Exetools

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   Breakpoints in Softice are not working Help (https://forum.exetools.com/showthread.php?t=6782)

00_ZiP_RaR_00 02-12-2005 18:53
Breakpoints in Softice are not working Help
 
Hi to all,

I am a new user to cracking. I recently downloaded Driver Studio 3.1, The problem is that my softice is not responding to the Breakpoints I have placed. Even the very basic beakpoint on MessageBoxA or MessageBoxW is not working. I have downloaded the latest OSINFO.DAT from compuware site, but still the issue is not resolved.

OS: Windows XP Pro with SP2.
RAM: 256 MB
Processor: Intel Pentium M 1.5
Technology: Centrino

Please help as this issue is annoying me and I am unable to learn the very best in programming/debugging.

00_Z!p_Rar_00

JMI 02-12-2005 22:18
And "of course" you RTFM about context sensitive breakpoints and actually searched for information about v3.1 and breakpoints, right?

Regards,

dyn!o 02-13-2005 01:44
I suppose the guy (?) is asking rather about user mode (ring 3) breakpoints.

Driver Studio 3.1 was indeed the first relase which may confuse its users if they don't read help file. In DS 3.1 there exist a variable which defines BP response in ring 3 mode. Starting from this relase breakpoints are context sensitive, which means they are active only in the context in which they were activated.

More information at: http://www.exetools.com/forum/showthread.php?t=3732&

(notice "set BreakInSharedMods on " command - that is exactly what you are searching for)

Regards.

freddy2002 02-13-2005 05:05
Or it should be also possible to BPM 'ADRESS' X
(I belive)

EDIT:
long time not used debugger but
addr ' ??? '
bpm ' ??? ' X

dyn!o 02-13-2005 05:20
Nope. BPM, despite the fact of DRx usage, still works in a specific context only (DS >3.0).

Regards.

just4urim 02-13-2005 13:06
First check your SoftICE status ,is it enable ? Then enable the breakpoints in SoftICE . Use be to enable the breakpoints and bl to view the list of the current breakpoints . you can find more in SoftICE Command Refrence ....

dyn!o 02-13-2005 18:08
Freddy2002: it still will not work because you cannot issue ADDR command with a direct address as the parameter (context). When you type the parameter of ADDR command it is the address of process specific KPEB (Kernel Process Environment Block), not any direct addressing. Context can be set only with KPEB, process name or PID.

So, you can set the breakpoints on the following ways:

ADDR Armadillo (process name)
BPX/BP 4a4740 (x)

ADDR 8202aa00 (KPEB)
BPX/BP 4a4740 (x)

ADDR 160 (PID)
BPX/BP 4a4740 (x)

It will work in DS 3.1 without issuing any additional commands and environment variables.

Regards.

00_ZiP_RaR_00 02-14-2005 02:03
Thank You for all the help.

I solved the problem by downloading the DS 3.2. I extracted the file ntice.sys from the Data1.cab in the setup folder of the archive DS 3.2 (just to avoid the whole installation) and replaced the one in Windows\System32\Drivers folder. I also replaced the osinfo.dat and osinfob.dat files. Now softice is working fine. I think the issue was with the softice version in DS 3.1 itself on XP SP2.

Special thanks to dyn!o. I will surely give a try to the resolution you provided and will also read the softice manual.

This is surely the best forum on EXEcutables.

00_Z!P_RaR_00

Sky 02-14-2005 20:24
Quote:
Originally Posted by 00_ZiP_RaR_00
I solved the problem by downloading the DS 3.2.
00_Z!P_RaR_00
You may share the link?


All times are GMT +8. The time now is 10:41.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX