Author Topic: Acessing the Master Boot Record!  (Read 32254 times)

laskar01

  • Guest
Re: Acessing the Master Boot Record!
« Reply #15 on: July 12, 2012, 02:44:37 AM »
Thanks Steve I'll look it up.
Got the Win98 computer up and running, unfortunately no 1.4MB disqette yet. have to raid the cellar...

Switched to the code uploaded by Vortex, edited the output with adresses and read Wikipedia on MBR.

Structure of a master boot record
Address    Description    Size in bytes
Hex    Oct    Dec
0000    0000    0    code area    440
(max. 446)
01B8    0670    440    disk signature (optional)    4
01BC    0674    444    Usually nulls; 0x0000    2
01BE    0676    446    Table of primary partitions
(Four 16-byte entries, IBM partition table scheme)    64
01FE    0776    510    55h    MBR signature    2
01FF    0777    511    AAh
MBR, total size: 446 + 64 + 2 =    512

   Here is the dump can somebody decode the first two or three bytes?

; File C:\Documents and Settings\laskar01\Skrivbord\ReadMBR11\master_boot_record_file.ext opened at 512 bytes

    00 db 033h,0C0h,08Eh,0D0h,0BCh,000h,07Ch,08Eh,0C0h,08Eh,0D8h,0BEh,000h,07Ch,0BFh,000h
    10 db 006h,0B9h,000h,002h,0FCh,0F3h,0A4h,050h,068h,01Ch,006h,0CBh,0FBh,0B9h,004h,000h
    20 db 0BDh,0BEh,007h,080h,07Eh,000h,000h,07Ch,00Bh,00Fh,085h,00Eh,001h,083h,0C5h,010h
    30 db 0E2h,0F1h,0CDh,018h,088h,056h,000h,055h,0C6h,046h,011h,005h,0C6h,046h,010h,000h
    40 db 0B4h,041h,0BBh,0AAh,055h,0CDh,013h,05Dh,072h,00Fh,081h,0FBh,055h,0AAh,075h,009h
    50 db 0F7h,0C1h,001h,000h,074h,003h,0FEh,046h,010h,066h,060h,080h,07Eh,010h,000h,074h
    60 db 026h,066h,068h,000h,000h,000h,000h,066h,0FFh,076h,008h,068h,000h,000h,068h,000h
    70 db 07Ch,068h,001h,000h,068h,010h,000h,0B4h,042h,08Ah,056h,000h,08Bh,0F4h,0CDh,013h
    80 db 09Fh,083h,0C4h,010h,09Eh,0EBh,014h,0B8h,001h,002h,0BBh,000h,07Ch,08Ah,056h,000h
    90 db 08Ah,076h,001h,08Ah,04Eh,002h,08Ah,06Eh,003h,0CDh,013h,066h,061h,073h,01Ch,0FEh
    A0 db 04Eh,011h,075h,00Ch,080h,07Eh,000h,080h,00Fh,084h,08Ah,000h,0B2h,080h,0EBh,084h
    B0 db 055h,032h,0E4h,08Ah,056h,000h,0CDh,013h,05Dh,0EBh,09Eh,081h,03Eh,0FEh,07Dh,055h
    C0 db 0AAh,075h,06Eh,0FFh,076h,000h,0E8h,08Dh,000h,075h,017h,0FAh,0B0h,0D1h,0E6h,064h
    D0 db 0E8h,083h,000h,0B0h,0DFh,0E6h,060h,0E8h,07Ch,000h,0B0h,0FFh,0E6h,064h,0E8h,075h
    E0 db 000h,0FBh,0B8h,000h,0BBh,0CDh,01Ah,066h,023h,0C0h,075h,03Bh,066h,081h,0FBh,054h
    F0 db 043h,050h,041h,075h,032h,081h,0F9h,002h,001h,072h,02Ch,066h,068h,007h,0BBh,000h
    100db 000h,066h,068h,000h,002h,000h,000h,066h,068h,008h,000h,000h,000h,066h,053h,066h
    110db 053h,066h,055h,066h,068h,000h,000h,000h,000h,066h,068h,000h,07Ch,000h,000h,066h
    120db 061h,068h,000h,000h,007h,0CDh,01Ah,05Ah,032h,0F6h,0EAh,000h,07Ch,000h,000h,0CDh
    130db 018h,0A0h,0B7h,007h,0EBh,008h,0A0h,0B6h,007h,0EBh,003h,0A0h,0B5h,007h,032h,0E4h
    140db 005h,000h,007h,08Bh,0F0h,0ACh,03Ch,000h,074h,009h,0BBh,007h,000h,0B4h,00Eh,0CDh
    150db 010h,0EBh,0F2h,0F4h,0EBh,0FDh,02Bh,0C9h,0E4h,064h,0EBh,000h,024h,002h,0E0h,0F8h
    160db 024h,002h,0C3h,049h,06Eh,076h,061h,06Ch,069h,064h,020h,070h,061h,072h,074h,069h
    170db 074h,069h,06Fh,06Eh,020h,074h,061h,062h,06Ch,065h,000h,045h,072h,072h,06Fh,072h
    180db 020h,06Ch,06Fh,061h,064h,069h,06Eh,067h,020h,06Fh,070h,065h,072h,061h,074h,069h
    190db 06Eh,067h,020h,073h,079h,073h,074h,065h,06Dh,000h,04Dh,069h,073h,073h,069h,06Eh
    1A0db 067h,020h,06Fh,070h,065h,072h,061h,074h,069h,06Eh,067h,020h,073h,079h,073h,074h
    1B0db 065h,06Dh,000h,000h,000h,063h,07Bh,09Ah,036h,067h,036h,067h,000h,000h,080h,020h
    1C0db 021h,000h,007h,0FEh,0FFh,0FFh,000h,008h,000h,000h,000h,068h,0FCh,006h,000h,000h
    1D0db 000h,000h,000h,000h,000h,000h,000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
    1E0db 000h,000h,000h,000h,000h,000h,000h,000h,000h,000h,000h,000h,000h,000h,000h,000h
1F0db 000h,000h,000h,000h,000h,000h,000h,000h,000h,000h,000h,000h,000h,000h,055h,0AAh
Kindest regards,

Lasse

Vortex

  • Member
  • *****
  • Posts: 1704
Re: Acessing the Master Boot Record!
« Reply #16 on: July 12, 2012, 02:52:18 AM »
Hi laskar01,

Starman's site is a very good source to study MBR :

http://thestarman.pcministry.com

A nice study :

An Examination of the Windows 2000 ( NT5.0 ) and Windows XP ( NT5.1 ) MBR ( Master Boot Record )

http://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm

Quote
The first 300 bytes (000h through 12Bh) of this 512-byte sector are executable code and the next 80 bytes (12Ch through 17Bh) contain error messages. The last 66 bytes of the sector contain the 64-byte Partition Table (1BEh through 1FDh); data in the Table area will depend upon the size, structure and file systems on each hard disk. The sector ends with the Word-sized signature ID of AA55h (often called the sector's Magic number); on PCs using an Intel (or x86 compatible) CPU, hex Words are stored with the Low-byte first and the High-byte last.

laskar01

  • Guest
Re: Acessing the Master Boot Record!
« Reply #17 on: July 12, 2012, 04:05:33 AM »
Hi all
Very nice tutorial Vortex.

Ran XVI32 and saw that
from 163h to 179h I have "Invalid partition table"
from 17Bh to 198fh "Error loading operating system"
from 19Ah to 1B1h "Missing operating system"

A slight difference from the author's thats start at 12Ch to17Bh.

It seems that I have code from 0h to 162h. That is 353 bytes of code, a some work to disassemble nothing else...
I'll start right off!

/Lasse

dedndave

  • Member
  • *****
  • Posts: 8734
  • Still using Abacus 2.0
    • DednDave
Re: Acessing the Master Boot Record!
« Reply #18 on: July 12, 2012, 05:04:49 AM »
Code: [Select]
0000:7C00 33C0           XOR    AX,AX
0000:7C02 8ED0           MOV    SS,AX
0000:7C04 BC007C         MOV    SP,7C00
0000:7C07 8EC0           MOV    ES,AX
0000:7C09 8ED8           MOV    DS,AX
0000:7C0B BE007C         MOV    SI,7C00
0000:7C0E BF0006         MOV    DI,0600
0000:7C11 B90002         MOV    CX,0200
0000:7C14 FC             CLD
0000:7C15 F3A4           REPZ   MOVSB

laskar01

  • Guest
Re: Acessing the Master Boot Record!
« Reply #19 on: July 12, 2012, 06:29:47 AM »
Holy! dedndave!  :dazzled:
Which tool did you use for that!?!

