• Welcome to ForumKorner!
    Join today and become a part of the community.

[ASM] Working on an OS

Røøt

Member
Joined
Apr 25, 2011
Posts
201
Reacts
0
Reputation
0
Credits
0
Alright, so I figured I'd share this with you guys. I found an open source light weight OS and I started working on it. I'm not going to explain it but I just wanted to show you guys it

Kernel

Code: 
BITS 16

start:
	mov ax, 07C0h		; Set up 4K stack space after this bootloader
	add ax, 288		; (4096 + 512) / 16 bytes per paragraph
	mov ss, ax
	mov sp, 4096

	mov ax, 07C0h		; Set data segment to where we're loaded
	mov ds, ax


	mov si, text_string	; Put string position into SI
	call print_string	; Call our string-printing routine

	jmp $			; Jump here - infinite loop!


	text_string db 'OS test V.1!', 0


print_string:			; Routine: output string in SI to screen
	mov ah, 0Eh		; int 10h 'print char' function

.repeat:
	lodsb			; Get character from string
	cmp al, 0
	je .done		; If char is zero, end of string
	int 10h			; Otherwise, print it
	jmp .repeat

.done:
	ret


	times 510-($-$$) db 0	; Pad remainder of boot sector with 0s
	dw 0xAA55


Boot strap, all in HEX value

Code: 
D32E 66A33602      MOV     [0236],EAX
D332 66A12E02      MOV     EAX,[022E]
D336 660BC0        OR      EAX,EAX
D339 0F8424FE      JZ      D161
D33D 6780780800    CMP     BYTE PTR [EAX+08],00
D342 0F851BFE      JNZ     D161
D346 67668D5010    LEA     EDX,[EAX+10]
D34B 67034204      ADD     AX,[EDX+04]
D34F 67660FB6480C  MOVZX   ECX,BYTE PTR [EAX+0C]
D355 66890E6202    MOV     [0262],ECX
D35A 67668B4808    MOV     ECX,[EAX+08]
D35F 66890E5E02    MOV     [025E],ECX
D364 66A15E02      MOV     EAX,[025E]
D368 660FB70E0B00  MOVZX   ECX,WORD PTR [000B]
D36E 6633D2        XOR     EDX,EDX
D371 66F7F1        DIV     ECX
D374 66A36602      MOV     [0266],EAX
D378 66A14202      MOV     EAX,[0242]
D37C 6603065E02    ADD     EAX,[025E]
D381 66A34602      MOV     [0246],EAX
D385 66833E320200  CMP     DWORD PTR [0232],+00

; D38B 0F841900    JZ      D3A8		; OLD SP1 CODE
; Windows 2000(SP4) and Windows XP(SP2) made changes to this code!
; The OLD line above is now:
D38B 0F841D00      JZ      D3AC		; NEW SP2 CODE


D38F 66833E360200  CMP     DWORD PTR [0236],+00
D395 0F84C8FD      JZ      D161
D399 668B1E3602    MOV     EBX,[0236]
D39E 1E            PUSH    DS
D39F 07            POP     ES
D3A0 668B3E4602    MOV     EDI,[0246]

; The new Win 2000(SP4)/XP(SP2) code added this instruction:
D3A5 66A12A02      MOV     EAX,[022A]


; And this Call address had to be changed as well:
D3A9 E8BC01        CALL    D568


D3AC 660FB70E0002  MOVZX   ECX,WORD PTR [0200]
D3B2 66B802020000  MOV     EAX,00000202
D3B8 E8FE07        CALL    DBB9          ; Another address change.
D3BB 660BC0        OR      EAX,EAX
D3BE 0F84A809      JZ      DD6A    ; All jump addresses like this
				; one will be different now since
				; new code lines were added above.
				
D3C2 67668B00      MOV     EAX,[EAX]
D3C6 1E            PUSH    DS
D3C7 07            POP     ES
D3C8 668B3E3A02    MOV     EDI,[023A]
D3CD E83106        CALL    DA01
D3D0 66A13A02      MOV     EAX,[023A]

; This new code has a different value than the old version!  Prior
; to the Windows XP (SP2) code, an "80" was placed into "EBX":
D3D4 66BB20000000  MOV     EBX,00000020

D3DA 66B900000000  MOV     ECX,00000000
D3E0 66BA00000000  MOV     EDX,00000000
D3E6 E8D600        CALL    D4BF

; Here they decided to use a "TEST" instead of "OR" instruction:
D3E9 6685C0        TEST    EAX,EAX
D3EC 0F852300      JNZ     D413
; And a line of code was deleted from the old version here.
D3F0 66A13A02      MOV     EAX,[023A]

; A number of lines of code were shuffled around here, so
; no more comments will be provided on all the details!
D3F4 66BB80000000  MOV     EBX,00000080
D3FA 66B900000000  MOV     ECX,00000000
D400 66BA00000000  MOV     EDX,00000000
D406 E8B600        CALL    D4BF
D409 660BC0        OR      EAX,EAX
D40C 0F854400      JNZ     D454
D410 E95709        JMP     DD6A   ; ERROR!
D413 6633D2        XOR     EDX,EDX
D416 66B980000000  MOV     ECX,00000080
D41C 66A13A02      MOV     EAX,[023A]
D420 E8BC08        CALL    DCDF
D423 660BC0        OR      EAX,EAX
D426 0F844009      JZ      DD6A   ; ERROR!
D42A 1E            PUSH    DS
D42B 07            POP     ES
D42C 668B3E3A02    MOV     EDI,[023A]
D431 E8CD05        CALL    DA01
D434 66A13A02      MOV     EAX,[023A]
D438 66BB80000000  MOV     EBX,00000080
D43E 66B900000000  MOV     ECX,00000000
D444 66BA00000000  MOV     EDX,00000000
D44A E87200        CALL    D4BF
D44D 660BC0        OR      EAX,EAX
D450 0F841609      JZ      DD6A   ; ERROR!
D454 67660FB7580C  MOVZX   EBX,WORD PTR [EAX+0C]
D45A 6681E3FF0000+ AND     EBX,000000FF
D461 0F850B09      JNZ     DD70   ; ERROR!
D465 668BD8        MOV     EBX,EAX
D468 680020        PUSH    2000
D46B 07            POP     ES
D46C 662BFF        SUB     EDI,EDI
D46F 66A13A02      MOV     EAX,[023A]
D473 E8F200        CALL    D568
D476 8A162400      MOV     DL,[0024]
D47A B8E803        MOV     AX,03E8
D47D 8EC0          MOV     ES,AX
D47F 8D360B00      LEA     SI,[000B]
D483 2BC0          SUB     AX,AX
D485 680020        PUSH    2000
D488 50            PUSH    AX
D489 CB            RETF

