20 46 42 20 | CS:|0102 FB |
|00001990| 20 20 20 20 20 20 20 20 | 20 20 20 20 53 54 49 0a | | STI.|
|000019a0| 20 20 20 20 20 43 53 3a | 30 31 30 33 20 38 45 44 | CS:|0103 8ED|
|000019b0| 38 20 20 20 20 20 20 20 | 20 20 20 20 4d 4f 56 20 |8 | MOV |
|000019c0| 20 20 20 44 53 2c 41 58 | 0a 20 20 20 20 20 43 53 | DS,AX|. CS|
|000019d0| 3a 30 31 30 35 20 38 41 | 32 36 36 43 30 34 20 20 |:0105 8A|266C04 |
|000019e0| 20 20 20 20 20 4d 4f 56 | 20 20 20 20 41 48 2c 5b | MOV| AH,[|
|000019f0| 30 34 36 43 5d 0a 20 20 | 20 20 20 43 53 3a 30 31 |046C]. | CS:01|
|00001a00| 30 39 20 41 30 36 43 30 | 34 20 20 20 20 20 20 20 |09 A06C0|4 |
|00001a10| 20 20 4d 4f 56 20 20 20 | 20 41 4c 2c 5b 30 34 36 | MOV | AL,[046|
|00001a20| 43 5d 0a 20 20 20 20 20 | 43 53 3a 30 31 30 43 20 |C]. |CS:010C |
|00001a30| 33 41 43 34 20 20 20 20 | 20 20 20 20 20 20 20 43 |3AC4 | C|
|00001a40| 4d 50 20 20 20 20 41 4c | 2c 41 48 0a 20 20 20 20 |MP AL|,AH. |
|00001a50| 20 43 53 3a 30 31 30 45 | 20 37 34 46 39 20 20 20 | CS:010E| 74F9 |
|00001a60| 20 20 20 20 20 20 20 20 | 4a 5a 20 20 20 20 20 30 | |JZ 0|
|00001a70| 31 30 39 0a 0a 31 2e 33 | 2e 20 46 6f 6f 6c 20 74 |109..1.3|. Fool t|
|00001a80| 68 65 20 64 65 62 75 67 | 67 65 72 3a 0a 0a 20 20 |he debug|ger:.. |
|00001a90| 20 20 20 20 20 54 68 69 | 73 20 69 73 20 61 20 76 | Thi|s is a v|
|00001aa0| 65 72 79 20 6e 69 63 65 | 20 74 65 63 68 6e 69 71 |ery nice| techniq|
|00001ab0| 75 65 2c 20 74 68 61 74 | 20 77 6f 72 6b 73 20 65 |ue, that| works e|
|00001ac0| 73 70 65 63 69 61 6c 6c | 79 20 61 6e 64 20 6f 6e |speciall|y and on|
|00001ad0| 6c 79 20 6f 6e 20 74 68 | 6f 73 65 0a 20 20 20 20 |ly on th|ose. |
|00001ae0| 20 77 68 6f 20 75 73 65 | 20 54 75 72 62 6f 20 44 | who use| Turbo D|
|00001af0| 65 62 75 67 67 65 72 20 | 6f 72 20 69 74 73 20 6b |ebugger |or its k|
|00001b00| 69 6e 64 2e 20 57 68 61 | 74 20 79 6f 75 20 73 68 |ind. Wha|t you sh|
|00001b10| 6f 75 6c 64 20 64 6f 20 | 69 73 20 69 6e 69 74 20 |ould do |is init |
|00001b20| 61 20 6a 75 6d 70 20 74 | 6f 0a 20 20 20 20 20 61 |a jump t|o. a|
|00001b30| 20 6d 69 64 64 6c 65 20 | 6f 66 20 61 6e 20 69 6e | middle |of an in|
|00001b40| 73 74 72 75 63 74 69 6f | 6e 2c 20 77 68 65 72 65 |structio|n, where|
|00001b50| 61 73 20 74 68 65 20 72 | 65 61 6c 20 61 64 64 72 |as the r|eal addr|
|00001b60| 65 73 73 20 61 63 74 75 | 61 6c 6c 79 20 63 6f 6e |ess actu|ally con|
|00001b70| 74 61 69 6e 73 0a 20 20 | 20 20 20 61 6e 6f 74 68 |tains. | anoth|
|00001b80| 65 72 20 6f 70 63 6f 64 | 65 2e 20 49 66 20 79 6f |er opcod|e. If yo|
|00001b90| 75 20 77 6f 72 6b 20 77 | 69 74 68 20 61 20 6e 6f |u work w|ith a no|
|00001ba0| 72 6d 61 6c 20 73 74 65 | 70 20 64 65 62 75 67 67 |rmal ste|p debugg|
|00001bb0| 65 72 20 73 75 63 68 20 | 61 73 20 44 65 62 75 67 |er such |as Debug|
|00001bc0| 20 6f 72 0a 20 20 20 20 | 20 53 79 6d 44 65 62 2c | or. | SymDeb,|
|00001bd0| 20 69 74 20 77 6f 6e 27 | 74 20 77 6f 72 6b 20 73 | it won'|t work s|
|00001be0| 69 6e 63 65 20 74 68 65 | 20 64 65 62 75 67 67 65 |ince the| debugge|
|00001bf0| 72 20 6a 75 6d 70 73 20 | 74 6f 20 74 68 65 20 65 |r jumps |to the e|
|00001c00| 78 61 63 74 20 61 64 64 | 72 65 73 73 20 6f 66 0a |xact add|ress of.|
|00001c10| 20 20 20 20 20 74 68 65 | 20 6a 75 6d 70 2c 20 61 | the| jump, a|
|00001c20| 6e 64 20 6e 6f 74 20 74 | 6f 20 74 68 65 20 62 65 |nd not t|o the be|
|00001c30| 67 69 6e 6e 69 6e 67 20 | 6f 66 20 61 6e 20 69 6e |ginning |of an in|
|00001c40| 73 74 72 75 63 74 69 6f | 6e 20 61 74 20 74 68 65 |structio|n at the|
|00001c50| 20 63 6c 6f 73 65 73 74 | 0a 20 20 20 20 20 61 64 | closest|. ad|
|00001c60| 64 72 65 73 73 2c 20 6c | 69 6b 65 20 54 75 72 62 |dress, l|ike Turb|
|00001c70| 6f 20 44 65 62 75 67 67 | 65 72 2e 0a 0a 20 20 20 |o Debugg|er... |
|00001c80| 20 20 45 78 61 6d 70 6c | 65 3a 0a 0a 20 20 20 20 | Exampl|e:.. |
|00001c90| 20 43 53 3a 30 31 30 30 | 20 45 34 32 31 20 20 20 | CS:0100| E421 |
|00001ca0| 20 20 20 20 20 20 20 20 | 49 4e 20 20 20 20 20 41 | |IN A|
|00001cb0| 4c 2c 32 31 0a 20 20 20 | 20 20 43 53 3a 30 31 30 |L,21. | CS:010|
|00001cc0| 32 20 42 30 46 46 20 20 | 20 20 20 20 20 20 20 20 |2 B0FF | |
|00001cd0| 20 4d 4f 56 20 20 20 20 | 41 4c 2c 46 46 0a 20 20 | MOV |AL,FF. |
|00001ce0| 20 20 20 43 53 3a 30 31 | 30 34 20 45 42 30 32 20 | CS:01|04 EB02 |
|00001cf0| 20 20 20 20 20 20 20 20 | 20 20 4a 4d 50 20 20 20 | | JMP |
|00001d00| 20 30 31 30 38 0a 20 20 | 20 20 20 43 53 3a 30 31 | 0108. | CS:01|
|00001d10| 30 36 20 43 36 30 36 45 | 36 32 31 30 30 20 20 20 |06 C606E|62100 |
|00001d20| 20 20 4d 4f 56 20 20 20 | 20 42 79 74 65 20 50 74 | MOV | Byte Pt|
|00001d30| 72 20 5b 32 31 45 36 5d | 2c 30 30 0a 20 20 20 20 |r [21E6]|,00. |
|00001d40| 20 43 53 3a 30 31 30 42 | 20 43 44 32 30 20 20 20 | CS:010B| CD20 |
|00001d50| 20 20 20 20 20 20 20 20 | 49 4e 54 20 20 20 20 32 | |INT 2|
|00001d60| 30 0a 0a 20 20 20 20 20 | 57 61 74 63 68 20 74 68 |0.. |Watch th|
|00001d70| 69 73 3a 0a 0a 20 20 20 | 20 20 43 53 3a 30 31 30 |is:.. | CS:010|
|00001d80| 38 20 45 36 32 31 20 20 | 20 20 20 20 20 20 20 20 |8 E621 | |
|00001d90| 20 4f 55 54 20 20 20 20 | 32 31 2c 41 4c 0a 0a 20 | OUT |21,AL.. |
|00001da0| 20 20 20 20 4e 6f 74 69 | 63 65 3a 0a 0a 20 20 20 | Noti|ce:.. |
|00001db0| 20 20 20 20 54 68 69 73 | 20 74 72 69 63 6b 20 64 | This| trick d|
|00001dc0| 6f 65 73 20 4e 4f 54 20 | 65 66 66 65 63 74 20 74 |oes NOT |effect t|
|00001dd0| 68 65 20 72 75 6e 20 6f | 66 20 74 68 65 20 70 72 |he run o|f the pr|
|00001de0| 6f 67 72 61 6d 20 69 6e | 20 41 4e 59 20 64 65 62 |ogram in| ANY deb|
|00001df0| 75 67 67 65 72 2e 20 49 | 74 73 0a 20 20 20 20 20 |ugger. I|ts. |
|00001e00| 6f 6e 6c 79 20 75 73 65 | 20 69 73 20 74 6f 20 74 |only use| is to t|
|00001e10| 72 79 20 74 6f 20 64 65 | 63 65 69 76 65 20 74 68 |ry to de|ceive th|
|00001e20| 65 20 75 73 65 72 20 69 | 6e 74 6f 20 74 68 69 6e |e user i|nto thin|
|00001e30| 6b 69 6e 67 20 61 6e 6f | 74 68 65 72 20 6f 70 63 |king ano|ther opc|
|00001e40| 6f 64 65 20 69 73 0a 20 | 20 20 20 20 75 73 65 64 |ode is. | used|
|00001e50| 2c 20 77 68 69 6c 65 20 | 61 6e 6f 74 68 65 72 20 |, while |another |
|00001e60| 69 73 20 61 63 74 75 61 | 6c 6c 79 20 72 75 6e 2e |is actua|lly run.|
|00001e70| 0a 0a 31 2e 34 2e 20 43 | 68 65 63 6b 20 43 50 55 |..1.4. C|heck CPU|
|00001e80| 20 46 6c 61 67 73 3a 0a | 0a 20 20 20 20 20 20 20 | Flags:.|. |
|00001e90| 54 68 69 73 20 69 73 20 | 61 20 6e 69 63 65 20 74 |This is |a nice t|
|00001ea0| 72 69 63 6b 2c 20 65 66 | 66 65 63 74 69 76 65 20 |rick, ef|fective |
|00001eb0| 61 67 61 69 6e 73 74 20 | 61 6c 6d 6f 73 74 20 61 |against |almost a|
|00001ec0| 6e 79 20 72 65 61 6c 20 | 6d 6f 64 65 20 64 65 62 |ny real |mode deb|
|00001ed0| 75 67 67 65 72 2e 0a 20 | 20 20 20 20 57 68 61 74 |ugger.. | What|
|00001ee0| 20 79 6f 75 20 73 68 6f | 75 6c 64 20 64 6f 20 69 | you sho|uld do i|
|00001ef0| 73 20 73 69 6d 70 6c 79 | 20 73 65 74 20 74 68 65 |s simply| set the|
|00001f00| 20 74 72 61 63 65 20 66 | 6c 61 67 20 6f 66 66 20 | trace f|lag off |
|00001f10| 73 6f 6d 65 77 68 65 72 | 65 20 69 6e 20 79 6f 75 |somewher|e in you|
|00001f20| 72 0a 20 20 20 20 20 70 | 72 6f 67 72 61 6d 2c 20 |r. p|rogram, |
|00001f30| 61 6e 64 20 63 68 65 63 | 6b 20 66 6f 72 20 69 74 |and chec|k for it|
|00001f40| 20 6c 61 74 65 72 2e 20 | 49 66 20 69 74 20 77 61 | later. |If it wa|
|00001f50| 73 20 74 75 72 6e 65 64 | 20 6f 6e 2c 20 61 20 64 |s turned| on, a d|
|00001f60| 65 62 75 67 67 65 72 20 | 72 75 6e 73 20 69 6e 0a |ebugger |runs in.|
|00001f70| 20 20 20 20 20 74 68 65 | 20 62 61 63 6b 67 72 6f | the| backgro|
|00001f80| 75 6e 64 2e 2e 2e 0a 0a | 20 20 20 20 20 45 78 61 |und.....| Exa|
|00001f90| 6d 70 6c 65 3a 0a 0a 20 | 20 20 20 20 43 53 3a 30 |mple:.. | CS:0|
|00001fa0| 31 30 30 20 39 43 20 20 | 20 20 20 20 20 20 20 20 |100 9C | |
|00001fb0| 20 20 20 50 55 53 48 46 | 0a 20 20 20 20 20 43 53 | PUSHF|. CS|
|00001fc0| 3a 30 31 30 31 20 35 38 | 20 20 20 20 20 20 20 20 |:0101 58| |
|00001fd0| 20 20 20 20 20 50 4f 50 | 20 20 20 20 41 58 0a 20 | POP| AX. |
|00001fe0| 20 20 20 20 43 53 3a 30 | 31 30 32 20 32 35 46 46 | CS:0|102 25FF|
|00001ff0| 46 45 20 20 20 20 20 20 | 20 20 20 41 4e 44 20 20 |FE | AND |
|00002000| 20 20 41 58 2c 46 45 46 | 46 0a 20 20 20 20 20 43 | AX,FEF|F. C|
|00002010| 53 3a 30 31 30 35 20 35 | 30 20 20 20 20 20 20 20 |S:0105 5|0 |
|00002020| 20 20 20 20 20 20 50 55 | 53 48 20 20 20 41 58 0a | PU|SH AX.|
|00002030| 20 20 20 20 20 43 53 3a | 30 31 30 36 20 39 44 20 | CS:|0106 9D |
|00002040| 20 20 20 20 20 20 20 20 | 20 20 20 20 50 4f 50 46 | | POPF|
|00002050| 0a 0a 20 20 20 20 20 49 | 6e 20 74 68 65 20 6d 69 |.. I|n the mi|
|00002060| 64 64 6c 65 20 6f 66 20 | 74 68 65 20 70 72 6f 67 |ddle of |the prog|
|00002070| 72 61 6d 3a 0a 0a 20 20 | 20 20 20 43 53 3a 31 35 |ram:.. | CS:15|
|00002080| 32 33 20 39 43 20 20 20 | 20 20 20 20 20 20 20 20 |23 9C | |
|00002090| 20 20 50 55 53 48 46 0a | 20 20 20 20 20 43 53 3a | PUSHF.| CS:|
|000020a0| 31 35 32 34 20 35 38 20 | 20 20 20 20 20 20 20 20 |1524 58 | |
|000020b0| 20 20 20 20 50 4f 50 20 | 20 20 20 41 58 0a 20 20 | POP | AX. |
|000020c0| 20 20 20 43 53 3a 31 35 | 32 35 20 32 35 30 30 30 | CS:15|25 25000|
|000020d0| 31 20 20 20 20 20 20 20 | 20 20 41 4e 44 20 20 20 |1 | AND |
|000020e0| 20 41 58 2c 30 31 30 30 | 0a 20 20 20 20 20 43 53 | AX,0100|. CS|
|000020f0| 3a 31 35 32 38 20 37 34 | 30 32 20 20 20 20 20 20 |:1528 74|02 |
|00002100| 20 20 20 20 20 4a 5a 20 | 20 20 20 20 31 35 32 43 | JZ | 152C|
|00002110| 0a 20 20 20 20 20 43 53 | 3a 31 35 32 41 20 43 44 |. CS|:152A CD|
|00002120| 32 30 20 20 20 20 20 20 | 20 20 20 20 20 49 4e 54 |20 | INT|
|00002130| 20 20 20 20 32 30 0a 0a | 31 2e 35 2e 20 43 61 75 | 20..|1.5. Cau|
|00002140| 73 65 20 64 65 62 75 67 | 67 65 72 20 74 6f 20 73 |se debug|ger to s|
|00002150| 74 6f 70 20 65 78 65 63 | 75 74 69 6f 6e 3a 0a 0a |top exec|ution:..|
|00002160| 20 20 20 20 20 20 20 54 | 68 69 73 20 69 73 20 61 | T|his is a|
|00002170| 20 74 65 63 68 6e 69 71 | 75 65 20 74 68 61 74 20 | techniq|ue that |
|00002180| 63 61 75 73 65 73 20 61 | 20 64 65 62 75 67 67 65 |causes a| debugge|
|00002190| 72 20 74 6f 20 73 74 6f | 70 20 74 68 65 20 65 78 |r to sto|p the ex|
|000021a0| 65 63 75 74 69 6f 6e 20 | 6f 66 20 61 0a 20 20 20 |ecution |of a. |
|000021b0| 20 20 63 65 72 74 61 69 | 6e 20 70 72 6f 67 72 61 | certai|n progra|
|000021c0| 6d 2e 20 57 68 61 74 20 | 79 6f 75 20 6e 65 65 64 |m. What |you need|
|000021d0| 20 74 6f 20 64 6f 20 69 | 73 20 74 6f 20 70 75 74 | to do i|s to put|
|000021e0| 20 73 6f 6d 65 20 49 4e | 54 20 33 20 69 6e 73 74 | some IN|T 3 inst|
|000021f0| 72 75 63 74 69 6f 6e 73 | 0a 20 20 20 20 20 6f 76 |ructions|. ov|
|00002200| 65 72 20 74 68 65 20 63 | 6f 64 65 2c 20 61 74 20 |er the c|ode, at |
|00002210| 72 61 6e 64 6f 6d 20 70 | 6c 61 63 65 73 2c 20 61 |random p|laces, a|
|00002220| 6e 64 20 61 6e 79 20 64 | 65 62 75 67 67 65 72 20 |nd any d|ebugger |
|00002230| 74 72 79 69 6e 67 20 74 | 6f 20 72 75 6e 20 77 69 |trying t|o run wi|
|00002240| 6c 6c 20 73 74 6f 70 0a | 20 20 20 20 20 74 68 65 |ll stop.| the|
|00002250| 72 65 2e 20 49 74 20 69 | 73 20 62 65 73 74 20 69 |re. It i|s best i|
|00002260| 66 20 75 73 65 64 20 77 | 69 74 68 69 6e 20 61 20 |f used w|ithin a |
|00002270| 6c 6f 6f 70 2c 20 61 73 | 20 69 74 20 69 73 20 72 |loop, as| it is r|
|00002280| 75 6e 20 73 65 76 65 72 | 61 6c 20 74 69 6d 65 73 |un sever|al times|
|00002290| 2e 0a 0a 20 20 20 20 20 | 45 78 61 6d 70 6c 65 3a |... |Example:|
|000022a0| 0a 0a 20 20 20 20 20 43 | 53 3a 30 31 30 30 20 42 |.. C|S:0100 B|
|000022b0| 39 36 34 30 32 20 20 20 | 20 20 20 20 20 20 4d 4f |96402 | MO|
|000022c0| 56 20 20 20 20 43 58 2c | 30 32 36 34 0a 20 20 20 |V CX,|0264. |
|000022d0| 20 20 43 53 3a 30 31 30 | 33 20 42 45 31 30 30 31 | CS:010|3 BE1001|
|000022e0| 20 20 20 20 20 20 20 20 | 20 4d 4f 56 20 20 20 20 | | MOV |
|000022f0| 53 49 2c 30 31 31 30 0a | 20 20 20 20 20 43 53 3a |SI,0110.| CS:|
|00002300| 30 31 30 36 20 41 43 20 | 20 20 20 20 20 20 20 20 |0106 AC | |
|00002310| 20 20 20 20 4c 4f 44 53 | 42 0a 20 20 20 20 20 43 | LODS|B. C|
|00002320| 53 3a 30 31 30 37 20 43 | 43 20 20 20 20 20 20 20 |S:0107 C|C |
|00002330| 20 20 20 20 20 20 49 4e | 54 20 20 20 20 33 0a 20 | IN|T 3. |
|00002340| 20 20 20 20 43 53 3a 30 | 31 30 38 20 39 38 20 20 | CS:0|108 98 |
|00002350| 20 20 20 20 20 20 20 20 | 20 20 20 43 42 57 0a 20 | | CBW. |
|00002360| 20 20 20 20 43 53 3a 30 | 31 30 39 20 30 31 43 33 | CS:0|109 01C3|
|00002370| 20 20 20 20 20 20 20 20 | 20 20 20 41 44 44 20 20 | | ADD |
|00002380| 20 20 42 58 2c 41 58 0a | 20 20 20 20 20 43 53 3a | BX,AX.| CS:|
|00002390| 30 31 30 42 20 45 32 46 | 39 20 20 20 20 20 20 20 |010B E2F|9 |
|000023a0| 20 20 20 20 4c 4f 4f 50 | 20 20 20 30 31 30 36 0a | LOOP| 0106.|
|000023b0| 0a 31 2e 36 2e 20 48 61 | 6c 74 20 63 6f 6d 70 75 |.1.6. Ha|lt compu|
|000023c0| 74 65 72 20 75 73 69 6e | 67 20 73 74 61 63 6b 3a |ter usin|g stack:|
|000023d0| 0a 0a 20 20 20 20 20 20 | 20 54 68 69 73 20 74 72 |.. | This tr|
|000023e0| 69 63 6b 20 69 73 20 62 | 61 73 65 64 20 6f 6e 20 |ick is b|ased on |
|000023f0| 74 68 65 20 66 61 63 74 | 20 74 68 61 74 20 64 65 |the fact| that de|
|00002400| 62 75 67 67 65 72 73 20 | 64 6f 6e 27 74 20 75 73 |buggers |don't us|
|00002410| 75 61 6c 6c 79 20 75 73 | 65 20 61 0a 20 20 20 20 |ually us|e a. |
|00002420| 20 73 74 61 63 6b 20 73 | 70 61 63 65 20 6f 66 20 | stack s|pace of |
|00002430| 74 68 65 69 72 20 6f 77 | 6e 2c 20 62 75 74 20 72 |their ow|n, but r|
|00002440| 61 74 68 65 72 20 74 68 | 65 20 75 73 65 72 20 70 |ather th|e user p|
|00002450| 72 6f 67 72 61 6d 27 73 | 20 73 74 61 63 6b 20 73 |rogram's| stack s|
|00002460| 70 61 63 65 2e 20 42 79 | 0a 20 20 20 20 20 73 65 |pace. By|. se|
|00002470| 74 74 69 6e 67 20 74 68 | 65 20 73 74 61 63 6b 20 |tting th|e stack |
|00002480| 74 6f 20 61 20 6c 6f 63 | 61 74 69 6f 6e 20 69 6e |to a loc|ation in|
|00002490| 20 74 68 65 20 6d 69 64 | 64 6c 65 20 6f 66 20 61 | the mid|dle of a|
|000024a0| 20 63 6f 64 65 20 74 68 | 61 74 20 64 6f 65 73 20 | code th|at does |
|000024b0| 4e 4f 54 20 75 73 65 0a | 20 20 20 20 20 74 68 65 |NOT use.| the|
|000024c0| 20 73 74 61 63 6b 20 69 | 74 73 65 6c 66 2c 20 61 | stack i|tself, a|
|000024d0| 6e 79 20 64 65 62 75 67 | 67 65 72 20 74 68 61 74 |ny debug|ger that|
|000024e0| 20 77 69 6c 6c 20 74 72 | 79 20 74 6f 20 74 72 61 | will tr|y to tra|
|000024f0| 63 65 20 74 68 65 20 63 | 6f 64 65 20 77 69 6c 6c |ce the c|ode will|
|00002500| 0a 20 20 20 20 20 6f 76 | 65 72 77 72 69 74 65 20 |. ov|erwrite |
|00002510| 73 6f 6d 65 20 6f 66 20 | 74 68 65 20 63 6f 64 65 |some of |the code|
|00002520| 20 62 79 20 69 74 73 20 | 6f 77 6e 20 73 74 61 63 | by its |own stac|
|00002530| 6b 20 28 6d 61 69 6e 6c | 79 20 69 6e 74 65 72 72 |k (mainl|y interr|
|00002540| 75 70 74 20 72 65 74 75 | 72 6e 0a 20 20 20 20 20 |upt retu|rn. |
|00002550| 61 64 64 72 65 73 73 65 | 73 29 2e 20 41 67 61 69 |addresse|s). Agai|
|00002560| 6e 2c 20 43 4c 49 20 61 | 6e 64 20 53 54 49 20 61 |n, CLI a|nd STI a|
|00002570| 72 65 20 69 6e 20 6f 72 | 64 65 72 2c 20 61 6e 64 |re in or|der, and|
|00002580| 20 61 72 65 20 6e 6f 74 | 20 73 68 6f 77 6e 20 66 | are not| shown f|
|00002590| 6f 72 20 74 68 65 0a 20 | 20 20 20 20 70 75 72 70 |or the. | purp|
|000025a0| 6f 73 65 20 6f 66 20 74 | 68 65 20 65 78 61 6d 70 |ose of t|he examp|
|000025b0| 6c 65 20 6f 6e 6c 79 2e | 20 54 68 65 79 20 6d 75 |le only.| They mu|
|000025c0| 73 74 20 62 65 20 69 6e | 63 6c 75 64 65 64 2c 20 |st be in|cluded, |
|000025d0| 6f 72 20 79 6f 75 20 72 | 69 73 6b 20 68 61 6e 67 |or you r|isk hang|
|000025e0| 69 6e 67 0a 20 20 20 20 | 20 79 6f 75 72 20 63 6f |ing. | your co|
|000025f0| 6d 70 75 74 65 72 20 77 | 65 74 68 65 72 20 61 20 |mputer w|ether a |
|00002600| 64 65 62 75 67 67 65 72 | 20 69 73 20 69 6e 73 74 |debugger| is inst|
|00002610| 61 6c 6c 65 64 20 6f 72 | 20 6e 6f 74 2e 0a 0a 20 |alled or| not... |
|00002620| 20 20 20 20 45 78 61 6d | 70 6c 65 3a 0a 0a 20 20 | Exam|ple:.. |
|00002630| 20 20 20 43 53 3a 30 31 | 30 30 20 38 43 44 30 20 | CS:01|00 8CD0 |
|00002640| 20 20 20 20 20 20 20 20 | 20 20 4d 4f 56 20 20 20 | | MOV |
|00002650| 20 41 58 2c 53 53 0a 20 | 20 20 20 20 43 53 3a 30 | AX,SS. | CS:0|
|00002660| 31 30 32 20 38 39 45 33 | 20 20 20 20 20 20 20 20 |102 89E3| |
|00002670| 20 20 20 4d 4f 56 20 20 | 20 20 42 58 2c 53 50 0a | MOV | BX,SP.|
|00002680| 20 20 20 20 20 43 53 3a | 30 31 30 34 20 30 45 20 | CS:|0104 0E |
|00002690| 20 20 20 20 20 20 20 20 | 20 20 20 20 50 55 53 48 | | PUSH|
|000026a0| 20 20 20 43 53 0a 20 20 | 20 20 20 43 53 3a 30 31 | CS. | CS:01|
|000026b0| 30 35 20 31 37 20 20 20 | 20 20 20 20 20 20 20 20 |05 17 | |
|000026c0| 20 20 50 4f 50 20 20 20 | 20 53 53 0a 20 20 20 20 | POP | SS. |
|000026d0| 20 43 53 3a 30 31 30 36 | 20 42 43 30 42 30 31 20 | CS:0106| BC0B01 |
|000026e0| 20 20 20 20 20 20 20 20 | 4d 4f 56 20 20 20 20 53 | |MOV S|
|000026f0| 50 2c 30 31 30 42 0a 20 | 20 20 20 20 43 53 3a 30 |P,010B. | CS:0|
|00002700| 31 30 39 20 39 30 20 20 | 20 20 20 20 20 20 20 20 |109 90 | |
|00002710| 20 20 20 4e 4f 50 0a 20 | 20 20 20 20 43 53 3a 30 | NOP. | CS:0|
|00002720| 31 30 41 20 39 30 20 20 | 20 20 20 20 20 20 20 20 |10A 90 | |
|00002730| 20 20 20 4e 4f 50 0a 20 | 20 20 20 20 43 53 3a 30 | NOP. | CS:0|
|00002740| 31 30 42 20 45 42 30 32 | 20 20 20 20 20 20 20 20 |10B EB02| |
|00002750| 20 20 20 4a 4d 50 20 20 | 20 20 30 31 30 46 0a 20 | JMP | 010F. |
|00002760| 20 20 20 20 43 53 3a 30 | 31 30 44 20 39 30 20 20 | CS:0|10D 90 |
|00002770| 20 20 20 20 20 20 20 20 | 20 20 20 4e 4f 50 0a 20 | | NOP. |
|00002780| 20 20 20 20 43 53 3a 30 | 31 30 45 20 39 30 20 20 | CS:0|10E 90 |
|00002790| 20 20 20 20 20 20 20 20 | 20 20 20 4e 4f 50 0a 20 | | NOP. |
|000027a0| 20 20 20 20 43 53 3a 30 | 31 30 46 20 38 39 44 43 | CS:0|10F 89DC|
|000027b0| 20 20 20 20 20 20 20 20 | 20 20 20 4d 4f 56 20 20 | | MOV |
|000027c0| 20 20 53 50 2c 42 58 0a | 20 20 20 20 20 43 53 3a | SP,BX.| CS:|
|000027d0| 30 31 31 31 20 38 45 44 | 30 20 20 20 20 20 20 20 |0111 8ED|0 |
|000027e0| 20 20 20 20 4d 4f 56 20 | 20 20 20 53 53 2c 41 58 | MOV | SS,AX|
|000027f0| 0a 0a 31 2e 37 2e 20 48 | 61 6c 74 20 54 44 33 38 |..1.7. H|alt TD38|
|00002800| 36 20 56 38 30 38 36 20 | 6d 6f 64 65 3a 0a 0a 20 |6 V8086 |mode:.. |
|00002810| 20 20 20 20 20 20 54 68 | 69 73 20 69 73 20 61 20 | Th|is is a |
|00002820| 6e 69 63 65 20 77 61 79 | 20 74 6f 20 66 6f 6f 6c |nice way| to fool|
|00002830| 20 54 75 72 62 6f 20 44 | 65 62 75 67 67 65 72 27 | Turbo D|ebugger'|
|00002840| 73 20 56 38 30 38 36 20 | 6d 6f 64 75 6c 65 20 28 |s V8086 |module (|
|00002850| 54 44 33 38 36 29 2e 20 | 49 74 20 69 73 0a 20 20 |TD386). |It is. |
|00002860| 20 20 20 62 61 73 65 64 | 20 6f 6e 20 74 68 65 20 | based| on the |
|00002870| 66 61 63 74 20 74 68 61 | 74 20 54 44 33 38 36 20 |fact tha|t TD386 |
|00002880| 64 6f 65 73 20 6e 6f 74 | 20 75 73 65 20 49 4e 54 |does not| use INT|
|00002890| 20 30 30 68 20 74 6f 20 | 64 65 74 65 63 74 20 64 | 00h to |detect d|
|000028a0| 69 76 69 73 69 6f 6e 20 | 62 79 0a 20 20 20 20 20 |ivision |by. |
|000028b0| 7a 65 72 6f 20 28 6f 72 | 20 72 65 67 69 73 74 65 |zero (or| registe|
|000028c0| 72 20 6f 76 65 72 72 75 | 6e 20 61 66 74 65 72 20 |r overru|n after |
|000028d0| 64 69 76 69 73 69 6f 6e | 2c 20 77 68 69 63 68 20 |division|, which |
|000028e0| 69 73 20 74 72 65 61 74 | 65 64 20 62 79 20 74 68 |is treat|ed by th|
|000028f0| 65 0a 20 20 20 20 20 70 | 72 6f 63 65 73 73 6f 72 |e. p|rocessor|
|00002900| 20 69 6e 20 74 68 65 20 | 73 61 6d 65 20 77 61 79 | in the |same way|
|00002910| 20 61 73 20 69 6e 20 74 | 68 65 20 63 61 73 65 20 | as in t|he case |
|00002920| 6f 66 20 64 69 76 69 73 | 69 6f 6e 20 62 79 20 7a |of divis|ion by z|
|00002930| 65 72 6f 29 2e 20 57 68 | 65 6e 20 54 44 33 38 36 |ero). Wh|en TD386|
|00002940| 0a 20 20 20 20 20 64 65 | 74 65 63 74 73 20 61 20 |. de|tects a |
|00002950| 64 69 76 69 73 69 6f 6e | 20 66 61 75 6c 74 2c 20 |division| fault, |
|00002960| 69 74 20 61 62 6f 72 74 | 73 2c 20 72 65 70 6f 72 |it abort|s, repor|
|00002970| 74 69 6e 67 20 61 62 6f | 75 74 20 74 68 65 20 66 |ting abo|ut the f|
|00002980| 61 75 6c 74 79 20 64 69 | 76 69 73 69 6f 6e 2e 0a |aulty di|vision..|
|00002990| 20 20 20 20 20 49 6e 20 | 72 65 61 6c 20 6d 6f 64 | In |real mod|
|000029a0| 65 20 28 65 76 65 6e 20 | 75 6e 64 65 72 20 61 20 |e (even |under a |
|000029b0| 72 65 67 75 6c 61 72 20 | 64 65 62 75 67 67 65 72 |regular |debugger|
|000029c0| 29 2c 20 61 20 66 61 75 | 6c 74 79 20 44 49 56 20 |), a fau|lty DIV |
|000029d0| 69 6e 73 74 72 75 63 74 | 69 6f 6e 0a 20 20 20 20 |instruct|ion. |
|000029e0| 20 77 69 6c 6c 20 63 61 | 75 73 65 20 49 4e 54 20 | will ca|use INT |
|000029f0| 30 30 68 20 74 6f 20 62 | 65 20 63 61 6c 6c 65 64 |00h to b|e called|
|00002a00| 2e 20 54 68 65 72 65 66 | 6f 72 65 2c 20 70 6f 69 |. Theref|ore, poi|