dedndave

  • Member
  • *****
  • Posts: 8734
  • Still using Abacus 2.0
    • DednDave
Re: Acessing the Master Boot Record!
« Reply #20 on: July 12, 2012, 06:47:09 AM »
lol
open a console window and type in "debug"   :biggrin:
once you get the '-' prompt, type '?' for a list of commands

i am not too fond of that particular boot sector
it doesn't seem to follow ms format very well

dedndave

  • Member
  • *****
  • Posts: 8734
  • Still using Abacus 2.0
    • DednDave
Re: Acessing the Master Boot Record!
« Reply #21 on: July 12, 2012, 07:39:25 AM »
i might add...

the easiest way to multi-boot is to modify the boot.ini files on each partition you want to boot from   :t

http://support.microsoft.com/kb/289022

Ryan

  • Guest
Re: Acessing the Master Boot Record!
« Reply #22 on: July 12, 2012, 08:51:15 AM »
There is no boot.ini in Windows 7.

Gunther

  • Member
  • *****
  • Posts: 3515
  • Forgive your enemies, but never forget their names
Re: Acessing the Master Boot Record!
« Reply #23 on: July 12, 2012, 09:04:56 AM »
Ryan is right. Dedndave, Your link points to an article with the headline: How to edit the Boot.ini file in Windows XP.

Gunther
Get your facts first, and then you can distort them.

Ryan

  • Guest
Re: Acessing the Master Boot Record!
« Reply #24 on: July 12, 2012, 09:15:54 AM »

laskar01

  • Guest
Re: Acessing the Master Boot Record!
« Reply #25 on: July 12, 2012, 09:18:49 AM »
Hi again, Debug seemed to difficult, I found IDA that did a disassemble and also supplied comments :icon14:
(Mine starts with '--')

Need to understand this below now! :badgrin:




seg000:0000 ; Format      : Binary file
seg000:0000 ; Base Address: 0000h Range: 0000h - 0200h Loaded length: 0200h
seg000:0000
seg000:0000                 .686p
seg000:0000                 .mmx
seg000:0000                 .model flat
seg000:0000
seg000:0000 ; -----------------------
seg000:0000
seg000:0000 ; Segment type: Pure code
seg000:0000 seg000          segment byte public 'CODE' use16
seg000:0000                 assume cs:seg000
seg000:0000                 assume es:nothing, ss:nothing, ds:nothing, fs:nothing, gs:nothing
seg000:0000                 xor     ax, ax                   -- Clear ax
seg000:0002                 mov     ss, ax                  -- Clear ss
seg000:0004                 mov     sp, 7C00h           -- Set stackpointer to 7C00h
seg000:0007                 mov     es, ax                  -- Clear es
seg000:0009                 mov     ds, ax                  -- Clear ds
seg000:000B                 mov     si, 7C00h             -- Load general purpose register si with immediate 7C00h =SOURCE
seg000:000E                 mov     di, 600h               -- Load general purpose register di with immediate 600h = TARGET
seg000:0011                 mov     cx, 200h               -- Load counter cx with 200h= 512
seg000:0014                 cld                                    -- Clear direction flag will string  instructions will increment (E)SI and (E)DI
seg000:0015                 rep movsb                        -- Repeat while cx>0

                              --Until here 512 bytes are copied from adress 7C00h to 600h.

seg000:0017                 push    ax
seg000:0018                 push    61Ch
seg000:001B                 retf                           --pops the stack first into (E)IP, and then into CS : IP=61Ch, CS=Ax=0

--Holy! IP=Instruction pointer. Execution starts at 61Ch now!
--This is the code of the active partition according to
-- http://thestarman.pcministry.com/asm/mbr/Win2kmbr.htm#CHS

seg000:001C ;

--My guess is that we are here because we didn't load the OS, and must do some sort of trouble shooting.
                       