; ----------------------------------------------------------
; This Routine and all the others to follow (unless noted) are
; the same instructions as the old code version; except for the
; necessary changes in jump addresses.  This old code started
; at location "D45C" prior to Windows XP (SP2); and even the
; call to "DOC7" AND the NOP are the same:

D48A 06            PUSH    ES
D48B 1E            PUSH    DS
D48C 6660          PUSHAD
D48E 668BDA        MOV     EBX,EDX
D491 660FB60E0D00  MOVZX   ECX,BYTE PTR [000D]
D497 66F7E1        MUL     ECX
D49A 66A31000      MOV     [0010],EAX
D49E 668BC3        MOV     EAX,EBX
D4A1 66F7E1        MUL     ECX
D4A4 A30E00        MOV     [000E],AX
D4A7 8BDF          MOV     BX,DI
D4A9 83E30F        AND     BX,000F
D4AC 8CC0          MOV     AX,ES
D4AE 66C1EF04      SHR     EDI,04
D4B2 03C7          ADD     AX,DI
D4B4 50            PUSH    AX
D4B5 07            POP     ES
D4B6 E80EFC        CALL    D0C7
; More code (a subroutine) from Boot Sector; this reads sectors into Memory:
D0C7 6660          PUSHAD           ; Push all "Double" Registers onto the
                                    ;  stack: EAX, ECX, EDX, EBX, original
                                    ;         ESP, EBP, ESI, and EDI.
D0C9 1E            PUSH    DS
D0CA 06            PUSH    ES
D0CB 66A11000      MOV     EAX,[0010] ; "Must always be zero for NTFS!"
D0CF 6603061C00    ADD     EAX,[001C] ;  Number of "Hidden Sectors"
D0D4 663B062000    CMP     EAX,[0020] ;  Apparent Sectors in partition.
D0D9 0F823A00      JB      D117       ;  Can't have more "Hidden Sectors"
                                      ;   than the total you start with!
D0DD 1E            PUSH    DS
D0DE 666A00        PUSH    00000000
D0E1 6650          PUSH    eax
D0E3 06            PUSH    ES
D0E4 53            PUSH    BX
D0E5 6668100001    PUSH    00010010
     00
D0EB 803E140000    CMP     BYTE PTR [0014],00
D0F0 0F850C00      JNZ     D100
D0F4 E8B3FF        CALL    D0AA         ; Check for Extended INT13 code.
D0F7 803E140000    CMP     BYTE PTR [0014],00
D0FC 0F846100      JZ      D161         ; Extensions are not installed.
                                        ; -> "A disk read error..." etc.

D100 B442          MOV     AH,42        ; Function 42h of INT 13:
                                        ;    " Extended Read "
D102 8A162400      MOV     DL,[0024]    ; -> "80h" (first hard drive).
D106 16            PUSH    SS
D107 1F            POP     DS
D108 8BF4          MOV     SI,SP
D10A CD13          INT     13

D10C 6658          POP     EAX
D10E 5B            POP     BX
D10F 07            POP     ES
D110 6658          POP     EAX
D112 6658          POP     EAX
D114 1F            POP     DS
D115 EB2D          JMP     D144
D117 6633D2        XOR     EDX,EDX
D11A 660FB70E18    MOVZX   ECX,WORD [0018]  ; [D018] = Sectors per Track
     00
D120 66F7F1        DIV     ECX
D123 FEC2          INC     DL
D125 8ACA          MOV     CL,DL
D127 668BD0        MOV     EDX,EAX
D12A 66C1EA10      SHR     EDX,10
D12E F7361A00      DIV     WORD PTR [001A]   ; [D01A] = Number of Heads
D132 86D6          XCHG    DL,DH
D134 8A162400      MOV     DL,[0024]     ; [D024] = Hard Drive Number
D138 8AE8          MOV     CH,AL
D13A C0E406        SHL     AH,06
D13D 0ACC          OR      CL,AH
D13F B80102        MOV     AX,0201       ; Function 02h of INT 13:
D142 CD13          INT     13            ; "Read Sector into Memory"

D144 0F821900      JB      D161          ; -> "A disk read error..." etc.
D148 8CC0          MOV     AX,ES
D14A 052000        ADD     AX,0020       ; Add another 200h (512 bytes) to
D14D 8EC0          MOV     ES,AX         ;    the Segment pointer in ES.
D14F 66FF061000    INC     DWORD PTR [0010]    ; 
D154 FF0E0E00      DEC     WORD PTR [000E] ; Decrement the Count of how
                                           ; many Sectors are left to read
D158 0F856FFF      JNZ     D0CB
D15C 07            POP     ES
D15D 1F            POP     DS
D15E 6661          POPAD
D160 C3            RET 
D4B9 6661          POPAD
D4BB 90            NOP
D4BC 1F            POP     DS
D4BD 07            POP     ES
D4BE C3            RET

; ----------------------------------------------------------
D4BF 67034014      ADD     AX,[EAX+14]
D4C3 67668338FF    CMP     DWORD PTR [EAX],-01
D4C8 0F844C00      JZ      D518
D4CC 67663918      CMP     [EAX],EBX
D4D0 0F853300      JNZ     D507
D4D4 660BC9        OR      ECX,ECX
D4D7 0F850A00      JNZ     D4E5
D4DB 6780780900    CMP     BYTE PTR [EAX+09],00
D4E0 0F852300      JNZ     D507
D4E4 C3            RET

