PDA

View Full Version : I get a red scren when softice jumps


edge
January 7th, 2001, 19:47
I'm trying to reverse a msdos based program and i'm trying to debug it with softice for dos.

I set a breackpoint, i start this program but when it arrives to this point the screen becomes completelly red and i can't see anything, the debuger works, but i see nothing. Is there any tool to make an snapshot of the state or output it to a file(or to the printer) so that i can see what's going on?

MO K`
January 8th, 2001, 03:36
It is your video card that is not supported, or setup correctly.

But most likely is that SICE breaks in during high flicker and animation -are you cracking a dos game?- and when it takes control, it doesn't update the video memory, so you see the mish mash you see :P

Why don't you try winice? when the screen goes blank, you kill the dos box, and save the trace log to a file, you note where the break point occured and do it over, or take it to a disassembler and sniff right where is hurts

I don't recommend using symdeb/debug in DOS, you will accidently trace an interrupt handler and hang the machine. If you are careful, try symdeb with p-rets, and not (t)races. Good luck!!

Igitt
January 9th, 2001, 03:14
In my experience it is WAY better to reverse dos programs inside a REAL dos box (i.e. a 80386 or lower) with sice 2.6 (not 2.8) for dos.

You can most of the time find a good 80836 for free nowadays. Such a box is also very good for virus studies and reversing.

Amazing also how many good old and free dos games you can play there

Igittigitt

aimless
January 9th, 2001, 05:00
Quote:
edge (01-07-2001 08:47):
I'm trying to reverse a msdos based program and i'm trying to debug it with softice for dos.

I set a breackpoint, i start this program but when it arrives to this point the screen becomes completelly red and i can't see anything, the debuger works, but i see nothing. Is there any tool to make an snapshot of the state or output it to a file(or to the printer) so that i can see what's going on?


Make sure that you set the force palatte option in .dat to ON. Check the manual for further instructions.