Not your usual DOS program
From: Andrew Kennedy (andrewkennedy2_at_LOGev1.net)
Date: 02/22/04
- Next message: The Half A Wannabee: "Re: Not your usual DOS program"
- Previous message: Bx.C: "Re: numbers as ascii, ALSO... mod-r/m and sib bytes as octal... opinions please!!!"
- Next in thread: The Half A Wannabee: "Re: Not your usual DOS program"
- Reply: The Half A Wannabee: "Re: Not your usual DOS program"
- Reply: Bill Marcum: "Re: Not your usual DOS program"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sun, 22 Feb 2004 14:41:10 -0000
I am trying to analyze this program. This is the beginning code.
What I have learned is that the program uses a DOS extender.
If someone has time could you help me step through this so I can learn what
it is doing.
It doesn't have the normal MZ signature. It stops interrupts for a while
and uses the extra segment.
Thanks.
cs:0000 FA cli
cs:0001 16 push ss
cs:0002 1F pop ds
cs:0003 26A10200 mov ax,es:[0002]
cs:0007 83E840 sub ax,0040
cs:000A 8ED0 mov ss,ax
cs:000C FB sti
cs:000D 06 push es
cs:000E 16 push ss
cs:000F 07 pop es
cs:0010 BEF003 mov si,03F0
cs:0013 8BFE mov di,si
cs:0015 B91000 mov cx,0010
cs:0018 F3A4 rep movsb
cs:001A 07 pop es
- Next message: The Half A Wannabee: "Re: Not your usual DOS program"
- Previous message: Bx.C: "Re: numbers as ascii, ALSO... mod-r/m and sib bytes as octal... opinions please!!!"
- Next in thread: The Half A Wannabee: "Re: Not your usual DOS program"
- Reply: The Half A Wannabee: "Re: Not your usual DOS program"
- Reply: Bill Marcum: "Re: Not your usual DOS program"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
