Reverse Engineering with DOSBox debug build
DosBox comes with it's own built-in debugger, which can be useful when reversing old DOS games.
This feature needs to be enabled at build time (--enable-debug or --enable-debug=heavy), so either download the special binary or build it from source. I went through the build process in a previous post: https://blog.aupcgroup.com/index.php?/archives/32-Hacking-a-DOS-32-bit-protected-mode-game-from-1997.html
This gives a nice view with registers, dissassembly and memory views:
This VOGONS thread has a quick summary on the DosBox built-in debugger: https://www.vogons.org/viewtopic.php?t=3944
Keyboard shortcuts
Here's a rundown of the main keyboard shortcuts:
| ALT-PAUSE | Break into debugger |
| F5 | Contine execution |
| F9 | Toggle breakpoint |
| F10/F11 | Step over/step into function calls |
| Up/Down | Scroll instructions in dissassembly view |
| PgeUp/PgeDown | Scroll through data view |
| Home/End | Scroll through output view |
A few of these shortcuts conflict with gnome window management features, so I had to edit the terminal preferences and turn off the menu accelerator key (F10) and shortcuts (Full screen conflicts with F11). I also couldn't get the alt-pause keyboard combination to break into the debugger.
Useful commands
| View data/instructions | ||
| C [segment]:[offset] | C 01DD:0100 C CS:0100 |
Set code view address |
| D [segment]:[offset] | D 01DD:0000 D SS:0400 D SS:ESP |
Set data view address |
| ALT-D | Set data view to DS:SI | |
| ALT-E | Set data view to ES:DI | |
| ALT-S | Set data view to SS:SP | |
| ALT-X | Set data view to DS:DX | |
| ALT-B | Set data view to ES:BX | |
| Breakpoints | ||
| BPLIST | List breakpoints | |
| BP [segment]:[offset] |
BP 01DD:0100 |
Set breakpoint |
| BPDEL [n] | BPDEL 0 BPDEL * |
Delete breakpoint |
| BPINT [n] BPINT [n] [ah] BPINT [n] [ah] [al] |
BPINT 21 BPINT 21 4C BPINT 21 4C 00 |
Set breakpoint on interrupt |
Trackbacks
No Trackbacks
Comments
Display comments as Linear | Threaded