; --------------------------------------------------------
D4E5 673A4809      CMP     CL,[EAX+09]
D4E9 0F851A00      JNZ     D507
D4ED 668BF0        MOV     ESI,EAX
D4F0 6703700A      ADD     SI,[EAX+0A]
D4F4 E89706        CALL    DB8E
D4F7 6651          PUSH    ECX
D4F9 1E            PUSH    DS
D4FA 07            POP     ES
D4FB 668BFA        MOV     EDI,EDX
D4FE F3            REPZ
D4FF A7            CMPSW
D500 6659          POP     ECX
D502 0F850100      JNZ     D507
D506 C3            RET

; ---------------------------------------------------------
D507 676683780400  CMP     DWORD PTR [EAX+04],+00
D50D 0F840700      JZ      D518
D511 6766034004    ADD     EAX,[EAX+04]
D516 EBAB          JMP     D4C3
D518 662BC0        SUB     EAX,EAX
D51B C3            RET

; ---------------------------------------------------------
D51C 668BF3        MOV     ESI,EBX
D51F E86C06        CALL    DB8E
D522 67660300      ADD     EAX,[EAX]
D526 67F7400C0200  TEST    WORD PTR [EAX+0C],0002
D52C 0F853400      JNZ     D564
D530 67668D5010    LEA     EDX,[EAX+10]
D535 673A4A40      CMP     CL,[EDX+40]
D539 0F851800      JNZ     D555
D53D 67668D7242    LEA     ESI,[EDX+42]
D542 E84906        CALL    DB8E
D545 6651          PUSH    ECX
D547 1E            PUSH    DS
D548 07            POP     ES
D549 668BFB        MOV     EDI,EBX
D54C F3            REPZ
D54D A7            CMPSW
D54E 6659          POP     ECX
D550 0F850100      JNZ     D555
D554 C3            RET

; ---------------------------------------------------------
D555 6783780800    CMP     WORD PTR [EAX+08],+00
D55A 0F840600      JZ      D564
D55E 67034008      ADD     AX,[EAX+08]
D562 EBC2          JMP     D526
D564 6633C0        XOR     EAX,EAX
D567 C3            RET

; ---------------------------------------------------------
; The code is different in some of the lines in this routine!
; And very different in the following routines (or it could
; be that I'm losing my eyesight due to all the monotony!

D568 67807B0800    CMP     BYTE PTR [EBX+08],00
D56D 0F851C00      JNZ     D58D
D571 06            PUSH    ES
D572 1E            PUSH    DS
D573 6660          PUSHAD
D575 67668D5310    LEA     EDX,[EBX+10]
D57A 67668B0A      MOV     ECX,[EDX]
D57E 668BF3        MOV     ESI,EBX
D581 67037204      ADD     SI,[EDX+04]
D585 F3            REPZ
D586 A4            MOVSB
D587 6661          POPAD
D589 90            NOP
D58A 1F            POP     DS
D58B 07            POP     ES
D58C C3            RET

; ---------------------------------------------------------
D58D 6650          PUSH    EAX
D58F 67668D5310    LEA     EDX,[EBX+10]
D594 6685C0        TEST    EAX,EAX
D597 0F850A00      JNZ     D5A5
D59B 67668B4A08    MOV     ECX,[EDX+08]
D5A0 6641          INC     ECX
D5A2 EB11          JMP     D5B5
D5A4 90            NOP
D5A5 67668B4218    MOV     EAX,[EDX+18]
D5AA 6633D2        XOR     EDX,EDX
D5AD 66F7364E02    DIV     DWORD PTR [024E]
D5B2 668BC8        MOV     ECX,EAX
D5B5 662BC0        SUB     EAX,EAX
D5B8 665E          POP     ESI
D5BA E80100        CALL    D5BE
D5BD C3            RET

; ---------------------------------------------------------
D5BE 06            PUSH    ES
D5BF 1E            PUSH    DS
D5C0 6660          PUSHAD
D5C2 67807B0801    CMP     BYTE PTR [EBX+08],01
D5C7 0F840300      JZ      D5CE
D5CB E993FB        JMP     D161
D5CE 6683F900      CMP     ECX,+00
D5D2 0F850600      JNZ     D5DC
D5D6 6661          POPAD
D5D8 90            NOP
D5D9 1F            POP     DS
D5DA 07            POP     ES
D5DB C3            RET

; ---------------------------------------------------------
D5DC 6653          PUSH    EBX
D5DE 6650          PUSH    EAX
D5E0 6651          PUSH    ECX
D5E2 6656          PUSH    ESI
D5E4 6657          PUSH    EDI
D5E6 06            PUSH    ES
D5E7 E89104        CALL    DA7B
D5EA 668BD1        MOV     EDX,ECX
D5ED 07            POP     ES
D5EE 665F          POP     EDI
D5F0 665E          POP     ESI
D5F2 6659          POP     ECX
D5F4 6685C0        TEST    EAX,EAX
D5F7 0F843400      JZ      D62F
D5FB 663BCA        CMP     ECX,EDX
D5FE 0F8D0300      JNL     D605
D602 668BD1        MOV     EDX,ECX
D605 E882FE        CALL    D48A
D608 662BCA        SUB     ECX,EDX
D60B 668BDA        MOV     EBX,EDX
D60E 668BC2        MOV     EAX,EDX
D611 660FB6160D00  MOVZX   EDX,BYTE PTR [000D]
D617 66F7E2        MUL     EDX
D61A 660FB7160B00  MOVZX   EDX,WORD PTR [000B]
D620 66F7E2        MUL     EDX
D623 6603F8        ADD     EDI,EAX
D626 6658          POP     EAX
D628 6603C3        ADD     EAX,EBX
D62B 665B          POP     EBX
D62D EB9F          JMP     D5CE
D62F 6685F6        TEST    ESI,ESI
D632 0F842BFB      JZ      D161
D636 6651          PUSH    ECX
D638 6657          PUSH    EDI
D63A 06            PUSH    ES
D63B 67660FB64309  MOVZX   EAX,BYTE PTR [EBX+09]
D641 6685C0        TEST    EAX,EAX
D644 0F842000      JZ      D668
D648 66D1E0        SHL     EAX,1
D64B 662BE0        SUB     ESP,EAX
D64E 668BFC        MOV     EDI,ESP
D651 6654          PUSH    ESP
D653 6656          PUSH    ESI
D655 67660FB7730A  MOVZX   ESI,WORD PTR [EBX+0A]
D65B 6603F3        ADD     ESI,EBX
D65E 668BC8        MOV     ECX,EAX
D661 F3            REPZ
D662 A4            MOVSB
D663 665E          POP     ESI
D665 EB03          JMP     D66A
D667 90            NOP
D668 6650          PUSH    EAX
D66A 6650          PUSH    EAX
D66C 67668B03      MOV     EAX,[EBX]
D670 6650          PUSH    EAX
D672 67668B4318    MOV     EAX,[EBX+18]
D677 6650          PUSH    EAX
D679 67668B5620    MOV     EDX,[ESI+20]
D67E 6685D2        TEST    EDX,EDX
D681 0F840B00      JZ      D690
D685 668BFE        MOV     EDI,ESI
D688 1E            PUSH    DS
D689 07            POP     ES
D68A 668BC2        MOV     EAX,EDX
D68D E87103        CALL    DA01
D690 668BC6        MOV     EAX,ESI
D693 665A          POP     EDX
D695 6659          POP     ECX
D697 6642          INC     EDX
D699 6651          PUSH    ECX
D69B 6656          PUSH    ESI
D69D E83F06        CALL    DCDF
D6A0 6685C0        TEST    EAX,EAX
D6A3 0F84BAFA      JZ      D161
D6A7 665E          POP     ESI
D6A9 6659          POP     ECX
D6AB 668BFE        MOV     EDI,ESI
D6AE 1E            PUSH    DS
D6AF 07            POP     ES
D6B0 E84E03        CALL    DA01
D6B3 668BC6        MOV     EAX,ESI
D6B6 668BD9        MOV     EBX,ECX
D6B9 6659          POP     ECX
D6BB 665A          POP     EDX
D6BD 6651          PUSH    ECX
D6BF 6656          PUSH    ESI
D6C1 66D1E9        SHR     ECX,1
D6C4 E8F8FD        CALL    D4BF
D6C7 6685C0        TEST    EAX,EAX
D6CA 0F8493FA      JZ      D161
D6CE 665E          POP     ESI
D6D0 6659          POP     ECX
D6D2 6603E1        ADD     ESP,ECX
D6D5 07            POP     ES
D6D6 665F          POP     EDI
D6D8 6659          POP     ECX
D6DA 668BD0        MOV     EDX,EAX
D6DD 6658          POP     EAX
D6DF 665B          POP     EBX
D6E1 668BDA        MOV     EBX,EDX
D6E4 E9F5FE        JMP     D5DC
D6E7 06            PUSH    ES
D6E8 1E            PUSH    DS
D6E9 6660          PUSHAD
D6EB 26            ES:
D6EC 67660FB75F04  MOVZX   EBX,WORD PTR [EDI+04]
D6F2 26            ES:
D6F3 67660FB74F06  MOVZX   ECX,WORD PTR [EDI+06]
D6F9 660BC9        OR      ECX,ECX
D6FC 0F8461FA      JZ      D161
D700 6603DF        ADD     EBX,EDI
D703 6683C302      ADD     EBX,+02
D707 6681C7FE0100+ ADD     EDI,000001FE
D70E 6649          DEC     ECX
D710 660BC9        OR      ECX,ECX
D713 0F841700      JZ      D72E
D717 26            ES:
D718 678B03        MOV     AX,[EBX]
D71B 26            ES:
D71C 678907        MOV     [EDI],AX
D71F 6683C302      ADD     EBX,+02
D723 6681C7000200+ ADD     EDI,00000200
D72A 6649          DEC     ECX
D72C EBE2          JMP     D710
D72E 6661          POPAD
D730 90            NOP
D731 1F            POP     DS
D732 07            POP     ES
D733 C3            RET

; ==============================================================
; * Most of the following code is to update the kernel on sector 3!!! *
; ==============================================================
D734 06            PUSH    ES
D735 1E            PUSH    DS
D736 6660          PUSHAD
D738 66B801000000  MOV     EAX,00000001
D73E 66A31E02      MOV     [021E],EAX
D742 66A11A02      MOV     EAX,[021A]
D746 6603065202    ADD     EAX,[0252]
D74B 66A35A02      MOV     [025A],EAX
D74F 6603065202    ADD     EAX,[0252]
D754 66A34A02      MOV     [024A],EAX
D758 66A13000      MOV     EAX,[0030]
D75C 660FB61E0D00  MOVZX   EBX,BYTE PTR [000D]
D762 66F7E3        MUL     EBX
D765 668B1E4A02    MOV     EBX,[024A]
D76A 668907        MOV     [BX],EAX
D76D 66A31000      MOV     [0010],EAX
D771 83C304        ADD     BX,+04
D774 66A15602      MOV     EAX,[0256]
D778 668907        MOV     [BX],EAX
D77B A30E00        MOV     [000E],AX
D77E 83C304        ADD     BX,+04
D781 66891E4A02    MOV     [024A],EBX
D786 668B1E1A02    MOV     EBX,[021A]
D78B 1E            PUSH    DS
D78C 07            POP     ES
D78D E837F9        CALL    D0C7

D790 668BFB        MOV     EDI,EBX
D793 E851FF        CALL    D6E7

D796 66A11A02      MOV     EAX,[021A]
D79A 66BB20000000  MOV     EBX,00000020
D7A0 66B900000000  MOV     ECX,00000000
D7A6 66BA00000000  MOV     EDX,00000000
D7AC E810FD        CALL    D4BF

D7AF 660BC0        OR      EAX,EAX
D7B2 0F841901      JZ      D8CF
D7B6 668BD8        MOV     EBX,EAX
D7B9 1E            PUSH    DS
D7BA 07            POP     ES
D7BB 668B3E1602    MOV     EDI,[0216]
D7C0 6633C0        XOR     EAX,EAX
D7C3 E8A2FD        CALL    D568

D7C6 668B1E1602    MOV     EBX,[0216]
D7CB 66813F800000+ CMP     DWORD PTR [BX],00000080
D7D2 0F84EB00      JZ      D8C1
D7D6 035F04        ADD     BX,[BX+04]
D7D9 EBF0          JMP     D7CB

D7DB 6653          PUSH    EBX
D7DD 668B4710      MOV     EAX,[BX+10]
D7E1 66F7265602    MUL     DWORD PTR [0256]
D7E6 6650          PUSH    EAX
D7E8 6633D2        XOR     EDX,EDX
D7EB 660FB61E0D00  MOVZX   EBX,BYTE PTR [000D]
D7F1 66F7F3        DIV     EBX
D7F4 6652          PUSH    EDX
D7F6 E8DC00        CALL    D8D5

D7F9 660BC0        OR      EAX,EAX
D7FC 0F8461F9      JZ      D161
D800 668B0E5602    MOV     ECX,[0256]
D805 660FB61E0D00  MOVZX   EBX,BYTE PTR [000D]
D80B 66F7E3        MUL     EBX
D80E 665A          POP     EDX
D810 6603C2        ADD     EAX,EDX
D813 668B1E4A02    MOV     EBX,[024A]
D818 668907        MOV     [BX],EAX
D81B 83C304        ADD     BX,+04
D81E 660FB6060D00  MOVZX   EAX,BYTE PTR [000D]
D824 662BC2        SUB     EAX,EDX
D827 663BC1        CMP     EAX,ECX
D82A 0F860300      JBE     D831
D82E 668BC1        MOV     EAX,ECX
D831 668907        MOV     [BX],EAX
D834 662BC8        SUB     ECX,EAX
D837 665A          POP     EDX
D839 0F847500      JZ      D8B2
D83D 6603C2        ADD     EAX,EDX
D840 6650          PUSH    EAX
D842 6633D2        XOR     EDX,EDX
D845 660FB61E0D00  MOVZX   EBX,BYTE PTR [000D]
D84B 66F7F3        DIV     EBX
D84E 6651          PUSH    ECX
D850 E88200        CALL    D8D5

D853 6659          POP     ECX
D855 660BC0        OR      EAX,EAX
D858 0F8405F9      JZ      D161
D85C 660FB61E0D00  MOVZX   EBX,BYTE PTR [000D]
D862 66F7E3        MUL     EBX
D865 668B1E4A02    MOV     EBX,[024A]
D86A 668B17        MOV     EDX,[BX]
D86D 83C304        ADD     BX,+04
D870 660317        ADD     EDX,[BX]
D873 663BD0        CMP     EDX,EAX
D876 0F851500      JNZ     D88F
D87A 660FB6060D00  MOVZX   EAX,BYTE PTR [000D]
D880 663BC1        CMP     EAX,ECX
D883 0F860300      JBE     D88A
D887 668BC1        MOV     EAX,ECX
D88A 660107        ADD     [BX],EAX
D88D EBA5          JMP     D834

D88F 83C304        ADD     BX,+04
D892 66891E4A02    MOV     [024A],EBX
D897 668907        MOV     [BX],EAX
D89A 83C304        ADD     BX,+04
D89D 660FB6060D00  MOVZX   EAX,BYTE PTR [000D]
D8A3 663BC1        CMP     EAX,ECX
D8A6 0F860300      JBE     D8AD
D8AA 668BC1        MOV     EAX,ECX
D8AD 668907        MOV     [BX],EAX
D8B0 EB82          JMP     D834

D8B2 83C304        ADD     BX,+04
D8B5 66FF061E02    INC     DWORD PTR [021E]
D8BA 66891E4A02    MOV     [024A],EBX
D8BF 665B          POP     EBX
D8C1 035F04        ADD     BX,[BX+04]
D8C4 66813F800000+ CMP     DWORD PTR [BX],00000080
D8CB 0F840CFF      JZ      D7DB
D8CF 6661          POPAD
D8D1 90            NOP
D8D2 1F            POP     DS
D8D3 07            POP     ES
D8D4 C3            RET

; ---------------------------------------------------------
D8D5 668BD0        MOV     EDX,EAX
D8D8 668B0E1E02    MOV     ECX,[021E]
D8DD 668B365A02    MOV     ESI,[025A]
D8E2 6603365202    ADD     ESI,[0252]
D8E7 6652          PUSH    EDX
D8E9 6651          PUSH    ECX
D8EB 6652          PUSH    EDX
D8ED 668B1E5A02    MOV     EBX,[025A]
D8F2 668B3E5602    MOV     EDI,[0256]
D8F7 668B04        MOV     EAX,[SI]
D8FA 66A31000      MOV     [0010],EAX
D8FE 83C604        ADD     SI,+04
D901 668B04        MOV     EAX,[SI]
D904 A30E00        MOV     [000E],AX
D907 83C604        ADD     SI,+04
D90A 1E            PUSH    DS
D90B 07            POP     ES
D90C E8B8F7        CALL    D0C7
D90F 662BF8        SUB     EDI,EAX
D912 0F840800      JZ      D91E
D916 F7260B00      MUL     WORD PTR [000B]
D91A 03D8          ADD     BX,AX
D91C EBD9          JMP     D8F7
D91E 668B3E5A02    MOV     EDI,[025A]
D923 1E            PUSH    DS
D924 07            POP     ES
D925 E8BFFD        CALL    D6E7
D928 66A15A02      MOV     EAX,[025A]
D92C 66BB80000000  MOV     EBX,00000080
D932 66B900000000  MOV     ECX,00000000
D938 668BD1        MOV     EDX,ECX
D93B E881FB        CALL    D4BF
D93E 660BC0        OR      EAX,EAX
D941 0F841CF8      JZ      D161
D945 668BD8        MOV     EBX,EAX
D948 6658          POP     EAX
D94A 6656          PUSH    ESI
D94C E82C01        CALL    DA7B
D94F 665E          POP     ESI
D951 660BC0        OR      EAX,EAX
D954 0F840500      JZ      D95D
D958 665B          POP     EBX
D95A 665B          POP     EBX
D95C C3            RET

; ---------------------------------------------------------
D95D 6659          POP     ECX
D95F 665A          POP     EDX
D961 E284          LOOP    D8E7
D963 6633C0        XOR     EAX,EAX
D966 C3            RET

