CRACKER'S NOTE - SoftICE (Boot Menu, Setup, Commands)
02.1 Boot Menu
==========
Để chạy, SoftICE cần vài KB trong RAM của mỗi chương trình. Do đó, nếu máy bạn bị “hạn chế” về RAM hoặc bạn không muốn SoftICE tự động load mỗi khi khởi động máy ( chả lẽ cứ vào msconfig tắt nó rồi khi nào cân dùng lại chỉnh lại rồi phải khởi động lại máy nữa ---->rất phiền) mà phải “hỏi ý kiến” rồi mới dám “vào chơi với em windows” thì bạn cần phải chỉnh sửa đôi chút trong AUTOEXEC.BAT và CONFIG.SYS. Các bác hãy coi 2 file đó trong máy em rồi tìm cách sửa theo máy các bác nha :
AUTOEXEC.BAT:
goto %config%
:SICE
E:\CRACK\SOFTIC~1\WINICE.EXE
goto common
:NORM
goto common
:common
CONFIG.SYS :
[menu]
menuitem SICE,Load Soft-Ice
menuitem NORM,khong load SoftICE
menudefault NORM,5(5s là thời gian ngồi chờ các bác “cho phép”, nếu quá 5s mà không thấy các bác trả lời thì windows sẽ típ tục load mà không load SoftICE, các bác có thể thay đổi thời gian chờ đợi 5s này)
[SICE]
[NORM]
[common]
DEVICE=C:\WINDOWS\setver.exe
DOS=HIGH
FILES=40
02.2 Setup
=======
Cái này em đã nói nhìu rùi, bác nào chưa bít thì xem lại trong tut Window Cracking Tutorial (http://www.reaonline.net/forum/showthread.php?t=212)
02.3 Commands
==========
Dưới đây là danh sách các commands (lệnh) trong SoftICE. Các bác nên thuộc hết các lệnh này là tốt nhất (mặc dù là nó hơi dài) vì các bác càng bít nhìu về SoftICE bao nhiêu thì các bác càng dễ crack soft với SoftICE bấy nhiêu. ;)
Các lệnh cơ bản :
?______________________________Evulate Expression
A______________________________Assemble code
ADDR__________________________Display/Change address contents
BC_____________________________Clear Breakpoint
BD_____________________________Disable Breakpoint
BE_____________________________Enable Breakpoint
B______________________________List current Breakpoints
BPE____________________________Edit Breakpoint
BPT____________________________Use Breakpoint as a template
BPM, BPMB, BPMW, BPMD__________Breakpoint on memory access
BPR____________________________Breakpoint on memory range
BPIO___________________________Breakpoint on I/O port access
BPINT__________________________Breakpoint on Interrupt
BPX____________________________Breakpoint on execution
BPMSG_________________________Breakpoint on windows message
C______________________________Compare two data blocks
CLASS__________________________Display window class information
D, DB, DW, DD, DS, DL, DT_________Display memory
DATA___________________________Change data window
E, EB, EW, ED, EL, ET______________Edit memory
EXIT____________________________EXIT
F_______________________________Fill memory with data
FORMAT_________________________Change format of data window
G_______________________________Go to address
H_______________________________Help on specific function
HBOOT__________________________System boot (total reset)
HERE___________________________Go to current cursor line
HWND___________________________Display window handle information
M_______________________________Move Data
MOD____________________________Display windows module list
P_______________________________Step skipping calls, Int, etc
R_______________________________Display/Change Register contents
S_______________________________Search for data
T_______________________________Single Step one instruction
TASK____________________________Display windows task list
THREAD__________________________Display thread information
U_______________________________Un-Assemblers instructions
VER_____________________________SoftICE Version
WATCH__________________________Add watch
WHAT___________________________Identify the type of expression
WMSG ___________________________Display windows messages
X________________________________Return to host debugger or program
Những lệnh cấp cao :
CPU_____________________________Display CPU register information
GDT_____________________________Display global descriptor table
GENINT__________________________Generate an interrupt
HEAP____________________________Display windows global heap
LHEAP___________________________Display windows local heap
IDT_____________________________Display interrupt descriptor table
I, IB, IW, ID______________________Input data from I/O Port
O. OB, OW, OD____________________Output data form I/O Port
LDT_____________________________Display local descriptor table
MAP32___________________________Display 32Bit section map
MAPV86__________________________Display v86 memory map
PAGE____________________________Display page table information
PCI______________________________Display PCI device information
PEEK____________________________Read from physical address
PHYS______________________Display all virtual addresses for physical address
POKE____________________________Write to physical address
PROC____________________________Display process information
QUERY__________________________Display process virtual address space map
TSS_____________________________Display task state segment
STACK___________________________Display call stack
VCALL___________________________Display VxD calls
VM______________________________Display virtual machine information
VXD_____________________________Display windows VxD map
XFRAME__________________________Display active exeption frames
Mode Control :
FAULTS__________________________Enable/Disable SoftIce fault trapping
I1HERE__________________________Direct INT1 to SoftICE
I3HERE__________________________Direct INT3 to SoftICE
SET_____________________________Change an internal variable
ZAP_____________________________Zap embedded INT1 or INT3
