SoftIce  
       ,      , shareware  trial    ,    ?  ,  .    !    .  SoftICE  NuMega Software.  ,       ,    ,  ,       .             .      . 
SoftICE        (.. ,               ).   ,       :   Windows    ++.     32- ,   Win NT  Win 95/98     Win  Dos (       ;).          :))     - Trial-?   ,  32- WIN .   ?  -  :   ,    Key-,   -.

   ,         SI,         ,   SI   ,    ,      ( ,   , -  !).      ,      .      www.dore.ru,     www.dore.ru/files/debuggers,     ,    SI  WIN 95/98   WIN NT, ,      SI  ,    ,       .     SOFTICE  Win ME, Win 2000  Win XP,       : www.numega.com/drivercentral/icecentral.asp.    ,   . ,       SoftICE,    ,  ,     .



    ,         winice.dat (    ,    SI),       :

; ***** Examples of export symbols that can be included for Windows 95 *****

;Change the path to the appropriate drive and directory

EXP=c:\windows\system\kernel32.dll - ;

EXP=c:\windows\system\user32.dll -  ;

EXP=c:\windows\system\gdi32.dll - ;

   ,    Win API  ( ,      Win).         ,    .

    SoftICE    ?

 SoftIce    : , ,   .         ,        SI.       ,     ,     .

  (  )

BPX /  -           (    ).

BPM  -      .

BL -       (   ).

BD    -       .

BE    - ,  .

BC    -   .

,       . ,   SI        (,          ).    ,     ,    ,   -   ,  SI -  ,   .

    - ,       ,  ,      SI (  ,      :),    -.       ,     ,         ,  ,    ( : "!    . ,        !").

.    

,    ,     .    ,  Win API . (  ,    WIN. ,        ,     -   ,    ,    .)      ,         SI.      :

1. ,       .   API .

2.       (bpx  ).

3.        .

4.  F11,       (  ),   .

5.          .

6.     .

7.  ,     ( ,  )    ,       (   -  : cmp  jump).

8.  HIEW  - ,    (cmp     nop,  -     -   jmp    ).  -    ,          SI.

   Win API  :

MessageBoxIndirect -    .   16- .

MessageBox -    .   16- .

MessageBoxA -   ,  32- .

MessageBoxIndirectA -   ,   MessageBoxIndirect,  32- .

GetWindowText -     Windows Edit.   16- .

GetWindowTextA -   ,  32- .   .

GetDlgItemText -   ,    ,   .   16- .

GetDlgItemTextA -   ,  32- .   .

 ,  GetWindowTextA  MessageBoxA       .            (      ,   ,        "16"  "32 ",     ).



     .  :  . ,   ,         ,      -,       .  -  TaskLock.    GetWindowTextA ( ":bpx getwindowtexta").   ,      ":bl".    - : "00) BPX USER32!GetWindowTextA C=01".   F5. .   -       OK.      ,    . ,     GetWindowTextA.  GetDlgItemTextA.    ":bc 0" (0 -      )    ":bpx getdlgitemtexta".   .    SoftICE,     GetDlgItemTextA.   ,    ,  F11.     SGLSET.EXE.          ":bd 0".

      : "CALL [USER32!GetDlgItemTextA]"

    ,  Ctrl+Up (" ")   ,      .       ,   ,   .

RET ;  

PUSH EBP ;   

MOV EBP, ESP ; ...

SUB ESP, 0000009C ; ...

PUSH ESI ; ...

> LEA EAX, [EBP-34] ; EAX = EBP-34

PUSH EDI ; ...

MOVE ESI, ECX ; ...

PUSH 32 ; .  

> PUSH EAX ;   

PUSH 000003F4 ;  

PUSH DWORD PTR [ESI+1C] ;   

CALL [USER32!GetDlgItemTextA] ;  

 PUSH      .      '>'.    ,  ,        EAX   EAX  EBP-34h.     EBP-34h ":d ebp-34".    ,     .     ,        .        F10   ,    -  EBP-34.     ,      :

> LEA EAX, [EBP+FFFFFF64] ; EAX = EBP-9C

LEA ECX, [EBP-34] ; ECX = EBP-34

PUSH EAX ;  EAX

PUSH ECX ;  ECX

> CALL 00403DD0 ;  

ADD ESP, 08 ;   

TEST EAX, EAX ;   

JNZ 00402BC0 ; ,   ""

 ,         .    :   -  ,   - 0,   ,    ,   .     -   ,      ?  ,    .       [EBP+FFFFFF64]. SoftICE       ,      : 100000000 - FFFFFF64 = 9C.

       SoftICE: "? 0-FFFFFF64".  100000000    SoftICE,    0     .    ,      EBP-9C ( ":d ebp-9c").    SoftICE      -   !       , ,     .   ,        ,      F10.      :

> LEA EAX, [EBP-68] ; EAX = EBP-68

LEA ECX, [EBP-34] ; ECX = EBP-34

PUSH EAX ;  EAX

PUSH ECX ;  ECX

> CALL 00403DD0 ;   

ADD ESP, 08 ;   

TEST EAX, EAX ;   

JNZ 00402BFF ; ,   ""

      EBP-68?   !   ...SoftIce  


       ,      , shareware  trial    ,    ?  ,  .    !    .  SoftICE  NuMega Software.  ,       ,    ,  ,       .             .      . 
SoftICE        (.. ,               ).   ,       :   Windows    ++.     32- ,   Win NT  Win 95/98     Win  Dos (       ;).          :))     - Trial-?   ,  32- WIN .   ?  -  :   ,    Key-,   -.

   ,         SI,         ,   SI   ,    ,      ( ,   , -  !).      ,      .      www.dore.ru,     www.dore.ru/files/debuggers,     ,    SI  WIN 95/98   WIN NT, ,      SI  ,    ,       .     SOFTICE  Win ME, Win 2000  Win XP,       : www.numega.com/drivercentral/icecentral.asp.    ,   . ,       SoftICE,    ,  ,     .



    ,         winice.dat (    ,    SI),       :

; ***** Examples of export symbols that can be included for Windows 95 *****

;Change the path to the appropriate drive and directory

EXP=c:\windows\system\kernel32.dll - ;

EXP=c:\windows\system\user32.dll -  ;

EXP=c:\windows\system\gdi32.dll - ;

   ,    Win API  ( ,      Win).         ,    .

    SoftICE    ?

 SoftIce    : , ,   .         ,        SI.       ,     ,     .

  (  )

BPX /  -           (    ).

BPM  -      .

BL -       (   ).

BD    -       .

BE    - ,  .

BC    -   .

,       . ,   SI        (,          ).    ,     ,    ,   -   ,  SI -  ,   .

    - ,       ,  ,      SI (  ,      :),    -.       ,     ,         ,  ,    ( : "!    . ,        !").

.    

,    ,     .    ,  Win API . (  ,    WIN. ,        ,     -   ,    ,    .)      ,         SI.      :

1. ,       .   API .

2.       (bpx  ).

3.        .

4.  F11,       (  ),   .

5.          .

6.     .

7.  ,     ( ,  )    ,       (   -  : cmp  jump).

8.  HIEW  - ,    (cmp     nop,  -     -   jmp    ).  -    ,          SI.

   Win API  :

MessageBoxIndirect -    .   16- .

MessageBox -    .   16- .

MessageBoxA -   ,  32- .

MessageBoxIndirectA -   ,   MessageBoxIndirect,  32- .

GetWindowText -     Windows Edit.   16- .

GetWindowTextA -   ,  32- .   .

GetDlgItemText -   ,    ,   .   16- .

GetDlgItemTextA -   ,  32- .   .

 ,  GetWindowTextA  MessageBoxA       .            (      ,   ,        "16"  "32 ",     ).



     .  :  . ,   ,         ,      -,       .  -  TaskLock.    GetWindowTextA ( ":bpx getwindowtexta").   ,      ":bl".    - : "00) BPX USER32!GetWindowTextA C=01".   F5. .   -       OK.      ,    . ,     GetWindowTextA.  GetDlgItemTextA.    ":bc 0" (0 -      )    ":bpx getdlgitemtexta".   .    SoftICE,     GetDlgItemTextA.   ,    ,  F11.     SGLSET.EXE.          ":bd 0".

      : "CALL [USER32!GetDlgItemTextA]"

    ,  Ctrl+Up (" ")   ,      .       ,   ,   .

RET ;  

PUSH EBP ;   

MOV EBP, ESP ; ...

SUB ESP, 0000009C ; ...

PUSH ESI ; ...

> LEA EAX, [EBP-34] ; EAX = EBP-34

PUSH EDI ; ...

MOVE ESI, ECX ; ...

PUSH 32 ; .  

> PUSH EAX ;   

PUSH 000003F4 ;  

PUSH DWORD PTR [ESI+1C] ;   

CALL [USER32!GetDlgItemTextA] ;  

 PUSH      .      '>'.    ,  ,        EAX   EAX  EBP-34h.     EBP-34h ":d ebp-34".    ,     .     ,        .        F10   ,    -  EBP-34.     ,      :

> LEA EAX, [EBP+FFFFFF64] ; EAX = EBP-9C

LEA ECX, [EBP-34] ; ECX = EBP-34

PUSH EAX ;  EAX

PUSH ECX ;  ECX

> CALL 00403DD0 ;  

ADD ESP, 08 ;   

TEST EAX, EAX ;   

JNZ 00402BC0 ; ,   ""

 ,         .    :   -  ,   - 0,   ,    ,   .     -   ,      ?  ,    .       [EBP+FFFFFF64]. SoftICE       ,      : 100000000 - FFFFFF64 = 9C.

       SoftICE: "? 0-FFFFFF64".  100000000    SoftICE,    0     .    ,      EBP-9C ( ":d ebp-9c").    SoftICE      -   !       , ,     .   ,        ,      F10.      :

> LEA EAX, [EBP-68] ; EAX = EBP-68

LEA ECX, [EBP-34] ; ECX = EBP-34

PUSH EAX ;  EAX

PUSH ECX ;  ECX

> CALL 00403DD0 ;   

ADD ESP, 08 ;   

TEST EAX, EAX ;   

JNZ 00402BFF ; ,   ""

      EBP-68?   !   ...v