Hello!

I'm quite new in reversing and I have some problems trying to crack a dos program. I disassembled the program and I want Softice to break to a specific line or command saw in the disassembled program. For example, I want to break on : "cmp eax, 00000002". Is there a way to do that?? Of if I want to break when a specific string is written in memory like : 'test', how can I do that??

Jerry

Hullo,

First things first...

a. If you are cracking a DOS proggy, then I'd suggest you crack using Win95/98. During startup, select the F8 key, select DOS only and crack from there.

b. To crack DOS proggys, use Softice for DOS and not the one for win9x.

Now that they are out of the way...

The instruction will have an address in the disassembly. For example:

xxxx:yyyyyyyy cmp eax 00000002

You need to breakpoint on the address and not the instruction. For example in softice:

bpx xxxx:yyyyyyyy

This will break whenever this address is accessed. If this instruction is in a loop, it will break on EVERY iteration/round of the loop.

For searching strings...

do a search first. Example:

s 0:0 l ffffffff 'test'

(please note the single quote on the string)

For EVERY instance of test that you find, breakpoint on memory access read/write for that string ADDRESS. Example:

bpmb xxxx:yyyyyyyy rw

where xxxx:yyyyyyyy are EACH addresses that you find duing the search command above. So, if you find 4 such address, you have to apply the bpmb to ALL the 4 addresses.

Thereafter, ANY access (Read or Write) to that string will breakpoint. And may I suggest that you keep the Ralf's Interrupt List with you at ALL times...

Have Phun.