Những lệnh chỉnh sửa :
ALTKEY_________________________Set key sequence to invoke window
ANSWER______________________Auto-answer and redirect console to modem
CODE___________________________Display insctruction bytes in code window
COLOR__________________________Display/Set screen colors
DEX____________________________Display/Assign window data expression
DIAL____________________________Redirect console to modem
FKEY____________________________Display/Set function keys
LINES___________________________Set/Display number of lines on screen
MACRO__________________________Define a named macro command
PAUSE___________________________Control display scroll mode
PRN_____________________________Set printer output port
SERIAL__________________________Redirect console
TABS____________________________Set/Display tab setting
Window Commands :
._______________________________ Locate current instruction
EC______________________________Enable/Disable code window
WC_____________________________Toggle code window
WD_____________________________Toggle data window
WF_____________________________Toggle float point stack window
WL_____________________________ Toggle locals window
WR_____________________________Toggle register window
WW_____________________________Toggle watch window
Window Control :
ALTSCR__________________________Change to alternate display
CLS_____________________________Clear window
FLASH___________________________Restore screen during P and T
RS______________________________Restore program screen
Symbole / Source Commands :
EXP_____________________________Display export symbols
FILE____________________________Change/Display current source file
LOCALS__________________________Display locals currently in scope
SRC_____________________________Toggle between source, mixed & code
SS______________________________Search source module for string
SYMLOC_________________________Relocate symbol base
TAB_____________________________Select/Remove symbol table
TYPES___________________________List all types, or display type defination
Back Trace Commands :
SHOW___________________________Display from backtrace buffer
TRACE__________________________Enter backtrace simulation mode
XT______________________________Step in trace simulation mode
XP______________________________Program step in trace simulation mode
XG______________________________Go to address in trace simulation mode
XRSET___________________________Reset backtrace history buffer
Special Operators :
._______________________Preceding a decimal number specifies a line number
$______________________Preceding an address specifies SEGMENT addressing
#______________________Preceding an address specifies SELECTOR
@______________________Preceding an address
02.1 Boot Menu
==========
Để chạy, SoftICE cần vài KB trong RAM của mỗi chương trình. Do đó, nếu máy bạn bị “hạn chế” về RAM hoặc bạn không muốn SoftICE tự động load mỗi khi khởi động máy ( chả lẽ cứ vào msconfig tắt nó rồi khi nào cân dùng lại chỉnh lại rồi phải khởi động lại máy nữa ---->rất phiền) mà phải “hỏi ý kiến” rồi mới dám “vào chơi với em windows” thì bạn cần phải chỉnh sửa đôi chút trong AUTOEXEC.BAT và CONFIG.SYS. Các bác hãy coi 2 file đó trong máy em rồi tìm cách sửa theo máy các bác nha :
AUTOEXEC.BAT:
goto %config%
:SICE
E:\CRACK\SOFTIC~1\WINICE.EXE
goto common
:NORM
goto common
:common
CONFIG.SYS :
[menu]
menuitem SICE,Load Soft-Ice
menuitem NORM,khong load SoftICE
menudefault NORM,5(5s là thời gian ngồi chờ các bác “cho phép”, nếu quá 5s mà không thấy các bác trả lời thì windows sẽ típ tục load mà không load SoftICE, các bác có thể thay đổi thời gian chờ đợi 5s này)
[SICE]
[NORM]
[common]
DEVICE=C:\WINDOWS\setver.exe
DOS=HIGH
FILES=40
02.2 Setup
=======
Cái này em đã nói nhìu rùi, bác nào chưa bít thì xem lại trong tut Window Cracking Tutorial (http://www.reaonline.net/forum/showthread.php?t=212)
02.3 Commands
==========
Dưới đây là danh sách các commands (lệnh) trong SoftICE. Các bác nên thuộc hết các lệnh này là tốt nhất (mặc dù là nó hơi dài) vì các bác càng bít nhìu về SoftICE bao nhiêu thì các bác càng dễ crack soft với SoftICE bấy nhiêu. ;)
Các lệnh cơ bản :
?______________________________Evulate Expression
A______________________________Assemble code
ADDR__________________________Display/Change address contents
BC_____________________________Clear Breakpoint
BD_____________________________Disable Breakpoint
BE_____________________________Enable Breakpoint
B______________________________List current Breakpoints
BPE____________________________Edit Breakpoint
BPT____________________________Use Breakpoint as a template
BPM, BPMB, BPMW, BPMD__________Breakpoint on memory access
BPR____________________________Breakpoint on memory range
BPIO___________________________Breakpoint on I/O port access
BPINT__________________________Breakpoint on Interrupt
BPX____________________________Breakpoint on execution
BPMSG_________________________Breakpoint on windows message
C______________________________Compare two data blocks
CLASS__________________________Display window class information
D, DB, DW, DD, DS, DL, DT_________Display memory
DATA___________________________Change data window
E, EB, EW, ED, EL, ET______________Edit memory
EXIT____________________________EXIT
F_______________________________Fill memory with data
FORMAT_________________________Change format of data window
G_______________________________Go to address
H_______________________________Help on specific function
HBOOT__________________________System boot (total reset)
HERE___________________________Go to current cursor line
HWND___________________________Display window handle information
M_______________________________Move Data
MOD____________________________Display windows module list
P_______________________________Step skipping calls, Int, etc
R_______________________________Display/Change Register contents
S_______________________________Search for data
T_______________________________Single Step one instruction
TASK____________________________Display windows task list
THREAD__________________________Display thread information
U_______________________________Un-Assemblers instructions
VER_____________________________SoftICE Version
WATCH__________________________Add watch
WHAT___________________________Identify the type of expression
WMSG ___________________________Display windows messages
X________________________________Return to host debugger or program
Những lệnh cấp cao :
CPU_____________________________Display CPU register information
GDT_____________________________Display global descriptor table
GENINT__________________________Generate an interrupt
HEAP____________________________Display windows global heap
LHEAP___________________________Display windows local heap
IDT_____________________________Display interrupt descriptor table
I, IB, IW, ID______________________Input data from I/O Port
O. OB, OW, OD____________________Output data form I/O Port
LDT_____________________________Display local descriptor table
MAP32___________________________Display 32Bit section map
MAPV86__________________________Display v86 memory map
PAGE____________________________Display page table information
PCI______________________________Display PCI device information
PEEK____________________________Read from physical address
PHYS______________________Display all virtual addresses for physical address
POKE____________________________Write to physical address
PROC____________________________Display process information
QUERY__________________________Display process virtual address space map
TSS_____________________________Display task state segment
STACK___________________________Display call stack
VCALL___________________________Display VxD calls
VM______________________________Display virtual machine information
VXD_____________________________Display windows VxD map
XFRAME__________________________Display active exeption frames
Mode Control :
FAULTS__________________________Enable/Disable SoftIce fault trapping
I1HERE__________________________Direct INT1 to SoftICE
I3HERE__________________________Direct INT3 to SoftICE
SET_____________________________Change an internal variable
ZAP_____________________________Zap embedded INT1 or INT3
Những lệnh chỉnh sửa :
ALTKEY_________________________Set key sequence to invoke window
ANSWER______________________Auto-answer and redirect console to modem
CODE___________________________Display insctruction bytes in code window
COLOR__________________________Display/Set screen colors
DEX____________________________Display/Assign window data expression
DIAL____________________________Redirect console to modem
FKEY____________________________Display/Set function keys
LINES___________________________Set/Display number of lines on screen
MACRO__________________________Define a named macro command
PAUSE___________________________Control display scroll mode
PRN_____________________________Set printer output port
SERIAL__________________________Redirect console
TABS____________________________Set/Display tab setting
Window Commands :
._______________________________ Locate current instruction
EC______________________________Enable/Disable code window
WC_____________________________Toggle code window
WD_____________________________Toggle data window
WF_____________________________Toggle float point stack window
WL_____________________________ Toggle locals window
WR_____________________________Toggle register window
WW_____________________________Toggle watch window
Window Control :
ALTSCR__________________________Change to alternate display
CLS_____________________________Clear window
FLASH___________________________Restore screen during P and T
RS______________________________Restore program screen
Symbole / Source Commands :
EXP_____________________________Display export symbols
FILE____________________________Change/Display current source file
LOCALS__________________________Display locals currently in scope
SRC_____________________________Toggle between source, mixed & code
SS______________________________Search source module for string
SYMLOC_________________________Relocate symbol base
TAB_____________________________Select/Remove symbol table
TYPES___________________________List all types, or display type defination
Back Trace Commands :
SHOW___________________________Display from backtrace buffer
TRACE__________________________Enter backtrace simulation mode
XT______________________________Step in trace simulation mode
XP______________________________Program step in trace simulation mode
XG______________________________Go to address in trace simulation mode
XRSET___________________________Reset backtrace history buffer
Special Operators :
._______________________Preceding a decimal number specifies a line number
$______________________Preceding an address specifies SEGMENT addressing
#______________________Preceding an address specifies SELECTOR
@______________________Preceding an address
The_lighthouse(REA)
In bài này
Đặt làm trang chủ