|00002a10| 6e 74 69 6e 67 20 49 4e | 54 20 30 30 68 20 74 6f |nting IN|T 00h to|
|00002a20| 20 74 68 65 20 6e 65 78 | 74 0a 20 20 20 20 20 69 | the nex|t. i|
|00002a30| 6e 73 74 72 75 63 74 69 | 6f 6e 2c 20 77 69 6c 6c |nstructi|on, will|
|00002a40| 20 72 65 63 6f 76 65 72 | 20 66 72 6f 6d 20 74 68 | recover| from th|
|00002a50| 65 20 66 61 75 6c 74 79 | 20 44 49 56 2e 0a 0a 20 |e faulty| DIV... |
|00002a60| 20 20 20 20 4e 6f 74 65 | 3a 20 49 74 20 69 73 20 | Note|: It is |
|00002a70| 76 65 72 79 20 69 6d 70 | 6f 72 74 61 6e 74 20 74 |very imp|ortant t|
|00002a80| 6f 20 72 65 73 74 6f 72 | 65 20 49 4e 54 20 30 30 |o restor|e INT 00|
|00002a90| 68 27 73 20 76 65 63 74 | 6f 72 2e 20 4f 74 68 65 |h's vect|or. Othe|
|00002aa0| 72 77 69 73 65 2c 20 74 | 68 65 0a 20 20 20 20 20 |rwise, t|he. |
|00002ab0| 6e 65 78 74 20 63 61 6c | 6c 20 74 6f 20 49 4e 54 |next cal|l to INT|
|00002ac0| 20 30 30 68 20 77 69 6c | 6c 20 63 61 75 73 65 20 | 00h wil|l cause |
|00002ad0| 74 68 65 20 6d 61 63 68 | 69 6e 65 20 74 6f 20 68 |the mach|ine to h|
|00002ae0| 61 6e 67 2e 0a 0a 20 20 | 20 20 20 45 78 61 6d 70 |ang... | Examp|
|00002af0| 6c 65 3a 0a 0a 20 20 20 | 20 20 43 53 3a 30 31 30 |le:.. | CS:010|
|00002b00| 30 20 33 31 43 30 20 20 | 20 20 20 20 20 20 20 20 |0 31C0 | |
|00002b10| 58 4f 52 20 20 20 20 20 | 41 58 2c 41 58 0a 20 20 |XOR |AX,AX. |
|00002b20| 20 20 20 43 53 3a 30 31 | 30 32 20 38 45 44 38 20 | CS:01|02 8ED8 |
|00002b30| 20 20 20 20 20 20 20 20 | 20 4d 4f 56 20 20 20 20 | | MOV |
|00002b40| 20 44 53 2c 41 58 0a 20 | 20 20 20 20 43 53 3a 30 | DS,AX. | CS:0|
|00002b50| 31 30 34 20 43 37 30 36 | 30 30 30 30 31 32 30 31 |104 C706|00001201|
|00002b60| 20 20 4d 4f 56 20 20 20 | 20 20 57 4f 52 44 20 50 | MOV | WORD P|
|00002b70| 54 52 20 5b 30 30 30 30 | 5d 2c 30 31 31 32 0a 20 |TR [0000|],0112. |
|00002b80| 20 20 20 20 43 53 3a 30 | 31 30 41 20 38 43 30 45 | CS:0|10A 8C0E|
|00002b90| 30 32 30 30 20 20 20 20 | 20 20 4d 4f 56 20 20 20 |0200 | MOV |
|00002ba0| 20 20 5b 30 30 30 32 5d | 2c 43 53 0a 20 20 20 20 | [0002]|,CS. |
|00002bb0| 20 43 53 3a 30 31 30 45 | 20 42 34 30 30 20 20 20 | CS:010E| B400 |
|00002bc0| 20 20 20 20 20 20 20 4d | 4f 56 20 20 20 20 20 41 | M|OV A|
|00002bd0| 48 2c 30 30 0a 20 20 20 | 20 20 43 53 3a 30 31 31 |H,00. | CS:011|
|00002be0| 30 20 46 36 46 34 20 20 | 20 20 20 20 20 20 20 20 |0 F6F4 | |
|00002bf0| 44 49 56 20 20 20 20 20 | 41 48 0a 20 20 20 20 20 |DIV |AH. |
|00002c00| 43 53 3a 30 31 31 32 20 | 42 38 30 30 34 43 20 20 |CS:0112 |B8004C |
|00002c10| 20 20 20 20 20 20 4d 4f | 56 20 20 20 20 20 41 58 | MO|V AX|
|00002c20| 2c 34 43 30 30 0a 20 20 | 20 20 20 43 53 3a 30 31 |,4C00. | CS:01|
|00002c30| 31 35 20 43 44 32 31 20 | 20 20 20 20 20 20 20 20 |15 CD21 | |
|00002c40| 20 49 4e 54 20 20 20 20 | 20 32 31 0a 0a 31 2e 38 | INT | 21..1.8|
|00002c50| 2e 20 48 61 6c 74 20 61 | 6e 79 20 56 38 30 38 36 |. Halt a|ny V8086|
|00002c60| 20 70 72 6f 63 65 73 73 | 3a 0a 0a 20 20 20 20 20 | process|:.. |
|00002c70| 20 20 41 6e 6f 74 68 65 | 72 20 77 61 79 20 6f 66 | Anothe|r way of|
|00002c80| 20 6d 65 73 73 69 6e 67 | 20 54 44 33 38 36 20 69 | messing| TD386 i|
|00002c90| 73 20 66 6f 6f 6c 69 6e | 67 20 69 74 20 69 6e 74 |s foolin|g it int|
|00002ca0| 6f 20 61 6e 20 65 78 63 | 65 70 74 69 6f 6e 2e 0a |o an exc|eption..|
|00002cb0| 20 20 20 20 20 55 6e 66 | 6f 72 74 75 6e 61 74 65 | Unf|ortunate|
|00002cc0| 6c 79 2c 20 74 68 69 73 | 20 65 78 63 65 70 74 69 |ly, this| excepti|
|00002cd0| 6f 6e 20 77 69 6c 6c 20 | 61 6c 73 6f 20 62 65 20 |on will |also be |
|00002ce0| 67 65 6e 65 72 61 74 65 | 64 20 75 6e 64 65 72 20 |generate|d under |
|00002cf0| 61 6e 79 20 6f 74 68 65 | 72 0a 20 20 20 20 20 70 |any othe|r. p|
|00002d00| 72 6f 67 72 61 6d 2c 20 | 72 75 6e 6e 69 6e 67 20 |rogram, |running |
|00002d10| 61 74 20 56 38 30 38 36 | 20 6d 6f 64 65 2e 20 54 |at V8086| mode. T|
|00002d20| 68 65 20 65 78 63 65 70 | 74 69 6f 6e 20 69 73 20 |he excep|tion is |
|00002d30| 65 78 63 65 70 74 69 6f | 6e 20 23 31 33 2c 20 61 |exceptio|n #13, a|
|00002d40| 6e 64 20 69 74 73 0a 20 | 20 20 20 20 69 73 73 75 |nd its. | issu|
|00002d50| 65 64 20 69 6e 74 65 72 | 72 75 70 74 20 69 73 20 |ed inter|rupt is |
|00002d60| 49 4e 54 20 30 44 68 20 | 2d 20 31 33 64 2e 20 54 |INT 0Dh |- 13d. T|
|00002d70| 68 65 20 69 64 65 61 20 | 69 73 20 76 65 72 79 20 |he idea |is very |
|00002d80| 73 69 6d 69 6c 61 72 20 | 74 6f 20 74 68 65 0a 20 |similar |to the. |
|00002d90| 20 20 20 20 64 69 76 69 | 64 65 20 62 79 20 7a 65 | divi|de by ze|
|00002da0| 72 6f 20 74 72 69 63 6b | 3a 20 43 61 75 73 69 6e |ro trick|: Causin|
|00002db0| 67 20 61 6e 20 65 78 63 | 65 70 74 69 6f 6e 2c 20 |g an exc|eption, |
|00002dc0| 77 68 65 6e 20 74 68 65 | 20 65 78 63 65 70 74 69 |when the| excepti|
|00002dd0| 6f 6e 20 69 6e 74 65 72 | 72 75 70 74 0a 20 20 20 |on inter|rupt. |
|00002de0| 20 20 70 6f 69 6e 74 73 | 20 74 6f 20 73 6f 6d 65 | points| to some|
|00002df0| 77 68 65 72 65 20 69 6e | 20 74 68 65 20 70 72 6f |where in| the pro|
|00002e00| 67 72 61 6d 27 73 20 63 | 6f 64 65 2e 20 49 74 20 |gram's c|ode. It |
|00002e10| 77 69 6c 6c 20 61 6c 77 | 61 79 73 20 77 6f 72 6b |will alw|ays work|
|00002e20| 20 77 68 65 6e 20 74 68 | 65 0a 20 20 20 20 20 6d | when th|e. m|
|00002e30| 61 63 68 69 6e 65 20 69 | 73 20 72 75 6e 6e 69 6e |achine i|s runnin|
|00002e40| 67 20 69 6e 20 72 65 61 | 6c 20 6d 6f 64 65 2c 20 |g in rea|l mode, |
|00002e50| 62 75 74 20 6e 65 76 65 | 72 20 75 6e 64 65 72 20 |but neve|r under |
|00002e60| 74 68 65 20 56 38 30 38 | 36 20 6d 6f 64 65 2e 0a |the V808|6 mode..|
|00002e70| 0a 20 20 20 20 20 4e 6f | 74 65 3a 20 49 74 20 69 |. No|te: It i|
|00002e80| 73 20 76 65 72 79 20 69 | 6d 70 6f 72 74 61 6e 74 |s very i|mportant|
|00002e90| 20 74 6f 20 72 65 73 74 | 6f 72 65 20 74 68 65 20 | to rest|ore the |
|00002ea0| 6f 72 69 67 69 6e 61 6c | 20 69 6e 74 65 72 72 75 |original| interru|
|00002eb0| 70 74 20 76 65 63 74 6f | 72 73 2e 0a 20 20 20 20 |pt vecto|rs.. |
|00002ec0| 20 4f 74 68 65 72 77 69 | 73 65 2c 20 74 68 65 20 | Otherwi|se, the |
|00002ed0| 6e 65 78 74 20 65 78 63 | 65 70 74 69 6f 6e 20 77 |next exc|eption w|
|00002ee0| 69 6c 6c 20 68 61 6e 67 | 20 74 68 65 20 6d 61 63 |ill hang| the mac|
|00002ef0| 68 69 6e 65 2e 0a 0a 20 | 20 20 20 20 45 78 61 6d |hine... | Exam|
|00002f00| 70 6c 65 3a 0a 0a 20 20 | 20 20 20 43 53 3a 30 31 |ple:.. | CS:01|
|00002f10| 30 30 20 33 31 43 30 20 | 20 20 20 20 20 20 20 20 |00 31C0 | |
|00002f20| 20 58 4f 52 20 20 20 20 | 20 41 58 2c 41 58 0a 20 | XOR | AX,AX. |
|00002f30| 20 20 20 20 43 53 3a 30 | 31 30 32 20 38 45 44 38 | CS:0|102 8ED8|
|00002f40| 20 20 20 20 20 20 20 20 | 20 20 4d 4f 56 20 20 20 | | MOV |
|00002f50| 20 20 44 53 2c 41 58 0a | 20 20 20 20 20 43 53 3a | DS,AX.| CS:|
|00002f60| 30 31 30 34 20 43 37 30 | 36 33 34 30 30 31 33 30 |0104 C70|63400130|
|00002f70| 31 20 20 4d 4f 56 20 20 | 20 20 20 57 4f 52 44 20 |1 MOV | WORD |
|00002f80| 50 54 52 20 5b 30 30 33 | 34 5d 2c 30 31 31 33 0a |PTR [003|4],0113.|
|00002f90| 20 20 20 20 20 43 53 3a | 30 31 30 41 20 38 43 30 | CS:|010A 8C0|
|00002fa0| 45 33 36 30 30 20 20 20 | 20 20 20 4d 4f 56 20 20 |E3600 | MOV |
|00002fb0| 20 20 20 5b 30 30 33 36 | 5d 2c 43 53 0a 20 20 20 | [0036|],CS. |
|00002fc0| 20 20 43 53 3a 30 31 30 | 45 20 38 33 33 45 46 46 | CS:010|E 833EFF|
|00002fd0| 46 46 30 30 20 20 20 20 | 43 4d 50 20 20 20 20 20 |FF00 |CMP |
|00002fe0| 57 4f 52 44 20 50 54 52 | 20 5b 46 46 46 46 5d 2c |WORD PTR| [FFFF],|
|00002ff0| 2b 30 30 0a 20 20 20 20 | 20 43 53 3a 30 31 31 33 |+00. | CS:0113|
|00003000| 20 42 38 30 30 34 43 20 | 20 20 20 20 20 20 20 4d | B8004C | M|
|00003010| 4f 56 20 20 20 20 20 41 | 58 2c 34 43 30 30 0a 20 |OV A|X,4C00. |
|00003020| 20 20 20 20 43 53 3a 30 | 31 31 36 20 43 44 32 31 | CS:0|116 CD21|
|00003030| 20 20 20 20 20 20 20 20 | 20 20 49 4e 54 20 20 20 | | INT |
|00003040| 20 20 32 31 0a 0a 32 2e | 20 53 65 6c 66 2d 6d 6f | 21..2.| Self-mo|
|00003050| 64 69 66 79 69 6e 67 20 | 63 6f 64 65 3a 0a 2d 2d |difying |code:.--|
|00003060| 2d 2d 2d 2d 2d 2d 2d 2d | 2d 2d 2d 2d 2d 2d 2d 2d |--------|--------|
|00003070| 2d 2d 2d 2d 2d 0a 0a 32 | 2e 31 2e 20 45 6e 63 72 |-----..2|.1. Encr|
|00003080| 79 70 74 69 76 65 2f 64 | 65 63 72 79 70 74 69 76 |yptive/d|ecryptiv|
|00003090| 65 20 61 6c 67 6f 72 69 | 74 68 6d 3a 0a 0a 20 20 |e algori|thm:.. |
|000030a0| 20 20 20 20 20 54 68 65 | 20 66 69 72 73 74 20 63 | The| first c|
|000030b0| 61 74 65 67 6f 72 79 20 | 69 73 20 73 69 6d 70 6c |ategory |is simpl|
|000030c0| 79 20 61 20 63 6f 64 65 | 2c 20 74 68 61 74 20 68 |y a code|, that h|
|000030d0| 61 73 20 62 65 65 6e 20 | 65 6e 63 72 79 70 74 65 |as been |encrypte|
|000030e0| 64 2c 20 61 6e 64 20 68 | 61 73 0a 20 20 20 20 20 |d, and h|as. |
|000030f0| 62 65 65 6e 20 61 64 64 | 65 64 20 61 20 64 65 63 |been add|ed a dec|
|00003100| 72 79 70 74 69 6f 6e 20 | 72 6f 75 74 69 6e 65 2e |ryption |routine.|
|00003110| 20 54 68 65 20 74 72 69 | 63 6b 20 68 65 72 65 20 | The tri|ck here |
|00003120| 69 73 20 74 68 61 74 20 | 77 68 65 6e 20 61 20 64 |is that |when a d|
|00003130| 65 62 75 67 67 65 72 0a | 20 20 20 20 20 73 65 74 |ebugger.| set|
|00003140| 73 20 75 70 20 61 20 62 | 72 65 61 6b 70 6f 69 6e |s up a b|reakpoin|
|00003150| 74 2c 20 69 74 20 73 69 | 6d 70 6c 79 20 70 6c 61 |t, it si|mply pla|
|00003160| 63 65 73 20 74 68 65 20 | 6f 70 63 6f 64 65 20 43 |ces the |opcode C|
|00003170| 43 68 20 28 49 4e 54 20 | 30 33 68 29 20 69 6e 20 |Ch (INT |03h) in |
|00003180| 74 68 65 0a 20 20 20 20 | 20 64 65 73 69 72 65 64 |the. | desired|
|00003190| 20 61 64 64 72 65 73 73 | 2c 20 61 6e 64 20 6f 6e | address|, and on|
|000031a0| 63 65 20 74 68 61 74 20 | 69 6e 74 65 72 72 75 70 |ce that |interrup|
|000031b0| 74 20 69 73 20 65 78 65 | 63 75 74 65 64 2c 20 74 |t is exe|cuted, t|
|000031c0| 68 65 20 64 65 62 75 67 | 67 65 72 0a 20 20 20 20 |he debug|ger. |
|000031d0| 20 72 65 67 61 69 6e 73 | 20 63 6f 6e 74 72 6f 6c | regains| control|
|000031e0| 20 6f 66 20 74 68 69 6e | 67 73 2e 20 49 66 20 79 | of thin|gs. If y|
|000031f0| 6f 75 20 74 72 79 20 74 | 6f 20 73 65 74 20 61 20 |ou try t|o set a |
|00003200| 62 72 65 61 6b 70 6f 69 | 6e 74 20 41 46 54 45 52 |breakpoi|nt AFTER|
|00003210| 20 74 68 65 0a 20 20 20 | 20 20 64 65 63 72 79 70 | the. | decryp|
|00003220| 74 69 6f 6e 20 61 6c 67 | 6f 72 69 74 68 6d 2c 20 |tion alg|orithm, |
|00003230| 77 68 61 74 20 69 73 20 | 75 73 75 61 6c 6c 79 20 |what is |usually |
|00003240| 6e 65 65 64 65 64 2c 20 | 79 6f 75 20 77 69 6c 6c |needed, |you will|
|00003250| 20 65 6e 64 20 75 70 20 | 70 75 74 74 69 6e 67 20 | end up |putting |
|00003260| 61 6e 0a 20 20 20 20 20 | 6f 70 63 6f 64 65 20 43 |an. |opcode C|
|00003270| 43 68 20 69 6e 20 61 20 | 70 6c 61 63 65 20 77 68 |Ch in a |place wh|
|00003280| 65 72 65 20 64 65 63 72 | 79 70 74 69 76 65 20 61 |ere decr|yptive a|
|00003290| 63 74 69 6f 6e 73 20 61 | 72 65 20 74 61 6b 65 6e |ctions a|re taken|
|000032a0| 2c 20 74 68 65 72 65 66 | 6f 72 65 20 6c 6f 73 69 |, theref|ore losi|
|000032b0| 6e 67 0a 20 20 20 20 20 | 79 6f 75 72 20 6f 72 69 |ng. |your ori|
|000032c0| 67 69 6e 61 6c 20 43 43 | 68 20 69 6e 20 66 61 76 |ginal CC|h in fav|
|000032d0| 6f 75 72 20 6f 66 20 77 | 68 61 74 65 76 65 72 20 |our of w|hatever |
|000032e0| 74 68 65 20 64 65 63 72 | 79 70 74 69 6f 6e 20 61 |the decr|yption a|
|000032f0| 6c 67 6f 72 69 74 68 6d | 20 70 72 6f 64 75 63 65 |lgorithm| produce|
|00003300| 73 2e 0a 20 20 20 20 20 | 54 68 65 20 66 6f 6c 6c |s.. |The foll|
|00003310| 6f 77 69 6e 67 20 65 78 | 61 6d 70 6c 65 20 77 61 |owing ex|ample wa|
|00003320| 73 20 65 78 74 72 61 63 | 74 65 64 20 66 72 6f 6d |s extrac|ted from|
|00003330| 20 74 68 65 20 48 61 69 | 66 61 20 76 69 72 75 73 | the Hai|fa virus|
|00003340| 2e 20 49 66 20 79 6f 75 | 20 74 72 79 20 74 6f 0a |. If you| try to.|
|00003350| 20 20 20 20 20 73 65 74 | 20 61 20 62 72 65 61 6b | set| a break|
|00003360| 70 6f 69 6e 74 20 61 74 | 20 61 64 64 72 65 73 73 |point at| address|
|00003370| 20 43 53 3a 30 31 31 30 | 2c 20 79 6f 75 20 77 69 | CS:0110|, you wi|
|00003380| 6c 6c 20 6e 65 76 65 72 | 20 72 65 61 63 68 20 74 |ll never| reach t|
|00003390| 68 61 74 20 61 64 64 72 | 65 73 73 2c 0a 20 20 20 |hat addr|ess,. |
|000033a0| 20 20 73 69 6e 63 65 20 | 74 68 65 72 65 20 69 73 | since |there is|
|000033b0| 20 6e 6f 20 77 61 79 20 | 74 6f 20 6b 6e 6f 77 20 | no way |to know |
|000033c0| 77 68 61 74 20 77 69 6c | 6c 20 72 65 73 75 6c 74 |what wil|l result|
|000033d0| 20 66 72 6f 6d 20 74 68 | 65 20 63 68 61 6e 67 65 | from th|e change|
|000033e0| 2e 20 4e 6f 74 65 20 74 | 68 61 74 0a 20 20 20 20 |. Note t|hat. |
|000033f0| 20 69 66 20 79 6f 75 20 | 77 61 6e 74 20 74 6f 20 | if you |want to |
|00003400| 6d 61 6b 65 20 74 68 65 | 20 74 72 61 63 69 6e 67 |make the| tracing|
|00003410| 20 65 76 65 6e 20 68 61 | 72 64 65 72 2c 20 79 6f | even ha|rder, yo|
|00003420| 75 20 73 68 6f 75 6c 64 | 20 73 74 61 72 74 20 74 |u should| start t|
|00003430| 68 65 0a 20 20 20 20 20 | 64 65 63 72 79 70 74 69 |he. |decrypti|
|00003440| 6f 6e 20 6f 66 20 74 68 | 65 20 63 6f 64 65 20 66 |on of th|e code f|
|00003450| 72 6f 6d 20 69 74 73 20 | 45 4e 44 2c 20 73 6f 20 |rom its |END, so |
|00003460| 69 74 20 74 61 6b 65 73 | 20 74 68 65 20 77 68 6f |it takes| the who|
|00003470| 6c 65 20 6f 70 65 72 61 | 74 69 6f 6e 0a 20 20 20 |le opera|tion. |
|00003480| 20 20 75 6e 74 69 6c 20 | 74 68 65 20 6f 70 63 6f | until |the opco|
|00003490| 64 65 20 66 6f 6c 6c 6f | 77 69 6e 67 20 74 68 65 |de follo|wing the|
|000034a0| 20 64 65 63 72 79 70 74 | 69 6f 6e 20 72 6f 75 74 | decrypt|ion rout|
|000034b0| 69 6e 65 20 69 73 20 64 | 65 63 72 79 70 74 65 64 |ine is d|ecrypted|
|000034c0| 2e 0a 0a 20 20 20 20 20 | 45 78 61 6d 70 6c 65 3a |... |Example:|
|000034d0| 0a 0a 20 20 20 20 20 43 | 53 3a 30 31 30 30 20 42 |.. C|S:0100 B|
|000034e0| 42 37 31 30 39 20 20 20 | 20 20 20 20 20 20 4d 4f |B7109 | MO|
