![]() ![]() Grab it when it jumps in.įor detailed process, please click here: Īdd a sentence of jmp $ at the beginning of the program to make our program infinitely loop, execute this program in Bochs, then press Ctrl+C in Bochsdbg, and then modify the value of the EIP register set $eip=XXX to point to our program entry. Add a piece of code at the beginning of the program to access a certain memory address, and place a memory access breakpoint at that address in Bochsdbg. I hope that the author will add this part of the content in the reprint so that everyone can concentrate on learning the operating system.ĭig a hole in the memory somewhere, waiting for our program to jump in. We can use this value and vb to make a breakpoint.Īfter struggling for a week, I passed this level. I saw a method on the Internet: add the statement jmp $ before the position where you want to place the breakpoint, when pmtest runs under dos, return to the bochs debugging window, press ctrl+c, and bochs will stop at the position of jmp $, And display seg:ofs. The vb command needs the seg:ofs format to set breakpoints, so how do you know the seg and ofs values? Refer to, the above illustration is very clear. Use the vb command of bochs and Edit options to achieve So we can use the previous method again Step through the program.ģ. I selected two places without success.ģ) Use nasm to compile the new asm file and copy it to pm.imgĪnd press Enter 6) Enter disk b in freedos and run ħ) In the debugging window of bochs, it will stop at xchg bx, bx. 2) Add the statement xchg bx, bx to the pmtest.asm file. Here is a complete list of the entire steps:Īdd "magic_break: enabled=1" at the end of theįile. The reason for the previous failure was that the newly compiled file was not copied to the pm.img file. Today, I finally succeeded in the experiment of this method. I replied to a post on the Internet and talked about my own operation process and waited for the reply. The heroes who left messages on the Internet succeeded in using this method, but unfortunately I did not succeed. ![]() When this instruction is run, it will break into the Bochs debugger (in Bochsrc_sample.txt). Use bochs' magic_break, the method is as follows:Īdd a sentence of magic_break: enabled=1 in the configuration file of Bochs, and then add a sentence of xchg bx, bx to the program. When the mov cr0, eax statement is tracked, freedos will make an error and cannot continue to track.Ģ. Use the debug32 tool under dos to track the operation of in a single step. I saw 2 ways to solve this problem on the Internet:ġ.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |