CrackMe® Practices for Newbies
PROJECT 6: caveman by Ghiribizzo

studying disassembly...
Saturday, 20-Feb-99 11:28:48

    disassembled with w32dasm...
    printed out 15 pages...

    fired up HelpPC...

    :0001:0100 mov dx, 060d ->pointer to string ending in "$"
    :0001:0103 mov ah,9 -> set up for DOS int
    :0001:0105 int 21 ->print string to stdout up to "$"

    :0001:0107 mov ax,3d00 -> open file using handle,read only
    :0001:010a mov dx,0601 -> points to ASCIIZ filename
    :0001:010d int 21 -> DOS int

    :0001:010f jb 05b5

    :0001:0113 mov word ptr [0656],ax ->if previous file read was successful, value is returned in AX,
    else carry flag is set...

    :0001:0116 mov bx, [0656] -> mov file handle to bx
    :0001:011a mov ah, 3f -> setting up for int :0001:011c mov cx, 0002 -> read 2 bytes
    :0001:011f mov dx, 0658 -> point read buffer
    :0001:0122 int 21 -> DOS int 21
    :0001:0124 jb 05b5 ->
    :0001:0128 cmp ax, 0002 -> if 0 no data read
    EOF occurred before read
    :0001:012b jne 05b5 -> if 2 bytes not read jmp 05b5

    *************************************************

    that's all for now...could use an help on the jb 05b5 on lines 010f and 0124...jmp if below what? where is a value returned?

    summary to date:

    first 3 lines print opening error message to STDOUT...(the screen, right?)
    next tries to open a file with an ASCIIZ name
    next ries to read 2 bytes from file...

    all help greatly appreciated...this is my first DOS .com file reverse attempt...all suggestions welcome...

    thanx,

    snakebyte__


Message thread:

snakebyte's thread (snakebyte__@hotmail.com) (20-Feb-99 09:08:43)

Back to main board