|000034f0| 56 20 20 20 20 42 58 2c | 30 39 37 31 0a 20 20 20 |V BX,|0971. |
|00003500| 20 20 43 53 3a 30 31 30 | 33 20 42 45 31 30 30 31 | CS:010|3 BE1001|
|00003510| 20 20 20 20 20 20 20 20 | 20 4d 4f 56 20 20 20 20 | | MOV |
|00003520| 44 49 2c 30 31 31 30 0a | 20 20 20 20 20 43 53 3a |DI,0110.| CS:|
|00003530| 30 31 30 36 20 39 31 20 | 20 20 20 20 20 20 20 20 |0106 91 | |
|00003540| 20 20 20 20 58 43 48 47 | 20 20 20 41 58 2c 43 58 | XCHG| AX,CX|
|00003550| 0a 20 20 20 20 20 43 53 | 3a 30 31 30 37 20 39 31 |. CS|:0107 91|
|00003560| 20 20 20 20 20 20 20 20 | 20 20 20 20 20 58 43 48 | | XCH|
|00003570| 47 20 20 20 41 58 2c 43 | 58 0a 20 20 20 20 20 43 |G AX,C|X. C|
|00003580| 53 3a 30 31 30 38 20 32 | 45 38 30 33 35 39 37 20 |S:0108 2|E803597 |
|00003590| 20 20 20 20 20 20 58 4f | 52 20 20 20 20 42 79 74 | XO|R Byt|
|000035a0| 65 20 50 74 72 20 43 53 | 3a 5b 44 49 5d 2c 39 37 |e Ptr CS|:[DI],97|
|000035b0| 0a 20 20 20 20 20 43 53 | 3a 30 31 30 43 20 34 37 |. CS|:010C 47|
|000035c0| 20 20 20 20 20 20 20 20 | 20 20 20 20 20 49 4e 43 | | INC|
|000035d0| 20 20 20 20 44 49 0a 20 | 20 20 20 20 43 53 3a 30 | DI. | CS:0|
|000035e0| 31 30 44 20 34 42 20 20 | 20 20 20 20 20 20 20 20 |10D 4B | |
|000035f0| 20 20 20 44 45 43 20 20 | 20 20 42 58 0a 20 20 20 | DEC | BX. |
|00003600| 20 20 43 53 3a 30 31 30 | 45 20 37 35 46 36 20 20 | CS:010|E 75F6 |
|00003610| 20 20 20 20 20 20 20 20 | 20 4a 4e 5a 20 20 20 20 | | JNZ |
|00003620| 30 31 30 36 0a 20 20 20 | 20 20 43 53 3a 30 31 31 |0106. | CS:011|
|00003630| 30 20 30 37 20 20 20 20 | 20 20 20 20 20 20 20 20 |0 07 | |
|00003640| 20 50 4f 50 20 20 20 20 | 45 53 0a 20 20 20 20 20 | POP |ES. |
|00003650| 43 53 3a 30 31 31 31 20 | 30 37 20 20 20 20 20 20 |CS:0111 |07 |
|00003660| 20 20 20 20 20 20 20 50 | 4f 50 20 20 20 20 45 53 | P|OP ES|
|00003670| 0a 0a 32 2e 32 2e 20 53 | 65 6c 66 2d 6d 6f 64 69 |..2.2. S|elf-modi|
|00003680| 66 79 69 6e 67 20 63 6f | 64 65 3a 0a 0a 20 20 20 |fying co|de:.. |
|00003690| 32 2e 32 2e 31 2e 20 53 | 69 6d 70 6c 65 20 73 65 |2.2.1. S|imple se|
|000036a0| 6c 66 2d 6d 6f 64 69 66 | 69 63 61 74 69 6f 6e 3a |lf-modif|ication:|
|000036b0| 0a 0a 20 20 20 20 20 20 | 20 20 20 20 20 20 54 68 |.. | Th|
|000036c0| 69 73 20 6d 65 74 68 6f | 64 20 69 6d 70 6c 65 6d |is metho|d implem|
|000036d0| 65 6e 74 73 20 74 68 65 | 20 73 61 6d 65 20 70 72 |ents the| same pr|
|000036e0| 69 6e 63 69 70 6c 65 20 | 61 73 20 74 68 65 20 65 |inciple |as the e|
|000036f0| 6e 63 72 79 70 74 69 6f | 6e 0a 20 20 20 20 20 20 |ncryptio|n. |
|00003700| 20 20 20 20 6d 65 74 68 | 6f 64 3a 20 43 68 61 6e | meth|od: Chan|
|00003710| 67 65 20 74 68 65 20 6f | 70 63 6f 64 65 20 62 65 |ge the o|pcode be|
|00003720| 66 6f 72 65 20 75 73 69 | 6e 67 20 69 74 2e 20 49 |fore usi|ng it. I|
|00003730| 6e 20 74 68 65 20 66 6f | 6c 6c 6f 77 69 6e 67 20 |n the fo|llowing |
|00003740| 65 78 61 6d 70 6c 65 2c | 0a 20 20 20 20 20 20 20 |example,|. |
|00003750| 20 20 20 77 65 20 63 68 | 61 6e 67 65 20 74 68 65 | we ch|ange the|
|00003760| 20 69 6e 73 72 75 63 74 | 69 6f 6e 20 66 6f 6c 6c | insruct|ion foll|
|00003770| 6f 77 69 6e 67 20 74 68 | 65 20 63 61 6c 6c 2c 20 |owing th|e call, |
|00003780| 61 6e 64 20 74 68 65 72 | 65 66 6f 72 65 2c 20 69 |and ther|efore, i|
|00003790| 66 20 79 6f 75 0a 20 20 | 20 20 20 20 20 20 20 20 |f you. | |
|000037a0| 74 72 79 20 74 6f 20 74 | 72 61 63 65 20 74 68 65 |try to t|race the|
|000037b0| 20 65 6e 74 69 72 65 20 | 63 61 6c 6c 20 28 27 50 | entire |call ('P|
|000037c0| 27 2f 44 65 62 75 67 20 | 6f 72 20 46 38 2f 54 75 |'/Debug |or F8/Tu|
|000037d0| 72 62 6f 20 44 65 62 75 | 67 67 65 72 29 2c 20 79 |rbo Debu|gger), y|
|000037e0| 6f 75 0a 20 20 20 20 20 | 20 20 20 20 20 77 69 6c |ou. | wil|
|000037f0| 6c 20 6e 6f 74 20 73 75 | 63 63 65 65 64 2c 20 73 |l not su|cceed, s|
|00003800| 69 6e 63 65 20 74 68 65 | 20 64 65 62 75 67 67 65 |ince the| debugge|
|00003810| 72 20 77 69 6c 6c 20 70 | 75 74 20 69 74 73 20 43 |r will p|ut its C|
|00003820| 43 68 20 6f 6e 20 6f 66 | 66 73 65 74 20 31 30 33 |Ch on of|fset 103|
|00003830| 68 2c 0a 20 20 20 20 20 | 20 20 20 20 20 62 75 74 |h,. | but|
|00003840| 20 77 68 65 6e 20 74 68 | 65 20 72 6f 75 74 69 6e | when th|e routin|
|00003850| 65 20 72 75 6e 73 2c 20 | 69 74 20 6f 76 65 72 77 |e runs, |it overw|
|00003860| 72 69 74 65 73 20 6c 6f | 63 61 74 69 6f 6e 20 31 |rites lo|cation 1|
|00003870| 30 33 68 2e 0a 0a 20 20 | 20 20 20 20 20 20 20 20 |03h... | |
|00003880| 45 78 61 6d 70 6c 65 3a | 0a 0a 20 20 20 20 20 20 |Example:|.. |
|00003890| 20 20 20 20 43 53 3a 30 | 31 30 30 20 45 38 30 34 | CS:0|100 E804|
|000038a0| 30 30 20 20 20 20 20 20 | 20 20 20 43 41 4c 4c 20 |00 | CALL |
|000038b0| 20 20 30 31 30 37 0a 20 | 20 20 20 20 20 20 20 20 | 0107. | |
|000038c0| 20 43 53 3a 30 31 30 33 | 20 43 44 32 30 20 20 20 | CS:0103| CD20 |
|000038d0| 20 20 20 20 20 20 20 20 | 49 4e 54 20 20 20 20 32 | |INT 2|
|000038e0| 30 0a 20 20 20 20 20 20 | 20 20 20 20 43 53 3a 30 |0. | CS:0|
|000038f0| 31 30 35 20 43 44 32 31 | 20 20 20 20 20 20 20 20 |105 CD21| |
|00003900| 20 20 20 49 4e 54 20 20 | 20 20 32 31 0a 20 20 20 | INT | 21. |
|00003910| 20 20 20 20 20 20 20 43 | 53 3a 30 31 30 37 20 43 | C|S:0107 C|
|00003920| 37 30 36 30 33 30 31 42 | 34 34 43 20 20 20 4d 4f |7060301B|44C MO|
|00003930| 56 20 20 20 20 57 6f 72 | 64 20 50 74 72 20 5b 30 |V Wor|d Ptr [0|
|00003940| 31 30 33 5d 2c 34 43 42 | 34 0a 20 20 20 20 20 20 |103],4CB|4. |
|00003950| 20 20 20 20 43 53 3a 30 | 31 30 44 20 43 33 20 20 | CS:0|10D C3 |
|00003960| 20 20 20 20 20 20 20 20 | 20 20 20 52 45 54 0a 0a | | RET..|
|00003970| 20 20 20 20 20 20 20 20 | 20 20 57 61 74 63 68 20 | | Watch |
|00003980| 74 68 69 73 3a 0a 0a 20 | 20 20 20 20 20 20 20 20 |this:.. | |
|00003990| 20 43 53 3a 30 31 30 33 | 20 42 34 34 43 20 20 20 | CS:0103| B44C |
|000039a0| 20 20 20 20 20 20 20 20 | 4d 4f 56 20 20 20 20 41 | |MOV A|
|000039b0| 48 2c 34 43 0a 0a 20 20 | 20 32 2e 32 2e 32 2e 20 |H,4C.. | 2.2.2. |
|000039c0| 54 68 65 20 52 75 6e 6e | 69 6e 67 20 4c 69 6e 65 |The Runn|ing Line|
|000039d0| 20 28 73 65 6c 66 2d 64 | 65 63 72 79 70 74 69 6e | (self-d|ecryptin|
|000039e0| 67 29 3a 0a 0a 20 20 20 | 20 20 20 20 20 20 20 20 |g):.. | |
|000039f0| 20 54 68 69 73 20 69 73 | 20 61 6e 20 65 78 61 6d | This is| an exam|
|00003a00| 70 6c 65 20 6f 66 20 61 | 20 73 65 6c 66 2d 74 72 |ple of a| self-tr|
|00003a10| 61 63 69 6e 67 20 73 65 | 6c 66 2d 6d 6f 64 69 66 |acing se|lf-modif|
|00003a20| 79 69 6e 67 20 63 6f 64 | 65 2c 0a 20 20 20 20 20 |ying cod|e,. |
|00003a30| 20 20 20 20 20 73 6f 6d | 65 74 69 6d 65 73 20 63 | som|etimes c|
|00003a40| 61 6c 6c 65 64 20 27 54 | 68 65 20 72 75 6e 6e 69 |alled 'T|he runni|
|00003a50| 6e 67 20 6c 69 6e 65 27 | 2e 20 49 74 20 77 61 73 |ng line'|. It was|
|00003a60| 20 70 72 65 73 65 6e 74 | 65 64 20 62 79 20 53 65 | present|ed by Se|
|00003a70| 72 67 65 0a 20 20 20 20 | 20 20 20 20 20 20 50 61 |rge. | Pa|
|00003a80| 63 68 6b 6f 76 73 6b 79 | 2e 20 49 74 20 69 73 20 |chkovsky|. It is |
|00003a90| 61 20 62 69 74 20 74 72 | 69 63 6b 79 20 69 6e 20 |a bit tr|icky in |
|00003aa0| 69 6d 70 6c 65 6d 65 6e | 74 61 74 69 6f 6e 2c 20 |implemen|tation, |
|00003ab0| 62 75 74 2c 20 75 6e 6c | 69 6b 65 0a 20 20 20 20 |but, unl|ike. |
|00003ac0| 20 20 20 20 20 20 61 6c | 6c 20 6f 74 68 65 72 20 | al|l other |
|00003ad0| 74 65 63 68 69 6e 69 71 | 75 65 73 20 6d 65 6e 74 |techiniq|ues ment|
|00003ae0| 69 6f 6e 65 64 20 69 6e | 20 74 68 69 73 20 64 6f |ioned in| this do|
|00003af0| 63 75 6d 65 6e 74 2c 20 | 69 74 20 69 73 20 72 65 |cument, |it is re|
|00003b00| 6c 61 74 69 76 65 6c 79 | 0a 20 20 20 20 20 20 20 |latively|. |
|00003b10| 20 20 20 72 65 73 69 73 | 74 69 76 65 20 74 6f 20 | resis|tive to |
|00003b20| 76 61 72 69 6f 75 73 20 | 70 72 6f 74 65 63 74 69 |various |protecti|
|00003b30| 6f 6e 73 20 6f 66 20 74 | 68 65 20 76 65 63 74 6f |ons of t|he vecto|
|00003b40| 72 20 74 61 62 6c 65 2e | 20 49 6e 20 73 68 6f 72 |r table.| In shor|
|00003b50| 74 2c 20 69 74 0a 20 20 | 20 20 20 20 20 20 20 20 |t, it. | |
|00003b60| 72 65 73 75 6c 74 73 20 | 69 6e 20 69 6e 73 74 72 |results |in instr|
|00003b70| 75 63 74 69 6f 6e 73 20 | 62 65 69 6e 67 20 64 65 |uctions |being de|
|00003b80| 63 6f 64 65 64 20 6f 6e | 65 20 61 74 20 74 69 6d |coded on|e at tim|
|00003b90| 65 2c 20 74 68 75 73 20 | 6e 65 76 65 72 0a 20 20 |e, thus |never. |
|00003ba0| 20 20 20 20 20 20 20 20 | 65 78 70 6f 73 69 6e 67 | |exposing|
|00003bb0| 20 6c 6f 6e 67 20 63 6f | 64 65 20 66 72 61 67 6d | long co|de fragm|
|00003bc0| 65 6e 74 73 20 74 6f 20 | 61 6e 61 6c 69 73 79 73 |ents to |analisys|
|00003bd0| 2e 20 49 20 77 69 6c 6c | 20 69 6c 6c 75 73 74 72 |. I will| illustr|
|00003be0| 61 74 65 20 69 74 0a 20 | 20 20 20 20 20 20 20 20 |ate it. | |
|00003bf0| 20 77 69 74 68 20 74 68 | 65 20 66 6f 6c 6c 6f 77 | with th|e follow|
|00003c00| 69 6e 67 20 28 6f 76 65 | 72 2d 73 69 6d 70 6c 69 |ing (ove|r-simpli|
|00003c10| 66 69 65 64 29 20 63 6f | 64 65 20 65 78 61 6d 70 |fied) co|de examp|
|00003c20| 6c 65 3a 0a 0a 20 20 20 | 20 20 20 20 20 20 20 58 |le:.. | X|
|00003c30| 4f 52 20 20 20 20 20 41 | 58 2c 20 41 58 0a 20 20 |OR A|X, AX. |
|00003c40| 20 20 20 20 20 20 20 20 | 4d 4f 56 20 20 20 20 20 | |MOV |
|00003c50| 45 53 2c 20 41 58 0a 20 | 20 20 20 20 20 20 20 20 |ES, AX. | |
|00003c60| 20 4d 4f 56 20 20 20 20 | 20 57 4f 52 44 20 50 54 | MOV | WORD PT|
|00003c70| 52 20 45 53 3a 5b 34 2a | 31 2b 30 5d 2c 4f 46 46 |R ES:[4*|1+0],OFF|
|00003c80| 53 45 54 20 54 52 41 43 | 45 52 0a 20 20 20 20 20 |SET TRAC|ER. |
|00003c90| 20 20 20 20 20 4d 4f 56 | 20 20 20 20 20 57 4f 52 | MOV| WOR|
|00003ca0| 44 20 50 54 52 20 45 53 | 3a 5b 34 2a 31 2b 32 5d |D PTR ES|:[4*1+2]|
|00003cb0| 2c 43 53 0a 20 20 20 20 | 20 20 20 20 20 20 4d 4f |,CS. | MO|
|00003cc0| 56 20 20 20 20 20 42 50 | 2c 20 53 50 0a 20 20 20 |V BP|, SP. |
|00003cd0| 20 20 20 20 20 20 20 50 | 55 53 48 46 0a 20 20 20 | P|USHF. |
|00003ce0| 20 20 20 20 20 20 20 58 | 4f 52 20 20 20 20 20 42 | X|OR B|
|00003cf0| 59 54 45 20 50 54 52 20 | 5b 42 50 2d 31 5d 2c 20 |YTE PTR |[BP-1], |
|00003d00| 31 0a 20 20 20 20 20 20 | 20 20 20 20 50 4f 50 46 |1. | POPF|
|00003d10| 0a 20 20 20 20 20 20 20 | 20 20 20 4d 4f 56 20 20 |. | MOV |
|00003d20| 20 20 20 41 58 2c 20 34 | 43 30 30 48 20 20 20 20 | AX, 4|C00H |
|00003d30| 20 20 20 20 20 20 20 20 | 20 20 20 3b 20 54 68 69 | | ; Thi|
|00003d40| 73 20 77 69 6c 6c 20 6e | 6f 74 20 62 65 20 74 72 |s will n|ot be tr|
|00003d50| 61 63 65 64 21 0a 20 20 | 20 20 20 20 20 20 20 20 |aced!. | |
|00003d60| 44 42 20 20 20 20 20 20 | 33 20 44 55 50 20 28 20 |DB |3 DUP ( |
|00003d70| 39 38 48 20 29 0a 20 20 | 20 20 20 20 20 20 20 20 |98H ). | |
|00003d80| 44 42 20 20 20 20 20 20 | 43 35 48 2c 20 32 31 48 |DB |C5H, 21H|
|00003d90| 0a 0a 20 20 20 54 52 41 | 43 45 52 3a 0a 0a 20 20 |.. TRA|CER:.. |
|00003da0| 20 20 20 20 20 20 20 20 | 50 55 53 48 20 20 20 20 | |PUSH |
|00003db0| 42 50 0a 20 20 20 20 20 | 20 20 20 20 20 4d 4f 56 |BP. | MOV|
|00003dc0| 20 20 20 20 20 42 50 2c | 20 53 50 0a 20 20 20 20 | BP,| SP. |
|00003dd0| 20 20 20 20 20 20 4d 4f | 56 20 20 20 20 20 42 50 | MO|V BP|
|00003de0| 2c 20 57 4f 52 44 20 50 | 54 52 20 5b 42 50 2b 32 |, WORD P|TR [BP+2|
|00003df0| 5d 0a 20 20 20 20 20 20 | 20 20 20 20 58 4f 52 20 |]. | XOR |
|00003e00| 20 20 20 20 42 59 54 45 | 20 50 54 52 20 43 53 3a | BYTE| PTR CS:|
|00003e10| 5b 42 50 2d 31 5d 2c 20 | 38 0a 20 20 20 20 20 20 |[BP-1], |8. |
|00003e20| 20 20 20 20 58 4f 52 20 | 20 20 20 20 42 59 54 45 | XOR | BYTE|
|00003e30| 20 50 54 52 20 43 53 3a | 5b 42 50 2b 30 5d 2c 20 | PTR CS:|[BP+0], |
|00003e40| 38 0a 20 20 20 20 20 20 | 20 20 20 20 50 4f 50 20 |8. | POP |
|00003e50| 20 20 20 20 42 50 0a 20 | 20 20 20 20 20 20 20 20 | BP. | |
|00003e60| 20 49 52 45 54 0a 0a 3d | 3d 3d 3d 3d 3d 3d 3d 3d | IRET..=|========|
|00003e70| 3d 3d 3d 3d 3d 3d 3d 3d | 3d 3d 3d 3d 3d 3d 3d 3d |========|========|
|00003e80| 3d 3d 3d 3d 3d 3d 3d 3d | 3d 3d 3d 3d 3d 3d 3d 3d |========|========|
|00003e90| 3d 3d 3d 3d 3d 3d 3d 3d | 3d 3d 3d 3d 3d 3d 3d 3d |========|========|
|00003ea0| 3d 3d 3d 3d 3d 3d 3d 3d | 3d 3d 3d 3d 3d 3d 3d 3d |========|========|
|00003eb0| 3d 3d 3d 3d 3d 3d 0a 0a | 43 6f 6d 6d 65 6e 74 73 |======..|Comments|
|00003ec0| 3a 0a 0a 49 6e 20 6f 72 | 64 65 72 20 74 6f 20 73 |:..In or|der to s|
|00003ed0| 61 76 65 20 6c 69 6e 65 | 73 20 6f 66 20 63 6f 64 |ave line|s of cod|
|00003ee0| 65 2c 20 49 20 64 69 64 | 20 6e 6f 74 20 69 6e 73 |e, I did| not ins|
|00003ef0| 65 72 74 20 74 68 65 20 | 43 4c 49 2f 53 54 49 20 |ert the |CLI/STI |
|00003f00| 70 61 69 72 20 62 65 66 | 6f 72 65 20 61 6e 79 0a |pair bef|ore any.|
|00003f10| 76 65 63 74 6f 72 20 63 | 68 61 6e 67 65 2e 20 48 |vector c|hange. H|
|00003f20| 6f 77 65 76 65 72 2c 20 | 69 74 20 69 73 20 61 64 |owever, |it is ad|
|00003f30| 76 69 73 65 61 62 6c 65 | 20 74 6f 20 64 6f 20 74 |viseable| to do t|
|00003f40| 68 69 73 20 70 61 69 72 | 20 62 65 66 6f 72 65 20 |his pair| before |
|00003f50| 41 4e 59 20 6d 61 6e 75 | 61 6c 0a 76 65 63 74 6f |ANY manu|al.vecto|
|00003f60| 72 20 63 68 61 6e 67 65 | 2c 20 62 65 63 61 75 73 |r change|, becaus|
|00003f70| 65 20 69 66 20 61 6e 79 | 20 69 6e 74 65 72 72 75 |e if any| interru|
|00003f80| 70 74 20 6f 63 63 75 72 | 73 20 69 6e 20 74 68 65 |pt occur|s in the|
|00003f90| 20 6d 69 64 64 6c 65 20 | 6f 66 20 79 6f 75 72 0a | middle |of your.|
|00003fa0| 6f 70 65 72 61 74 69 6f | 6e 73 2c 20 74 68 65 20 |operatio|ns, the |
|00003fb0| 6d 61 63 68 69 6e 65 20 | 63 6f 75 6c 64 20 68 61 |machine |could ha|
|00003fc0| 6e 67 2e 0a 0a 41 6e 20 | 61 70 6f 6c 6f 67 79 3a |ng...An |apology:|
|00003fd0| 0a 0a 49 6e 20 70 72 65 | 76 69 6f 75 73 20 72 65 |..In pre|vious re|
|00003fe0| 6c 65 61 73 65 73 20 6f | 66 20 74 68 69 73 20 61 |leases o|f this a|
|00003ff0| 72 74 69 63 6c 65 2c 20 | 61 20 66 61 6c 73 65 20 |rticle, |a false |
|00004000| 65 78 61 6d 70 6c 65 2c | 20 61 73 20 6e 6f 74 65 |example,| as note|
|00004010| 64 20 62 79 20 53 65 72 | 67 65 0a 50 61 63 68 6b |d by Ser|ge.Pachk|
|00004020| 6f 76 6b 73 79 2c 20 77 | 61 73 20 70 6f 73 74 65 |ovksy, w|as poste|
|00004030| 64 2e 20 54 68 61 74 20 | 77 61 73 20 32 2e 32 2e |d. That |was 2.2.|
|00004040| 32 20 2d 20 4d 61 6e 69 | 70 75 6c 61 74 69 6e 67 |2 - Mani|pulating|
|00004050| 20 74 68 65 20 50 49 51 | 2e 20 41 70 70 65 72 61 | the PIQ|. Appera|
|00004060| 6e 74 6c 79 0a 74 68 65 | 20 70 6f 73 74 65 64 20 |ntly.the| posted |
|00004070| 73 6f 75 72 63 65 20 77 | 6f 75 6c 64 20 6e 6f 74 |source w|ould not|
|00004080| 20 77 6f 72 6b 20 75 6e | 64 65 72 20 61 6e 79 20 | work un|der any |
|00004090| 63 69 72 63 75 6d 73 74 | 61 6e 63 65 73 2e 20 49 |circumst|ances. I|
|000040a0| 6e 20 72 65 74 75 72 6e | 2c 20 53 65 72 67 65 20 |n return|, Serge |
|000040b0| 68 61 73 0a 70 72 65 73 | 65 6e 74 65 64 20 74 68 |has.pres|ented th|
|000040c0| 65 20 27 52 75 6e 6e 69 | 6e 67 20 4c 69 6e 65 27 |e 'Runni|ng Line'|
|000040d0| 20 74 65 63 68 6e 69 71 | 75 65 2e 0a 0a 54 68 61 | techniq|ue...Tha|
|000040e0| 6e 6b 73 20 74 6f 3a 0a | 0a 45 64 65 6e 20 53 68 |nks to:.|.Eden Sh|
|000040f0| 6f 63 68 61 74 2c 20 32 | 3a 34 30 31 2f 31 30 30 |ochat, 2|:401/100|
|00004100| 0a 20 20 61 6e 64 0a 59 | 6f 73 73 69 20 47 6f 74 |. and.Y|ossi Got|
|00004110| 74 6c 69 65 62 2c 20 32 | 3a 34 30 31 2f 31 30 30 |tlieb, 2|:401/100|
|00004120| 2e 33 0a 0a 66 6f 72 20 | 68 65 6c 70 69 6e 67 20 |.3..for |helping |
|00004130| 6d 65 20 61 73 73 65 6d | 62 6c 69 6e 67 20 74 68 |me assem|bling th|
|00004140| 69 73 20 6c 69 73 74 2e | 0a 0a 4f 74 68 65 72 20 |is list.|..Other |
|00004150| 61 63 6b 6e 6f 77 6c 65 | 64 67 65 6d 65 6e 74 73 |acknowle|dgements|
|00004160| 3a 0a 0a 4d 61 74 74 20 | 50 72 69 74 63 68 61 72 |:..Matt |Pritchar|
|00004170| 64 2c 20 38 30 58 58 58 | 20 65 63 68 6f 0a 0a 53 |d, 80XXX| echo..S|
|00004180| 65 72 67 65 20 50 61 63 | 68 6b 6f 76 73 6b 79 2c |erge Pac|hkovsky,|
|00004190| 20 44 69 73 74 72 69 62 | 75 74 65 64 20 4e 6f 64 | Distrib|uted Nod|
|000041a0| 65 20 28 32 3a 35 30 30 | 30 2f 31 39 2e 31 39 29 |e (2:500|0/19.19)|
|000041b0| 0a 0a 3d 3d 3d 3d 3d 3d | 3d 3d 3d 3d 3d 3d 3d 3d |..======|========|
|000041c0| 3d 3d 3d 3d 3d 3d 3d 3d | 3d 3d 3d 3d 3d 3d 3d 3d |========|========|
|000041d0| 3d 3d 3d 3d 3d 3d 3d 3d | 3d 3d 3d 3d 3d 3d 3d 3d |========|========|
|000041e0| 3d 3d 3d 3d 3d 3d 3d 3d | 3d 3d 3d 3d 3d 3d 3d 3d |========|========|
|000041f0| 3d 3d 3d 3d 3d 3d 3d 3d | 3d 3d 3d 3d 3d 3d 3d 3d |========|========|
|00004200| 3d 0a 0a 41 6e 79 20 63 | 6f 6d 6d 65 6e 74 73 2c |=..Any c|omments,|
|00004210| 20 73 75 67 67 65 73 74 | 69 6f 6e 73 2c 20 69 64 | suggest|ions, id|
|00004220| 65 61 73 20 61 6e 64 20 | 63 6f 72 72 65 63 74 69 |eas and |correcti|
|00004230| 6f 6e 73 20 77 69 6c 6c | 20 62 65 20 67 6c 61 64 |ons will| be glad|
|00004240| 6c 79 20 61 63 63 65 70 | 74 65 64 2e 0a 0a 41 75 |ly accep|ted...Au|
|00004250| 74 68 6f 72 20 63 61 6e | 20 62 65 20 72 65 61 63 |thor can| be reac|
|00004260| 68 65 64 20 69 6e 20 6f | 6e 65 20 6f 66 20 74 68 |hed in o|ne of th|
|00004270| 65 20 66 6f 6c 6c 6f 77 | 69 6e 67 20 77 61 79 73 |e follow|ing ways|
|00004280| 3a 0a 0a 49 6e 62 61 72 | 20 52 61 7a 2c 20 32 3a |:..Inbar| Raz, 2:|
|00004290| 34 30 31 2f 31 30 30 2e | 31 20 20 20 20 20 20 20 |401/100.|1 |
|000042a0| 20 20 20 20 20 20 20 20 | 20 20 20 20 20 20 20 20 | | |
|000042b0| 20 20 20 7b 66 69 64 6f | 6e 65 74 7d 0a 49 6e 62 | {fido|net}.Inb|
|000042c0| 61 72 20 52 61 7a 2c 20 | 32 3a 34 30 33 2f 31 30 |ar Raz, |2:403/10|
|000042d0| 30 2e 34 32 20 20 20 20 | 20 20 20 20 20 20 20 20 |0.42 | |
|000042e0| 20 20 20 20 20 20 20 20 | 20 20 20 20 20 7b 66 69 | | {fi|
|000042f0| 64 6f 6e 65 74 7d 0a 6e | 79 76 69 72 75 73 40 77 |donet}.n|yvirus@w|
|00004300| 65 69 7a 6d 61 6e 6e 2e | 77 65 69 7a 6d 61 6e 6e |eizmann.|weizmann|
|00004310| 2e 61 63 2e 69 6c 20 20 | 20 20 20 20 20 20 20 20 |.ac.il | |
|00004320| 20 20 20 20 20 20 20 7b | 69 6e 74 65 72 6e 65 74 | {|internet|
|00004330| 7d 0a 75 75 6e 65 74 21 | 6d 32 78 65 6e 69 78 21 |}.uunet!|m2xenix!|
|00004340| 70 75 64 64 6c 65 21 32 | 21 34 30 33 21 31 30 30 |puddle!2|!403!100|
|00004350| 2e 34 32 21 49 6e 62 61 | 72 2e 52 61 7a 20 20 20 |.42!Inba|r.Raz |
|00004360| 20 20 7b 55 55 43 50 7d | 0a 49 6e 62 61 72 2e 52 | {UUCP}|.Inbar.R|
|00004370| 61 7a 40 70 31 2e 66 31 | 30 30 2e 6e 34 30 31 2e |az@p1.f1|00.n401.|
|00004380| 7a 32 2e 66 69 64 6f 6e | 65 74 2e 6f 72 67 20 20 |z2.fidon|et.org |
|00004390| 20 20 20 20 20 20 20 20 | 20 7b 69 6e 74 65 72 6e | | {intern|
|000043a0| 65 74 3c 3e 46 49 44 4f | 20 67 61 74 65 7d 0a 49 |et<>FIDO| gate}.I|
|000043b0| 6e 62 61 72 2e 52 61 7a | 40 70 34 32 2e 66 31 30 |nbar.Raz|@p42.f10|
|000043c0| 30 2e 6e 34 30 33 2e 7a | 32 2e 66 69 64 6f 6e 65 |0.n403.z|2.fidone|
|000043d0| 74 2e 6f 72 67 20 20 20 | 20 20 20 20 20 20 20 7b |t.org | {|
|000043e0| 69 6e 74 65 72 6e 65 74 | 3c 3e 46 49 44 4f 20 67 |internet|<>FIDO g|
|000043f0| 61 74 65 7d 0a 0a 20 2a | 20 44 53 45 20 4f 6e 6c |ate}.. *| DSE Onl|
|00004400| 69 6e 65 21 20 2a 20 54 | 68 65 20 48 6f 6d 65 20 |ine! * T|he Home |
|00004410| 6f 66 20 50 42 2f 56 49 | 53 49 4f 4e 20 26 20 50 |of PB/VI|SION & P|
|00004420| 42 2f 57 4f 52 4b 53 48 | 4f 50 20 66 6f 72 20 50 |B/WORKSH|OP for P|
|00004430| 6f 77 65 72 42 41 53 49 | 43 20 33 2e 30 0a 20 20 |owerBASI|C 3.0. |
|00004440| 20 20 20 20 20 20 20 20 | 20 20 20 20 20 20 20 20 | | |
|00004450| 20 20 20 0a 2d 2d 20 0a | 2f 5c 2f 20 20 44 61 6e | .-- .|/\/ Dan|
|00004460| 69 65 6c 20 50 2e 20 53 | 74 61 73 69 6e 73 6b 69 |iel P. S|tasinski|
|00004470| 20 20 20 20 20 20 2f 5c | 2f 20 20 20 20 56 6f 69 | /\|/ Voi|
|00004480| 63 65 3a 20 2b 31 2d 37 | 30 37 2d 34 35 39 2d 34 |ce: +1-7|07-459-4|
|00004490| 33 35 38 20 20 2f 5c 2f | 0a 2f 5c 2f 20 20 44 53 |358 /\/|./\/ DS|
|000044a0| 45 20 53 6f 66 74 77 61 | 72 65 20 50 75 62 6c 69 |E Softwa|re Publi|
|000044b0| 73 68 69 6e 67 20 20 2f | 5c 2f 20 20 46 41 58 2f |shing /|\/ FAX/|
|000044c0| 42 42 53 3a 20 2b 31 2d | 37 30 37 2d 34 35 39 2d |BBS: +1-|707-459-|
|000044d0| 34 34 38 34 20 20 2f 5c | 2f 0a 2f 5c 2f 20 20 50 |4484 /\|/./\/ P|
|000044e0| 6f 73 74 20 4f 66 66 69 | 63 65 20 42 6f 78 20 39 |ost Offi|ce Box 9|
|000044f0| 36 20 20 20 20 20 20 20 | 2f 5c 2f 20 20 20 20 45 |6 |/\/ E|
|00004500| 6d 61 69 6c 3a 20 64 73 | 65 40 70 61 63 69 66 69 |mail: ds|e@pacifi|
|00004510| 63 2e 6e 65 74 20 20 2f | 5c 2f 0a 2f 5c 2f 20 20 |c.net /|\/./\/ |
|00004520| 57 69 6c 6c 69 74 73 2c | 20 43 41 20 39 35 34 39 |Willits,| CA 9549|
|00004530| 30 2d 30 30 39 36 20 20 | 20 2f 5c 2f 20 20 46 69 |0-0096 | /\/ Fi|
|00004540| 64 6f 4e 65 74 3a 20 31 | 3a 31 32 35 2f 31 32 33 |doNet: 1|:125/123|
|00004550| 20 20 20 20 20 20 20 20 | 2f 5c 2f 0a 0a | |/\/.. |
+--------+-------------------------+-------------------------+--------+--------+
