DEBUG faq

Tool: debug.com... Why? becoz we all have it!!! in DOS :-)

Operating System: Win98,WinXP

Where?: DOS

How-To: Type "debug" at C:\ prompt then Enter..

and finally u will get here.. --> " - "

" - " <-- This is what we called, a Debug Prompt!. Remember, after anything that you typed, dont forget to press Enter... Before we start, it's always a good to see what is the available commands for us to use... Type "?" at the Debug Prompt ---> " -? " and press Enter. Here you will see a lot of stuff u can use to play with...

type "r" at the Debug Prompt " - " --> " -r " and press Enter.. and you will see this! :-)... "r" is used to display the microprocessor contents...

AX=0000 BX=0000 CX=0000 DX=000 SP=C90D BP=000 SI=000 DI=000

DS=35E2 ES=35E2 SS=35E2 CS=35E2 IP=0100 NV UP EI PL NZ NA PO NC

35E2:0100 83C708 ADD, DI,+08

NOTE: SEE THE SHIT UP THERE! AND LOOK BELOW FOR DETAILS!..

here u will SEE all of those AX, BX, CX thingy.. and NV UP EI PL... etc.. and 35E2:0100 <-- (i.e the segment:offset)... you will see a lot right?? yes.. this is the picture.. a beautiful picture!. Before we begin ASM'ing' it's good to REMEMBER/COPY these:

i. Hexadecimal Number System

ii. Internal Processor Registers

iii. PSW (Processor Status Word) or Flags Registers

iv. Address Generation

v. Segment:Offset

vi. Locations of Segments

vii. Opcode / Operands

viii.HELP!

.::Remember and Revise Your Book!::.< -- I put.::Remember and Revise Your Book!::. to indicate where are u know, but remember some shit NEEDS books to fully understand and see what they actually do...

Hexadecimal Number System

i. Decimal

ii. Binary

iii. Hexadecimal

Decimal Binary Hexadecimal

0 0000 0

1 0001 1

2 0010 2

3 0011 3

4 0100 4

5 0101 5

6 0110 6

7 0111 7

8 1000 8

9 1001 9

10 1010 A

11 1011 B

12 1100 C

13 1101 D

14 1110 E

15 1111 F

18 10010 12 etc.. go find in the library books! also dont forget to read about:

a.1s Complement - invert all bits..

b.2's Complement - presented by computer for negative numbers of the corresponding positive number...

c.Binary Addition

d.Binary Subtraction

.::Remember and Revise Your Book!::.

Internal Processor Registers

i. General Purpose Data Registers

.::AH - AL = AX::. - AX as Accumulator, Special Functions in MUL (Multiplication), DIV (Division) and I/O (Input Output) Operation.

.::BH - BL = BX::. - BX as Base Pointer, as Displacement/Offset in register for address computation.

.::CH - CL = CX::. - CX as Counter Register in the Loop Instruction.

.:H - DL = DX::. - DX Data Register in Division Instruction and holds the I/O operations.

ii. Segment Registers

.::Code Segment = CS::. - storing program instruction.

.::Data Segment = DS::. - storage for data and source strings.

.::Stack Segment = SS::. - used for stack operations.

.::Extra Segment = ES::. - is for destinations strings.

Segment Registers | Offset Source | Operation

CS IP Instruction Fetch

DS BX,SI,DI Data; String Source

SS SP Stack

ES DI String Destination

iii. Index and Pointer Registers

.::Source Index = SI::. - Used to point to strings of data in the memory.

.::Destination = DI::. - Used to point to strings of data in the memory.

.::Stack Pointer = SP::. - Hold address of the top of the stack segment.

.::Base Pointer = BP::. - holds offset of a data word.

.::Instruction Pointer = IP::. - holds the address of the next instruction to be executed.

.::Remember and Revise Your Book!::.

PSW (Processor Status Word) or Flags Register is used to indicate the status of the microprocessor. Consist of:

i. Status Flags - for set or reset depending on the result of math or logical operations.

ii. Control Flags - for set or reset to control processing.

.::Status Flags::.

CF= Carry Flags.. set when - a carry or borrow from MSB

PF= Parity Flags.. set if - number of ones in the low order of 8 bits of results is even.