seg000:001C                 sti                           --Set interrupt enables maskable interrupt
seg000:001D                 mov     cx, 4            --Sets counter register to 4, becasue partitiontable is 4*16=64 Bytes
seg000:0020                 mov     bp, 7BEh      --Sets basepointer to 7BEh. This is at the beginning of the partition table of the copied MBR
                                                                      --that is 600h+1BEh 
seg000:0023
seg000:0023 loc_23:                               
seg000:0023                 cmp     byte ptr [bp+0], 0   --Compare the byte at adress bp+0 with zero. Valid partition table should start with 80h
seg000:0027                 jl      short loc_34               --Jump to shortloc_34 if the byte was negative
seg000:0029                 jnz     loc_13B                    --Jump to loc_13B if the byte was positive. Print out "Invalid partiton table", without further do.
seg000:002D                 add     bp, 10h                   --The byte is zero, add 10h to the basepointer, the next entry in the partition-
                                                                                --table.
                                                         
seg000:0030                 loop    loc_23                                         
                                                                                                   
                                                                                                   
seg000:0032                 int     18h             ; TRANSFER TO ROM BASIC
seg000:0032                                         ; causes transfer to ROM-based BASIC (IBM-PC)
seg000:0032                                         ; often reboots a compatible; often has no effect at all
seg000:0034
seg000:0034 loc_34:                               
 
--here because of the byte at bp+0 is less than zero from seg000:0027 
-- Or becasue we had an error and jumped from seg000:00AE jmp  short loc_34.
-- We read sectors from drive with error at seg000:007E  int     13h , and for some reason
--we didn't want to jump to reset disks at seg000:00A2 or jump to loc_136 from seg000:00AC
seg000:0034                                         

seg000:0034                 mov     [bp+0], dl          --What is the value of the low byte of DX???
                                                                           --Must have been filled in INT 18h, but if we came here from
                                                                           --seg000:0027. If it is a repair it must be 80h.
                                                                                     
seg000:0037                 push    bp
seg000:0038                 mov     byte ptr [bp+11h], 5    --5 is put at adress bp+11h. heads = 5
                                                                                      -- This is position +1 from the base of the second entry of the partitiontable
seg000:003C                 mov     byte ptr [bp+10h], 0    -- 0 is put at adress bp+10h, base adress of the seond entry of the partitiontable
                                                                                      -- 0 in the 0:th place means, non-bootable partition.
seg000:0040
seg000:0040 loc_40:                                 

--here because of the byte at bp+0 is less than zero and continuing from just above

seg000:0040                 mov     ah, 41h ; 'A'
seg000:0042                 mov     bx, 55AAh       -- AA55h is always the last word on a master boot record. A signature.The so called "magic
                                                                        -- number".
seg000:0045                 int     13h                   --  http://en.wikipedia.org/wiki/INT_13H#INT_13h_AH.3D41h:_Check_Extensions_Present
seg000:0047                 pop     bp                       
seg000:0048                 jb      short loc_59     -- Jump if carry is set i.e. "not present",
seg000:004A                 cmp     bx, 0AA55h     -- We didn't jump result was "present" Compare Bx
                                                                        --to the standard result of the above interrupt?
seg000:004A                                         
seg000:004E                 jnz     short loc_59           --The standard test didn't show OK, the interrupt didn't go well.
                                                                              --Is the interpretation correct?
seg000:0050                 test    cx, 1                       --implied and of cx with 1  (1=Device Access using the packet structure)
seg000:0054                 jz      short loc_59           --jump to short loc_59 if result of implied AND is 0.

seg000:0056                 inc     byte ptr [bp+10h]      -- if  ( cx==1) -> inc the byte in  bp+10h 
                                                                                 --(maybe  bp+10h=7BEh+10=7CF, was 0, now =1, would make the partition entry
                                                                                 -- invalid)


seg000:0059
seg000:0059 loc_59:                                 
 
--Here because the "standard test" after INT 13h, at seg000:004A cmp  bx, 0AA55h above didn't return OK

seg000:0059                                       
seg000:0059                 pushad                                              --Push all 32-bit registers
seg000:005B                 cmp     byte ptr [bp+10h], 0              --0 is a valid number at the second entry of the partition table.
                                                                               
seg000:005F                 jz      short loc_87   
seg000:005F                                         
seg000:0061                 push    large 0                                     --what is large?
seg000:0067                 push    large dword ptr [bp+8]            -- Offset 8 in a partitiontable entry contains the
seg000:0067                                                                             --LBA of first absolut sector in the partition
seg000:006B                 push    0
seg000:006E                 push    7C00h
seg000:0071                 push    1
seg000:0074                 push    10h
seg000:0077                 mov     ah, 42h ; 'B'
seg000:0079                 mov     dl, [bp+0] --See
seg000:007C                 mov     si, sp --  http://en.wikipedia.org/wiki/INT_13H#INT_13h_AH.3D42h:_Extended_Read_Sectors_From_Drive
seg000:007E                 int     13h             ; DISK
seg000:0080                 lahf                                      --Load AH from flags
seg000:0081                 add     sp, 10h                     --Make place for local variables
seg000:0084                 sahf                                     --Restore flags from AH
seg000:0085                 jmp     short loc_9B
seg000:0087 ; --------
seg000:0087
seg000:0087 loc_87:                               

--Here because of instr. at seg000:005B     cmp     byte ptr [bp+10h], 0
 
seg000:0087                 mov     ax, 201h        --We are doing the work of BIOS after POST, BIos read the content of (C,H,S)
seg000:008A                 mov     bx, 7C00h      -- = (0,0,1) to adress 0000:7C00h
seg000:008D                 mov     dl, [bp+0]
seg000:0090                 mov     dh, [bp+1]
seg000:0093                 mov     cl, [bp+2]
seg000:0096                 mov     ch, [bp+3] -- http://en.wikipedia.org/wiki/INT_13H#INT_13h_AH.3D02h:_Read_Sectors_From_Drive
seg000:0099                 int     13h             ; DISK - READ SECTORS INTO MEMORY
seg000:0099                                         ; AL = number of sectors to read, CH = track, CL = sector
seg000:0099                                         ; DH = head, DL = drive, ES:BX -> buffer to fill
seg000:0099                                         ; Return: CF set on error, AH = status, AL = number of sectors read
seg000:009B
seg000:009B loc_9B:                                 
seg000:009B                 popad                                         --EDI=10h;ESI=?;EBP=?;ESP=?;EBX=?;EDX=?;ECX=?;EAX=?;
seg000:009D                 jnb     short loc_BB                     --Same as JAE Jump if CF=0, that is no error
seg000:009F                 dec     byte ptr [bp+11h]            --No jump, we have an error, decrement byte at location [bp+11h]
seg000:00A2                 jnz     short loc_B0                     --Jump below to reset discs
seg000:00A4                 cmp     byte ptr [bp+0], 80h ; 'Ç'
seg000:00A8                 jz      loc_136                             -- Jump to loc_136 if byte at bp+0 was 80h. Valid partition table entry.
seg000:00AC                 mov     dl, 80h ; 'Ç'