; ---------------------------------------------------------
D967 06            PUSH    ES
D968 1E            PUSH    DS
D969 6660          PUSHAD
D96B 6650          PUSH    EAX
D96D 6651          PUSH    ECX
D96F 6633D2        XOR     EDX,EDX
D972 660FB61E0D00  MOVZX   EBX,BYTE PTR [000D]
D978 66F7F3        DIV     EBX
D97B 6652          PUSH    EDX
D97D 6657          PUSH    EDI
D97F E853FF        CALL    D8D5
D982 665F          POP     EDI
D984 660BC0        OR      EAX,EAX
D987 0F84D6F7      JZ      D161
D98B 660FB61E0D00  MOVZX   EBX,BYTE PTR [000D]
D991 66F7E3        MUL     EBX
D994 665A          POP     EDX
D996 6603C2        ADD     EAX,EDX
D999 66A31000      MOV     [0010],EAX
D99D 6659          POP     ECX
D99F 660FB61E0D00  MOVZX   EBX,BYTE PTR [000D]
D9A5 663BCB        CMP     ECX,EBX
D9A8 0F8E1300      JLE     D9BF
D9AC 891E0E00      MOV     [000E],BX
D9B0 662BCB        SUB     ECX,EBX
D9B3 6658          POP     EAX
D9B5 6603C3        ADD     EAX,EBX
D9B8 6650          PUSH    EAX
D9BA 6651          PUSH    ECX
D9BC EB14          JMP     D9D2
D9BE 90            NOP
D9BF 6658          POP     EAX
D9C1 6603C1        ADD     EAX,ECX
D9C4 6650          PUSH    EAX
D9C6 890E0E00      MOV     [000E],CX
D9CA 66B900000000  MOV     ECX,00000000
D9D0 6651          PUSH    ECX
D9D2 06            PUSH    ES
D9D3 6657          PUSH    EDI
D9D5 8BDF          MOV     BX,DI
D9D7 83E30F        AND     BX,000F
D9DA 8CC0          MOV     AX,ES
D9DC 66C1EF04      SHR     EDI,04
D9E0 03C7          ADD     AX,DI
D9E2 50            PUSH    AX
D9E3 07            POP     ES
D9E4 E8E0F6        CALL    D0C7
D9E7 665F          POP     EDI
D9E9 07            POP     ES
D9EA 66033E4E02    ADD     EDI,[024E]
D9EF 6659          POP     ECX
D9F1 6658          POP     EAX
D9F3 6683F900      CMP     ECX,+00
D9F7 0F8F70FF      JG      D96B
D9FB 6661          POPAD
D9FD 90            NOP
D9FE 1F            POP     DS
D9FF 07            POP     ES
DA00 C3            RET


; ---------------------------------------------------------
DA01 06            PUSH    ES
DA02 1E            PUSH    DS
DA03 6660          PUSHAD
DA05 66F7265602    MUL     DWORD PTR [0256]
DA0A 668B0E5602    MOV     ECX,[0256]
DA0F E855FF        CALL    D967
DA12 E8D2FC        CALL    D6E7
DA15 6661          POPAD
DA17 90            NOP
DA18 1F            POP     DS
DA19 07            POP     ES
DA1A C3            RET

; ---------------------------------------------------------
DA1B 06            PUSH    ES
DA1C 1E            PUSH    DS
DA1D 6660          PUSHAD
DA1F 66F7266202    MUL     DWORD PTR [0262]
DA24 668B1E3202    MOV     EBX,[0232]
DA29 668B0E6202    MOV     ECX,[0262]
DA2E 668B362602    MOV     ESI,[0226]
DA33 1E            PUSH    DS
DA34 07            POP     ES
DA35 668B3E4202    MOV     EDI,[0242]
DA3A E881FB        CALL    D5BE
DA3D E8A7FC        CALL    D6E7
DA40 6661          POPAD
DA42 90            NOP
DA43 1F            POP     DS
DA44 07            POP     ES
DA45 C3            RET

; ---------------------------------------------------------
DA46 6650          PUSH    EAX
DA48 6653          PUSH    EBX
DA4A 6651          PUSH    ECX
DA4C 668B1E4602    MOV     EBX,[0246]
DA51 668BC8        MOV     ECX,EAX
DA54 66C1E803      SHR     EAX,03
DA58 6683E107      AND     ECX,00000007
DA5C 6603D8        ADD     EBX,EAX
DA5F 66B801000000  MOV     EAX,00000001
DA65 66D3E0        SHL     EAX,CL
DA68 678403        TEST    [EBX],AL
DA6B 0F840400      JZ      DA73
DA6F F8            CLC
DA70 EB02          JMP     DA74
DA72 90            NOP
DA73 F9            STC
DA74 6659          POP     ECX
DA76 665B          POP     EBX
DA78 6658          POP     EAX
DA7A C3            RET

; ---------------------------------------------------------
DA7B 67807B0801    CMP     BYTE PTR [EBX+08],01
DA80 0F840400      JZ      DA88
DA84 662BC0        SUB     EAX,EAX
DA87 C3            RET

; ---------------------------------------------------------
DA88 67668D7310    LEA     ESI,[EBX+10]
DA8D 67668B5608    MOV     EDX,[ESI+08]
DA92 663BC2        CMP     EAX,EDX
DA95 0F870B00      JA      DAA4
DA99 67668B16      MOV     EDX,[ESI]
DA9D 663BC2        CMP     EAX,EDX
DAA0 0F830400      JNB     DAA8
DAA4 662BC0        SUB     EAX,EAX
DAA7 C3            RET

; ---------------------------------------------------------
DAA8 67035E10      ADD     BX,[ESI+10]
DAAC 662BF6        SUB     ESI,ESI
DAAF 67803B00      CMP     BYTE PTR [EBX],00
DAB3 0F843E00      JZ      DAF5
DAB7 E88100        CALL    DB3B
DABA 6603F1        ADD     ESI,ECX
DABD E83900        CALL    DAF9
DAC0 6603CA        ADD     ECX,EDX
DAC3 663BC1        CMP     EAX,ECX
DAC6 0F8C2100      JL      DAEB
DACA 668BD1        MOV     EDX,ECX
DACD 6650          PUSH    EAX
DACF 67660FB60B    MOVZX   ECX,BYTE PTR [EBX]
DAD4 668BC1        MOV     EAX,ECX
DAD7 6683E00F      AND     EAX,0000000F
DADB 66C1E904      SHR     ECX,04
DADF 6603D9        ADD     EBX,ECX
DAE2 6603D8        ADD     EBX,EAX
DAE5 6643          INC     EBX
DAE7 6658          POP     EAX
DAE9 EBC4          JMP     DAAF
DAEB 662BC8        SUB     ECX,EAX
DAEE 662BC2        SUB     EAX,EDX
DAF1 6603C6        ADD     EAX,ESI
DAF4 C3            RET