AF= Auxiliary Flags.. set when - carry condition occurs in bit 3 (in BCD Computations)

ZF= Zero Flags.. set if - result of an operation is the number zero

SF= Sign Flags.. set if - the result of an operation is a negative number

OF= Overflow Flag.. set if - an overflow occurs

.::Control Flags::.

TF=Trap Flag.. if set - the CPU is placed in the single step mode

IF=Interrupt Flag.. if set - a maskable interrupt will be recognized otherwise it is ignored

DF=Direction Flag.. if set - a string is processed from the hing address towards the low address

Set vs Clear

OV=Overflow NV=No OverFlow

DN=Decrement UP-Increment

EI=Enabled DI-Disabled

NG=Negative PL=Plus

ZR=Zero NZ=Non-Zero

AC= Aux.Carry NA=No Aux

PE-Parity Even PO=Parity Odd

CY=Carry NC=No Carry

.::Remember and Revise Your Book!::.

Address Generation

Example:

By assuming the data segment base address is ABC1H and the logical offset address is 0123J. The physical address of memory is:

ABC1H Base Address (DS)

ABC10H Shifted left base address

+ 0123H Offset

ABD33H <-- Physical Memory Location

.::Remember and Revise Your Book!::.

Segment:Offset (Logical Address)

76540H

+ AB11H

----

81051H

.::Sample::.

Locations of Segments

1230:0045H = 1234:0005H = 12345H <-- this is not unique address, becareful! :-)

.::Remember and Revise Your Book!::.

Opcode / Operands

opcode- specificies the command to execute

operands- acted on by the instructions. (ie. Registers,Integer==> AX,5 or AX,2 etc... the INTERNAL MICROPROCESSOR REGISTERS!)

Arithmetic OPCODES are:

INC- Increment

DEC- Decrement

NEG - Negate

MOV - Move/Copy/Exchange

ADD - Addition

SUB - Subtraction

ADC - Add with Carry

SBB - Subtract with Borrow

MUL - Unsigned Multiplication

IMUL - Signed Multiplication

DIV - Unsigned Divide

IDIV - Signed Divide

Logical Operations Opcodes

NOT - treated as inverter

OR - treated as (+) addition

XOR - Result is same when 0

AND - treat as Mul

TEST - same like AND

.::Remember and Revise Your Book!::.

Here's how to get quick help on using debug:

PROMPT> DEBUG /?

PROMPT> DEBUG (Note, the debug prompt is a dash "-")

-? (This reports the following help entries

alphabetically)

(Note: Don't type the dash or comments -- just the ?)

assemble A [address]

compare C range address

dump D [range]

enter E address fill F range list

go G [=address] [addresses]

hex H value1 value2

input I port

load L [address] [drive] [firstsector] [number]

move M range address

name N [pathname] [arglist]

output O port byte

proceed P [=address] [number]

quit Q

register R [register]

search S range list

trace T [=address] [value]

unassemble U [range]

write W [address] [drive] [firstsector] [number]

allocate expanded memory XA [#pages]

deallocate expanded memory XD [handle]

map expanded memory pages XM [Lpage] [Ppage] [handle]

display expanded memory status XS

-q (This quits out of debug, returning to the DOS prompt)

Tested examples below walk the user thru the following debug examples:

-D Display the contents of an area of memory

-Q Quit the debug program

-S Search for whatever

-H Hex arithmatic

-R Display or change the contents of one or more registers

-E Enter data into memory, beginning at a specific location

-G Go run the executable program in memory

-U Unassemble machine code into symbolic code

-T Trace the contents of one instruction

-P Proceed, or execute a set of related instructions

-A Assemble symbolic instructions into machine code

-N Name a program

-W Write the named program onto disk

-L Load the named program back into memory

so.... after reading this what will u learn??

at the Debug Prompt type this...

- a100 <--this! " a " means assemble and 100 is the starting address of your program!.>

xxxx:xxxx <--this is segment offset

xxxx:xxxx mov ax,5

xxxx:xxxx mov bx,2

xxxx:xxxx mul bx

so tell me what do u get? u can trace them using "t=100" (means trace at 100 <-which is your starting prog)..

yep.. that's all for today.. i will try to define more soon and makes it fun when im free!. Happy ASMing! I hope SOME PEOPLE CAN HELP with this one . I think this is important step to learn ASM and to learn more logics!.. and finally progressing in CRACKING!

QUOTE

Why Debug???

Ok, here's Why..

USE DEBUG TO...

0)  Obtain help on using debug:

1)  Get right to work, for example, display the BIOS date stored in RAM:

2)  Search for strings in binary files currently loaded into memory:

3)  Perform hexadecimal (base 16) arithmatic:

4)  For background, take a very quick look at the x86 internal registers:

5)  Enter your first machine-language program - print a character:

6)  Assemble that same program in memory, using the x86 assembly language:

7)  After assembling a program, also write it to disk for later re-use:

8)  Load that existing program into new Debug session:

9)  Calculate the program's length using hex-arithmatic:

10) Store & output a string as hex data in RAM:

11) Store & output a string as string data using loops:

12) For practice, patch two programs together:

13) Trace through the execution flow of your newly patched program:

14) Patch into a slightly more complicated original program:

15) Take a quick look at the layout of a 3 1/2" DSHD 1.44Mbyte diskette:

16) Analyse, in detail, every bit of the boot sector of a disk using debug:

xx) Analyse, in detail, the FAT sector of a disk using debug:

xx) Analyse, in detail, the "Directory" sectors of a MSDOS disk:

xx) Analyse, in detail, the "Data" storage areas of a MSDOS disk:

Other Good Tools also like SYMDEB :-) you can find HERE -->CLICK THIS! .. You Probably thinkin... why Debug? Why Symdeb??? becoz it's small, fast, and efficient for newbies.. less complicate to understand (at least) provided you know what you are doing.. Enjoyz! Dont worry!.. i use this so called craps too, you know.. and i am a newbies as well.. this tools (debugger) is good for learning ASM.. cracking?? ooo not yet.. i dont crack yet! ... just a say, how you can learn ASM lang :-) Enjoyz!

Tools:- SymDeb MicroPot Symbolic DebuggeRz

Where to Get?:- HERE!!! CLICK IT 25KB <-- SO SMALL??? OH MY GOD!

((http://www.woodmann.com/fravia/zipped/symdeb.zip))

what to do? today we write simple program! in asm.. nothing hard. Just follow heheh..

1st Step.. Fire Up our little Debugger .. Enjoyz.

2nd Step..

at the "-" SymDeb Prompt.. type "?" (something like this, " - ? ") to see all the available commands ... you will see all the fun commands you can use .. nothing hard here ..

3rd Step..

So what to Write? Calculate.. this "AX = A - ( 4 X 2 ) + 3 Div 2".. Oh my God?!, what is this.. Some kind of a joke?.. noo.. not a joke! it's how to write in ASM.. especially for people that's NEW to ASM language..not for the old veterans programmer!.. for them this is lame.

Start to write... at " - " type "a100" <-- the 100 means the starting point of this code .. Cool!.. and " a " means Assemble.. Ok..

-a100 (after that Press Enter)

You will see this!.. as like Debug.com :-O..

"1234(called segment!): 0110 (called offset!) <-- Sample!" dont type this.. this already there.. hehe

Begin typing this in our beautiful Symdeb...

((( Program: Arithmetic Calculations of "AX = A - ( 4 X 2 ) + 3 Div 2".. )))

1234:0110 mov al,4

xxxx:xxxx mov bl,2

xxxx:xxxx mul bl <----- AX is now valued at 0008

xxxx:xxxx mov cx,ax <------ MOVe the content of AX to CX's Registers.

xxxx:xxxx mov ax,0

xxxx:xxxx mov al,3

xxxx:xxxx mov bl,2

xxxx:xxxx div bl <-------- AX is now valued at = 010..

xxxx:xxxx mov dx,ax

xxxx:xxxx mov ax,09

xxxx:xxxx ax,cx

1234:001A ax,dx ((PRESS ENTER twice!))

xxxx:xxxx

- n c:\sample.com <--- (Save to where?)

-rbx00 ((THIS IS FIXED, just type the next time you finish programming!)

-rcx1a (( minus off 1234:0110 and 1234:001A --> 0110-001A=1a.. Cool!))

-w100 ((This will write the starting of 100... saved to Disk :-) Enjoyz)

done! your very first program heheh.. in ASM! via Symdeb.

Last Step.. Run.. " t=100 " ( " t " is for trace.. meaning that you wanna see the changes occurs in AX Registers (Inside the CPU/Microprocessor Registers)... after entering " t=100 '... then type in again " t " then Enter.. and " t " again! to see the end result.. ONCE or TWICE to see the Result of AX Registers! Done!.. Phew.. that's wasnt hard aint it!..

Wanna Some More?? here's even cooler hehe.. This time we use INT(INTerrupts) oh my god!.. why "INTerrupt"? ... because i said so.. hehe..

Type *exactly* like what is shown here.. at the " - " prompt and after each line press enter!.. Have Fun!

e200 "ASSembly Language is FUN! I LOVE IT...",0ah,0dh,'$'

e300 " I LOVE THIS SHIT!.. WooHooo.. $"

a100

mov ah,9

mov dx,200

int 21h

mov dx,300

int 21h

int 3h

rip100

g101C<-- go.. "101C" <-- sample.. take the OFFSET of int 3h..!

ENTER

ENTER

Done!.. hehe..

to save??

- n c:\sample.com <--- (Save to where?)

- rbx00 ((THIS IS FIXED, just type the next time you finish programming!)

- rcx1a (( minus off xxxx:start and xxxx:after ending line --> 0110

001A=1a.. Cool!...))

- w100 ((This will write the starting of 100... saved to Disk :-) Enjoyz).. Done!

Wanna more sample of writing asm? hehe.. i dont think so.. today im fuckin tired... and i have works to be done..! So.. that's it.. maybe next time.. phew!

QUOTE

DIGITAL CLOCK PRESENTATIONS!

Maybe after all this i will teach or present my ideas on how to make a digital clock .. yes! DIGITAL CLOCK.. and you can update it via your pc.. hehe.. i will make this project soon.. and happy to share with you all..

for this.. we will learn how to control I/O and shit like that.. hehe maybe who knows we can make our own MP3 player next time? yes.. our very own digital clock.. wow... self-made.. nothing is impossible.! SO WAIT.. SOONNNNNNNN.. hehe im so happy for all the support i get!...

what i meant was A REAL HARDWARE (PARALLEL PORT-BASED) CLOCK connected at the back of the PC.. which cost less than Ferrari.. oh my GOD!!!!!!! ... this is huge.. im still newbie too at IO programming ... but i believe we can SELF-ASSEMBLE! ... so why not try?? we have experts can help us at ASM programming.. especially in the field of parallel IO port programming p/s: about the mp3 hardware playaz that's was a joke.. but there's nothing impossible coz some guys already done that  :blink:

Some Codes for you to try with Symdeb!

1) AX=A-(4x2)+3/2

syntax:

-a100

mov al,4

mov bl,2

mul bl

mov cx,ax

mov ax,0

mov al,3

mov bl,2

div bl

mov dx,ax

mov ax,09

sub ax,cx

add ax,dx

n C:\masm\cs.com

rbx00

rxc1a

-w100

2)AX= 9 OR 2 3)AX= 9 XOR 2 4)AX= 9 AND 2

syntax: syntax: syntax:

mov ax,0 mov ax,0 mov ax,0

mov al,9 mov al,9 mov al,9

mov bl,2 mov bl,2 mov bl,2

or al,bl xor al,bl and al,bl

answer: 000B answer: 000B answer: 0000

5) SHL (Shift Left) 8098 2 times 6) ROR (Rotate) F1F0 2 times

syntax: syntax:

mov ax,8098 mov ax, fifo

shl ax,1 ror ax,1

shl ax,1 ror ax,1

ALL RESULT OF KEYBOARD PRESS in ASM (SYMDEB)