seg000:00AE                 jmp     short loc_34
seg000:00B0 ; ---------------------------
seg000:00B0
seg000:00B0 loc_B0:                                 
seg000:00B0                 push    bp
seg000:00B1                 xor     ah, ah
seg000:00B3                 mov     dl, [bp+0]          -- http://en.wikipedia.org/wiki/INT_13H#INT_13h_AH.3D00h:_Reset_Disk_Drive
seg000:00B6                 int     13h             ; DISK - RESET DISK SYSTEM
seg000:00B6                                         ; DL = drive (if bit 7 is set both hard disks and floppy disks reset)
seg000:00B8                 pop     bp
seg000:00B9                 jmp     short loc_59
seg000:00BB ; --------------------
seg000:00BB
seg000:00BB loc_BB:                                 
seg000:00BB                 cmp     word ptr ds:7DFEh, 0AA55h  --Check if the copied MBR contains the "magic number" at the end
seg000:00C1                 jnz     short loc_131                         --Missing go to print out "Missing operating system"
seg000:00C3                 push    word ptr [bp+0]
seg000:00C6                 call    sub_156
seg000:00C9                 jnz     short loc_E2
seg000:00CB                 cli
seg000:00CC                 mov     al, 0D1h ; 'Ð'
seg000:00CE                 out     64h, al         ; AT Keyboard controller 8042.   --Flashing of the Keyboard Leds?
seg000:00D0                 call    sub_156
seg000:00D3                 mov     al, 0DFh ; '¯'
seg000:00D5                 out     60h, al         ; AT Keyboard controller 8042.   --Flashing of the Keyboard Leds?
seg000:00D7                 call    sub_156
seg000:00DA                 mov     al, 0FFh
seg000:00DC                 out     64h, al         ; AT Keyboard controller 8042. 
seg000:00DC                                         ; Reset the keyboard and start internal diagnostics
seg000:00DE                 call    sub_156
seg000:00E1                 sti
seg000:00E2
seg000:00E2 loc_E2:                                 
seg000:00E2                 mov     ax, 0BB00h
seg000:00E5                 int     1Ah  -- http://maven.smith.edu/~thiebaut/ArtOfAssembly/CH13/CH13-3.html#HEADING3-193
seg000:00E7                 and     eax, eax
seg000:00EA                 jnz     short loc_127
seg000:00EC                 cmp     ebx, 41504354h
seg000:00F3                 jnz     short loc_127
seg000:00F5                 cmp     cx, 102h
seg000:00F9                 jb      short loc_127
seg000:00FB                 push    large 0BB07h
seg000:0101                 push    large 200h
seg000:0107                 push    large 8
seg000:010D                 push    ebx
seg000:010F                 push    ebx
seg000:0111                 push    ebp
seg000:0113                 push    large 0
seg000:0119                 push    large 7C00h
seg000:011F                 popad
seg000:0121                 push    0
seg000:0124                 pop     es
seg000:0125                 int     1Ah 
seg000:0127
seg000:0127 loc_127:                               
seg000:0127                                         
seg000:0127                 pop     dx
seg000:0128                 xor     dh, dh
seg000:012A                 jmp     far ptr 0:7C00h
seg000:012F ; -----------------------
seg000:012F                 int     18h             ; TRANSFER TO ROM BASIC
seg000:012F                                         ; causes transfer to ROM-based BASIC (IBM-PC)
seg000:012F                                         ; often reboots a compatible; often has no effect at all
seg000:0131
seg000:0131 loc_131:                               