DAF5 662BC0        SUB     EAX,EAX
DAF8 C3            RET


; ---------------------------------------------------------
DAF9 662BC9        SUB     ECX,ECX
DAFC 678A0B        MOV     CL,[EBX]
DAFF 80E10F        AND     CL,0F
DB02 6683F900      CMP     ECX,+00
DB06 0F850400      JNZ     DB0E
DB0A 662BC9        SUB     ECX,ECX
DB0D C3            RET

; ---------------------------------------------------------
DB0E 6653          PUSH    EBX
DB10 6652          PUSH    EDX
DB12 6603D9        ADD     EBX,ECX
DB15 67660FBE13    MOVSX   EDX,BYTE PTR [EBX]
DB1A 6649          DEC     ECX
DB1C 664B          DEC     EBX
DB1E 6683F900      CMP     ECX,+00
DB22 0F840D00      JZ      DB33
DB26 66C1E208      SHL     EDX,08
DB2A 678A13        MOV     DL,[EBX]
DB2D 664B          DEC     EBX
DB2F 6649          DEC     ECX
DB31 EBEB          JMP     DB1E
DB33 668BCA        MOV     ECX,EDX
DB36 665A          POP     EDX
DB38 665B          POP     EBX
DB3A C3            RET


; ---------------------------------------------------------
DB3B 6653          PUSH    EBX
DB3D 6652          PUSH    EDX
DB3F 662BD2        SUB     EDX,EDX
DB42 678A13        MOV     DL,[EBX]
DB45 6683E20F      AND     EDX,0000000F
DB49 662BC9        SUB     ECX,ECX
DB4C 678A0B        MOV     CL,[EBX]
DB4F C0E904        SHR     CL,04
DB52 6683F900      CMP     ECX,+00
DB56 0F850800      JNZ     DB62
DB5A 662BC9        SUB     ECX,ECX
DB5D 665A          POP     EDX
DB5F 665B          POP     EBX
DB61 C3            RET

; ---------------------------------------------------------
DB62 6603DA        ADD     EBX,EDX
DB65 6603D9        ADD     EBX,ECX
DB68 67660FBE13    MOVSX   EDX,BYTE PTR [EBX]
DB6D 6649          DEC     ECX
DB6F 664B          DEC     EBX
DB71 6683F900      CMP     ECX,+00
DB75 0F840D00      JZ      DB86
DB79 66C1E208      SHL     EDX,08
DB7D 678A13        MOV     DL,[EBX]
DB80 664B          DEC     EBX
DB82 6649          DEC     ECX
DB84 EBEB          JMP     DB71
DB86 668BCA        MOV     ECX,EDX
DB89 665A          POP     EDX
DB8B 665B          POP     EBX
DB8D C3            RET

DB8E 660BC9        OR      ECX,ECX
DB91 0F850100      JNZ     DB96
DB95 C3            RET

DB96 6651          PUSH    ECX
DB98 6656          PUSH    ESI
DB9A 67833E61      CMP     WORD PTR [ESI],+61
DB9E 0F8C0C00      JL      DBAE
DBA2 67833E7A      CMP     WORD PTR [ESI],+7A
DBA6 0F8F0400      JG      DBAE
DBAA 67832E20      SUB     WORD PTR [ESI],+20
DBAE 6683C602      ADD     ESI,+02
DBB2 E2E6          LOOP    DB9A
DBB4 665E          POP     ESI
DBB6 6659          POP     ECX
DBB8 C3            RET


; ---------------------------------------------------------
DBB9 6650          PUSH    EAX
DBBB 6651          PUSH    ECX
DBBD 668BD0        MOV     EDX,EAX
DBC0 66A12E02      MOV     EAX,[022E]
DBC4 67668D5810    LEA     EBX,[EAX+10]
DBC9 67034304      ADD     AX,[EBX+04]
DBCD 67668D4010    LEA     EAX,[EAX+10]
DBD2 668BDA        MOV     EBX,EDX
DBD5 E844F9        CALL    D51C
DBD8 660BC0        OR      EAX,EAX
DBDB 0F840500      JZ      DBE4
DBDF 6659          POP     ECX
DBE1 6659          POP     ECX
DBE3 C3            RET

DBE4 66A13202      MOV     EAX,[0232]
DBE8 660BC0        OR      EAX,EAX
DBEB 0F850800      JNZ     DBF7
DBEF 6659          POP     ECX
DBF1 6659          POP     ECX
DBF3 6633C0        XOR     EAX,EAX
DBF6 C3            RET

; ---------------------------------------------------------
DBF7 668B163202    MOV     EDX,[0232]
DBFC 67668D5210    LEA     EDX,[EDX+10]
DC01 67668B4218    MOV     EAX,[EDX+18]
DC06 6633D2        XOR     EDX,EDX
DC09 66F7365E02    DIV     DWORD PTR [025E]
DC0E 6633F6        XOR     ESI,ESI
DC11 6650          PUSH    EAX
DC13 6656          PUSH    ESI
DC15 6658          POP     EAX
DC17 665E          POP     ESI
DC19 663BC6        CMP     EAX,ESI
DC1C 0F843A00      JZ      DC5A
DC20 6656          PUSH    ESI
DC22 6640          INC     EAX
DC24 6650          PUSH    EAX
DC26 6648          DEC     EAX
DC28 E81BFE        CALL    DA46
DC2B 72E8          JB      DC15
DC2D E8EBFD        CALL    DA1B
DC30 665A          POP     EDX
DC32 665E          POP     ESI
DC34 6659          POP     ECX
DC36 665B          POP     EBX
DC38 6653          PUSH    EBX
DC3A 6651          PUSH    ECX
DC3C 6656          PUSH    ESI
DC3E 6652          PUSH    EDX
DC40 66A14202      MOV     EAX,[0242]
DC44 67668D4018    LEA     EAX,[EAX+18]
DC49 E8D0F8        CALL    D51C
DC4C 660BC0        OR      EAX,EAX
DC4F 74C4          JZ      DC15
DC51 6659          POP     ECX
DC53 6659          POP     ECX
DC55 6659          POP     ECX
DC57 6659          POP     ECX
DC59 C3            RET