7)Key Press/Capture 8) mov ah,1

(or press any key to continue) int 21h

syntax: int 3h

mov ah,1 rip100

int 21h g0105 <-this is last offset

int 20h

rip100

g0106<-last offset

9) 10)Asking user 2 times 11) mov ah,2

mov al,1 syntax: syntax:

int 21h mov ah,1 mov ah,2

mov cl,al int 21h mov dl,41h

int 3h int 21h int 21h

int 21h int 3h

12) Arranging Char on Screen 13) -e200 "Assembly Language$"

syntax: -e300 "is fun!$"

mov ah,2 -a100

mov dl,41h (A) mov ah,9

int 21h mov dx,200

mov dl,0dh int 21h

int 21h mov ah,2

mov dl,0ah mov dl,0dh

int 21h int 21h

mov dl, 42h ( mov dl,0ah

int 21h int 21h

mov dl,0dh mov ah,9

int 2h mov dx,300

mov dl,0ah int 21h

int 2h int 20h

int 3

14) Short version of no.13

-e200 "Assembly Language", 0ah,0dh,'$'

-e300 "is Fun!$"

-a100

mov ah,9

mov dx,200

int 21h

mov dx,300

int 21h

int 20h

15)show number/char when press 16)Menu Display

-e200 "Please Enter a Character$" -e400"Do you agree (Y/N):$"

-e300 0ah,0dh, "the Character is $" -e500 0ah,0dh, "Yes(Y).Welcome$"

-a100 -e600 0ah,0dh. "No(N).Thanks$"

mov ah,9 -a100

mov dx,200 mov ah,9

int 21h mov dx,400

mov ah,1 int 21h

int 21h mov ah,1

mov cl,al int 21h

mov ah,9 mov cl,al

mov dx,300 cmp cl,59h

int 21h cmp cl,79h

mov ah,2 je 11D

mov dl,cl mov ah,9

int 21h mov dx,600

int 20h int 21h

int 20h

mov ah,9

mov dx,500

int 21h

int 20h

Loop Label "Showing Z-A reversed. (1 TIMES)"

"To show AAAAAAAAAAAAA" 26 times" Syntax:

Syntax -a100

-a100 mov cx,1a

mov cx,1a mov ah,2

mov ah,2 mov dl,5ah

mov dl,41h int 21h

int 21h dec dl

loop (offset of int 21h) loop (offset of int 21h)

int 20h

"Showing A-Z (2 Lines)" "To show @@@@"

Syntax: Syntax:

-a100 -a100

mov cx,1ah mov cx,5

mov ah,2 push cx

mov dl,41h mov cx,5

int 21h mov ah,2

inc dl mov dl,40h

loop 0107 int 21h

mov dl,0ah loop 010B

int 21h mov dl,0ah

mov dl,0dh int 21h

int 21h mov dl,0dh

mov cx,1ah int 21h

mov ah,2 pop cx

mov dl,41h loop 0103

int 21h int 3h

inc dl

loop 011C

int 20h

"To show 0-9/P-A(reversed)." To show D and C at 2 different lines.

Syntax: syntax:

mov cx,1ah mov ah,2

mov ah,2 mov dl,44h

mov dl,5ah int 21h

int 21h mov dl,0ah

dec dl int 21h

loop 0107 mov dl,0dh

mov dl,0ah int 21h

int 21h mov dl,43h

mov dl,0dh int 21h

int 21h int 20h

mov cx,0ah

mov ah,2

mov dl,30h

int 21h

inc dl

loop 011C

int 20h

"To show @@@@ using LOOP" "To Show AAAA... and A to Z"

mov cx,6 mov cx,1a

mov ah,2 mov ah,2

mov dl,40h mov dl,41h

int 21h int 21h

loop 0107 loop 0107

mov dl,0ah mov dl,0ah

int 21h int 21h

mov dl,0dh mov dl,0dh

int 21h int 21h

int 20h mov cx,1a

mov ah,2

to Show A-Z 8 times mov dl,41h

syntax: int 21h

mov cx,8 inc dl

push cx loop 011A

mov cx,1a int 20h

mov ah,2 -rip100

mov dl,41h -g0122

int 21h

inc dl to PUSH 9098 into AX then POP in BX

loop 010B syntax:

mov dl,0ah mov ax,9098

int 21h push ax

mov dl,0dh pop bx

int 21h --------- also the same----------

pop cx mov ax, 9098

loop 0103 mov cx,ax

int 20h mov bx,cx