After going over countless of tutorials on reverse engineering I finally figured out how to use softice. The problem with most tutorials is that they assume that you have some kind of knowledge on the subject matter and while some people might have knowledge in assembly language it doesn't mean that they automatically have knowledge on softice. I know a little bit of assembly but I am new to this reverse engineering thing so I would like to share my troubles with anyone who is willing to listen so that if you don't know much about reverse engineering you can learn from my mistakes and try not to make them.

The most important thing I have learned is the use of breakpoints from a tutorial I found in http://azrael.mine.nu/underground/softicetuts/bps.htm but still I am not very comfortable with the softice dos screen. Is there a way to print out or make a text file of the info uncovered by the breakpoints? I am using sofice 4.05 under windoze 98 and I would prefer if I could use the softice log file as a reference for searching for the breakpoints in a hex editor like Hex Workshop in which I can print out or do some cutting and pasting. Can this be done? Is the softice log file good for anything or is it there just for amusement? This is the information I get on my softice log file:

WINICE: Load32 Obj=0002 Add=016F:BFF5D000 Len=00001000 Mod=USER32

I guess my question really is if the Add= is the location of the operation being executed in the Mod= file in this case user32.dll?


Thanks for listening,


Lou Cypher

Hola,

If I got you right, you want to search the breakpoints in an HexEditor? *g*

That's pretty hardcore... as only pro's can see that E8 D4 20 00 00 is a call to the CreateValidSerialInMemory-API *hehehe*

/me gets serious again

----

I really would start reading the SoftIce manual first, then I would get me a disassembler (www.datarescue.com (freeware) or get Wdasm32) and you will see that there's no need for printing out the SoftIce-Dos-Screen as you would have the code clear & lisible in front of your eyes.... and there are the breakpoints all listed in a row!

Then I would start reading & understanding countless tuts and not just going over them That helps a lot too!

JimmyClif
"There's really no magik behind :

3BF7
7642
CC

CC? What the f**k?"

Como estás:

Thanks for answering my question. Sorry I took so long in replying back. I have tried for about a week now to reverse engineer anything but I haven't had much success mainly because the tutorials I get use sample files that are not available any more that is why I can only go over them I can't really study them. To add insult to injury the SoftICE manual and the command reference are written in Chinese, well at least that is what it looks to me because I can't understand half of what they are saying. I couldn't find a place either in the manual or in the command reference with a complete keyboard mapping of all he short cuts available in SoftICE. I had to make the keyboard mapping after going over what must have been at least a hundred of commands in the command reference. I really hate adobe acrobat documents because it is very difficult to scroll through them and you can't cut or paste. My printer just died so I hate Acrobat even more. I had to go through every single command in the command reference to find out which ones where mapped in the keyboard. I give anything for a good book or manual. Unfortunately this is a forbidden subject and good books and manuals are hard to come by. Anyway was really glad that you could straighten me out. I will keep trying more and I will try to post my discoveries so I can help people out.

Thanks,

Lou Cypher

Check your mail

ERROR: The address "vpanepinto@hotmail.com" does not exist. This mail has not been sent.

what's that?

Sorry about my hotmail email, the account was closed for 2 months but a reactivated it. It apparently didn't work because I get the same message I got a week ago. I will try again to get it reactivated but in the mean time here is my local email vinny@coqui.net. Thanks for your time and patience.

Lou Cypher

Hi,
you don't understand the language in the manual doesn't mean its written in chinese.
pls don't insult us.remember that!!!

Yeah... we better take care...

After all: They do have atomic bombs...

JimmyClif

It takes quite a bit of intelligence to read and write Chinese too. 8) Not that easy. 8)
Maybe you should grab a copy of the manual written in english or your native language?

Regards.
EB

Umm, not true at all.
Hi, just for the record, acrobat reader DOES
have the ability to copy text, just use
the text select tool
I think you're trying to overdo it from the
start. Don't try mapping shortcuts to each
and every command in SI, that's pointless,
since more than half of them aren't used
regularly (that is, only on specific cases).
The SI manual is divided into chapters, and
you can browse easily through them using
the bookmark pane. In the windows menu there's an option to enable bookmark view,
which makes it a lot easier to navigate.
Finally, give it time. With some training,
you'll get a good grip of the commands you
need to use regularly, so you needn't be
worried about it right now.

LS