seg000:0131                 mov     al, ds:7B7h                  --600+1B7, 1B7 is the pointer to the third message
seg000:0134                 jmp     short loc_13E               --"Missing operating system"
seg000:0136 ; --------------------
seg000:0136
seg000:0136 loc_136:                             

--We returned with an error when reading sectors at seg000:0099
--We didn't reset discs going from seg000:00A2  jnz     short loc_B0  Jump below to reset dics
--And then because of evaluation at seg000:00A4   cmp     byte ptr [bp+0], 80h ;

seg000:0136                 mov     al, ds:7B6h                  --600+1B6, 1B6 is the pointer to the second message
seg000:0139                 jmp     short loc_13E               --"Error loading operating system"
seg000:013B ; ----------------------
seg000:013B
seg000:013B loc_13B:                                 
                                          --Here because of the byte at bp+0 was positive. Should always be 80h.

seg000:013B                 mov     al, ds:7B5h                  --600+1B5, 1B5 is pointer to first message
seg000:013E                                                                --"Invalid partition table"

seg000:013E loc_13E:                               

--Here inderectly because of {seg000:00A4 cmp     byte ptr [bp+0], 80h}  and then from {seg000:0139    jmp     short loc_13E}

seg000:013E                                       
seg000:013E                 xor     ah, ah
seg000:0140                 add     ax, 700h
seg000:0143                 mov     si, ax
seg000:0145
seg000:0145 loc_145:                               
seg000:0145                 lodsb
seg000:0146                 cmp     al, 0           --The errormessagestring is terminated with zero
seg000:0148                 jz      short loc_153
seg000:014A                 mov     bx, 7
seg000:014D                 mov     ah, 0Eh
seg000:014F                 int     10h             ; - VIDEO - WRITE CHARACTER AND ADVANCE CURSOR (TTY WRITE)
seg000:014F                                         ; AL = character, BH = display page (alpha modes)
seg000:014F                                         ; BL = foreground color (graphics modes)
                                                                 --Prints out a character at the time
seg000:0151                 jmp     short loc_145
seg000:0153 ; ----------------------
seg000:0153
seg000:0153 loc_153:                               
seg000:0153                                         ; seg000:0154j
seg000:0153                 hlt
seg000:0154                 jmp     short loc_153   --Do nothing after the errormessage is printed.
seg000:0156
seg000:0156 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦
seg000:0156
seg000:0156
seg000:0156 sub_156         proc near               ; CODE XREF: seg000:00C6p
seg000:0156                                         ; seg000:00D0p ...
seg000:0156                 sub     cx, cx
seg000:0158
seg000:0158 loc_158:                                ; CODE XREF: sub_156+8j
seg000:0158                 in      al, 64h         ; AT Keyboard controller 8042.
seg000:015A                 jmp     short $+2
seg000:015C                 and     al, 2
seg000:015E                 loopne  loc_158
seg000:0160                 and     al, 2
seg000:0162                 retn
seg000:0162 sub_156         endp
seg000:0162
seg000:0162 ; ----------------------------
seg000:0163 aInvalidPartiti db 'Invalid partition table',0
seg000:017B aErrorLoadingOp db 'Error loading operating system',0
seg000:019A aMissingOperati db 'Missing operating system',0
seg000:01B3                 db 2 dup(0), 63h, 7Bh, 9Ah, 36h, 67h, 36h, 67h, 2 dup(0)
seg000:01B3                 db 80h, 20h, 21h, 0, 7, 0FEh, 2 dup(0FFh), 0, 8, 3 dup(0)
seg000:01B3                 db 68h, 0FCh, 6, 30h dup(0), 55h, 0AAh
seg000:01B3 seg000          ends
seg000:01B3
seg000:01B3
seg000:01B3                 end
« Last Edit: July 15, 2012, 02:52:19 AM by laskar01 »

Ryan

  • Guest
Re: Acessing the Master Boot Record!
« Reply #26 on: July 12, 2012, 09:21:23 AM »
You can also change the default operating system and time delay once the options are set by going through System (via Control Panel or Computer->Properties), then Advanced system settings->Advanced tab->Startup and Recovery group->Settings button.

dedndave

  • Member
  • *****
  • Posts: 8734
  • Still using Abacus 2.0
    • DednDave
Re: Acessing the Master Boot Record!
« Reply #27 on: July 12, 2012, 11:13:04 AM »
Quote
Vista and 7 use bcdedit.

well - i got you close   :P

laskar01

  • Guest
Re: Acessing the Master Boot Record!
« Reply #28 on: July 13, 2012, 12:45:09 AM »
Hi again all !

 :( Forgive that I am taking up so much space, but my believe was that somebody would find the decoding interesting :icon_rolleyes: , and that I guessed that I would need help.
Feeling sorry though for occupying so many bits on the server :icon_redface:
 I've decoded a couple of instructions but now I am stuck on INT 18h and the content of the low byte of DX.

I downloaded Ralf Brown's interrupt list, but I dont know how to read it. It doesn't seem to be what I need... :icon_confused:

I need to read the code at that interrupt vector. How? :shock:

Could you people help?
« Last Edit: July 13, 2012, 02:06:11 AM by laskar01 »

dedndave

  • Member
  • *****
  • Posts: 8734
  • Still using Abacus 2.0
    • DednDave
Re: Acessing the Master Boot Record!
« Reply #29 on: July 13, 2012, 02:05:52 AM »
INT 18h is really really old stuff - lol

on old computers (mainly the IBM XT), it would boot up BASIC-in-ROM
these machines had BASIC resident in EPROMS   :P
if you had no boot disk (or a faulty one), it would come up with BASIC

on really old computers (mainly the IBM PC), it would boot from a cassette   :shock:
it used an audio port with a connector similar to the keyboard connector
cassettes were terribly slow - you could boot up today - and come back tomorrow

INT 18h had no parameters for those machines - so the contents of BX didn't matter
some early third-party manufacturers used the interrupt for things like keyboards or sound cards

it may be used for something entirely different on modern machines - like accessing data in the RTC memory - i don't know - there are other functions for that

INT 19h reboots the system and also has no parameters