; ---------------------------------------------------------
DC5A 6659          POP     ECX
DC5C 6659          POP     ECX
DC5E 6633C0        XOR     EAX,EAX
DC61 C3            RET


; ---------------------------------------------------------
DC62 6651          PUSH    ECX
DC64 6650          PUSH    EAX
DC66 66B805000000  MOV     EAX,00000005
DC6C 1E            PUSH    DS
DC6D 07            POP     ES
DC6E 668BF9        MOV     EDI,ECX
DC71 E88DFD        CALL    DA01
DC74 668BC1        MOV     EAX,ECX
DC77 66BB20000000  MOV     EBX,00000020
DC7D 66B900000000  MOV     ECX,00000000
DC83 66BA00000000  MOV     EDX,00000000
DC89 E833F8        CALL    D4BF
DC8C 665B          POP     EBX
DC8E 6659          POP     ECX
DC90 6685C0        TEST    EAX,EAX
DC93 0F851500      JNZ     DCAC
DC97 668BC1        MOV     EAX,ECX
DC9A 660FB70E0C02  MOVZX   ECX,WORD PTR [020C]
DCA0 66BA0E020000  MOV     EDX,0000020E
DCA6 E816F8        CALL    D4BF
DCA9 EB33          JMP     DCDE
DCAB 90            NOP
DCAC 6633D2        XOR     EDX,EDX

; Ah! I need some strong tea; not "dcaf" !!!  ;-)
; ------------------------------------------------
DCAF 668BC1        MOV     EAX,ECX
DCB2 668BCB        MOV     ECX,EBX
DCB5 6650          PUSH    EAX
DCB7 6653          PUSH    EBX
DCB9 E82300        CALL    DCDF
DCBC 665B          POP     EBX
DCBE 665F          POP     EDI
DCC0 660BC0        OR      EAX,EAX
DCC3 0F841700      JZ      DCDE
DCC7 1E            PUSH    DS
DCC8 07            POP     ES
DCC9 E835FD        CALL    DA01
DCCC 668BC7        MOV     EAX,EDI
DCCF 660FB70E0C02  MOVZX   ECX,WORD PTR [020C]
DCD5 66BA0E020000  MOV     EDX,0000020E
DCDB E8E1F7        CALL    D4BF
DCDE C3            RET


DCDF 6652          PUSH    EDX
DCE1 6651          PUSH    ECX
DCE3 66BB20000000  MOV     EBX,00000020
DCE9 66B900000000  MOV     ECX,00000000
DCEF 66BA00000000  MOV     EDX,00000000
DCF5 E8C7F7        CALL    D4BF
DCF8 660BC0        OR      EAX,EAX
DCFB 0F846300      JZ      DD62
DCFF 668BD8        MOV     EBX,EAX
DD02 1E            PUSH    DS
DD03 07            POP     ES
DD04 668B3E1602    MOV     EDI,[0216]
DD09 6633C0        XOR     EAX,EAX
DD0C E859F8        CALL    D568
DD0F 1E            PUSH    DS
DD10 07            POP     ES
DD11 668B1E1602    MOV     EBX,[0216]
DD16 6659          POP     ECX
DD18 665A          POP     EDX
DD1A 26            ES:
DD1B 66390F        CMP     [BX],ECX
DD1E 0F850C00      JNZ     DD2E
DD22 26            ES:
DD23 66395708      CMP     [BX+08],EDX
DD27 0F843100      JZ      DD5C
DD2B EB13          JMP     DD40
DD2D 90            NOP
DD2E 26            ES:
DD2F 66833FFF      CMP     DWORD PTR [BX],-01
DD33 0F842F00      JZ      DD66
DD37 26            ES:
DD38 837F0400      CMP     WORD PTR [BX+04],+00
DD3C 0F842600      JZ      DD66
DD40 26            ES:
DD41 660FB74704    MOVZX   EAX,WORD PTR [BX+04]
DD46 03D8          ADD     BX,AX
DD48 8BC3          MOV     AX,BX
DD4A 250080        AND     AX,8000
DD4D 74CB          JZ      DD1A
DD4F 8CC0          MOV     AX,ES
DD51 050008        ADD     AX,0800
DD54 8EC0          MOV     ES,AX
DD56 81E3FF7F      AND     BX,7FFF
DD5A EBBE          JMP     DD1A
DD5C 26            ES:
DD5D 668B4710      MOV     EAX,[BX+10]
DD61 C3            RET

DD62 6659          POP     ECX
DD64 665A          POP     EDX
DD66 6633C0        XOR     EAX,EAX

DD69 C3            RET

DD6A A0F901        MOV     AL,[01F9]   ; Contains A0h (for English string)
                                       ; -> "NTLDR is missing"
DD6D E9F4F3        JMP     D164        ; DISPLAY MESSAGE
DD70 A0FA01        MOV     AL,[01FA]   ; Contains B3h (for English string)
                                       ; -> "NTLDR is compressed"
DD73 E9EEF3        JMP     D164        ; DISPLAY MESSAGE

That's all I've done so far... I've gotten bored of it, so if any one wants to take this, go for it.
 

Android

Active Member
Joined
Mar 19, 2011
Posts
847
Reacts
0
Reputation
0
Credits
0
I honestly don't know what this is for, it confused the hell out of me. You're good if you understand that.
 

Røøt

Member
Joined
Apr 25, 2011
Posts
201
Reacts
0
Reputation
0
Credits
0
Well, the Kernel is what a PC reads on boot up, and the bootstrap is were everything starts.
 

BaussHacker

Member
Joined
Mar 19, 2011
Posts
171
Reacts
0
Reputation
0
Credits
0
Android said:
I honestly don't know what this is for, it confused the hell out of me. You're good if you understand that.
Click to expand...

It's assembly language. The language behind any executeable. When you open an application in ex. Olly debug, then it will show the assembly of the program.

It's a strong language, but it's also very old and hard to master.
 
You must log in or register to reply here.

Featured

General Discussion
Inactive FK Username Requests

Share this page

Top