|
Why SoftIce is not setting breakpoints?
Why SoftIce is not setting breakpoints and not stopping at the beginning of the loaded program?
What am I doing wrong? I am using SoftICE Driver Suite 2.6 Windows XP Build 2600 (No SP) |
You're not doing anything wrong. The softice loader simply does not work properly with WinXP and fails to break on the .exe's entry point. Here's one workaround:
1. Load softice. 2. Find your .exe file's entry point using HIEW or PEEditor or some other such utility. 3. Run your proggy and note the module name (ie., name of the .exe file). ie., if you're running BITCH.EXE, the module name will be BITCH. 4. Break in with softice using the keyboard hotkey (default: <ctrl><d>). 5. In softice, switch to your proggy's context with the ADDR module-name command; ie., ADDR BITCH 6. Set a breakpoint at the entrypoint as normal, via BPX <entrypoint>. 7. Exit softice by continuing execution with a X or G command. 8. Close your proggy. Now the next time you run the proggy, it should :) break at the entry point. I've had it work sporadically at times, for unknown reasons, but this usually does work.:cool: |
Try this...
Removed by me
hob |
SoftICE breakpoints problems in XP
1 Attachment(s)
Ok folks, I think the matter has been fully resolved by Kayaker. It boils down to changing one byte in nmtrans.dll. His explanation of the problem is very detailed, so just check out the attached archive. :)
So far, this has worked for me using Win2000/DriverStudio 2.7. |
Well I tried it but still does not break at entry point.
Also when I type "Task" I get a "No LDT" reply. Anyone know why? |
The 'task' command under Win NT (incl. Win XP, 2000) shows only 16 bit tasks. This is straight from the manual. So you're being told there is no Local Descriptor Table. Use 'proc' instead to get info on 32 bit processes.
You might also verify the radio button is clicked on in the SICE loader for breaking on winmain (I think it's under Module, Settings) |
For those of you who are still in need of Softice DriverSuite 2.7, ive posted the location you can get it at
http://www.exetools.com/forum/showthread.php?s=&threadid=1366 I use it with the attachment listed earlier in this thread and have had no issues w/ breakpoints on XP (SP1 + patches) Enjoy Checks |
and , to properly recognize entry point by Softice loader, the section containing entry point must be marked as "code" and "executable" - so you have to fix it in PE header
|
I think it is not a problen of softice.
Please refer to it's readme,the section of "SoftICE Support of Unreleased OS Version" do following steps: Load up the softICE Settings application. Go to the advanced page. Add an entry of NTSYMBOLS=ON. Get the symbols for ntoskrnl.exe and translate them to NMS format. You can either use the Symbol Retriever utility to get the correct symbols, or get them from the Support CD provided by Microsoft. Go to the symbols page and add in the ntoskrnl.nms that you've just translated. Now, reboot your machine. |
| All times are GMT +8. The time now is 03:54. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX