model tiny .code .486 org 100h _: fm_aligned = (offset free_memory - _ + 100h + 15) / 16 * 16 load_address = fm_aligned + 100h start: call get_fname call open_file call get_fsize call read_file call close_file call set_int mov al, int_mode cmp al, 1 jz victim_enter call set_breakpoint jmp victim_enter int_raport: push bp mov bp, sp mov dx, offset line_msg mov bx, ax mov ah, 9 int 21h mov dx, offset ip_eq_msg int 21h mov ax, bx call hex4 mov dx, offset segment_msg mov ah, 9 int 21h mov ax, [bp + 4] call hex4 mov dx, offset ax_eq_msg mov ah, 9 int 21h mov ax, [bp + 6] call hex4 mov dx, offset bx_eq_msg mov ah, 9 int 21h mov ax, [bp + 8] call hex4 mov dx, offset cx_eq_msg mov ah, 9 int 21h mov ax, [bp + 10] call hex4 mov dx, offset dx_eq_msg mov ah, 9 int 21h mov ax, [bp + 12] call hex4 mov dx, offset line_msg mov ah, 9 int 21h xor ax, ax int 16h cmp al, 'q' jz victim_ret pop bp ret int_handler: push bp mov bp, sp push dx push cx push bx push ax push ds push cs pop ds xor cx, cx mov cl, int_mode shr cx, 1 mov ax, [bp + 2] sub ax, cx mov [bp + 2], ax call int_raport or cl, cl mov al, broken_byte mov bx, breakpoint pop ds mov byte ptr [bx], al pop ax pop bx pop cx pop dx pop bp iret set_int: mov al, int_mode mov ah, 35h int 21h mov cx, bx mov bx, offset int_old mov [bx], cx mov cx, es mov [bx + 2], cx mov dx, offset int_handler mov ah, 25h int 21h ret restore_int: mov bx, offset int_old mov dx, [bx] mov cx, [bx + 2] mov al, int_mode push ds mov ds, cx mov ah, 25h int 21h pop ds ret set_breakpoint: mov ax, breakpoint mov bx, offset fm_aligned add bx, ax mov al, byte ptr [bx] mov dx, bx mov bx, offset broken_byte mov byte ptr [bx], al mov bx, dx mov byte ptr [bx], 0CCh ret victim_enter: pushf push cs push offset victim_ret push 0 pushf jnz bp_mode pop ax or ax, 100h push ax bp_mode: mov ax, cs xor bx, bx add bx, offset fm_aligned mov byte ptr [bx], 0CFh shr bx, 4 add ax, bx mov es, ax push ax push 100h push 0 push 0 push 0 push 0 push ax mov ax, 100h mov cl, int_mode cmp cl, 1 jnz bp_mode2 call int_raport bp_mode2: pop ds add sp, 8 xor ax, ax xor bx, bx xor cx, cx xor dx, dx iret victim_ret: push cs pop ax mov ds, ax mov es, ax mov dx, offset line_msg mov ah, 9 int 21h mov dx, offset debug_endmsg int 21h mov dx, offset line_msg int 21h call restore_int int 20h print_cmd: mov bx, 80h ; PSP:80 - command line length xor cx, cx mov cl, [bx] or cx, cx jz print_cmd_ret dec cx mov dx, 82h ; PSP:81 - command line itself mov bx, 1 ; stdout handle mov ah, 40h ; write to a file int 21h print_cmd_ret: ret get_fname: mov bx, 80h xor cx, cx mov cl, [bx] mov di, offset filename or cx, cx jz print_usage dec cx mov si, 82h cld get_fname_loop: mov al, byte ptr [si] cmp al, ' ' jz get_fname_addr movsb loop get_fname_loop xor ax, ax stosb jmp this_is_trapmode get_fname_addr: xor ax, ax stosb xor bx, bx dec cx get_fname_lp2: inc si mov bl, byte ptr [si] sub bx, 30h cmp bx, 9h jle get_fname_sml sub bx, 7h get_fname_sml: shl ax, 4 or ax, bx loop get_fname_lp2 mov bx, offset breakpoint mov [bx], ax ret this_is_trapmode: mov bx, offset int_mode mov byte ptr [bx], 1 ret open_file: mov dx, offset filename mov ax, 3D00h ; open file in read mode int 21h jc open_file_err ret open_file_err: mov dx, offset fopen_errmsg mov ah, 9 int 21h int 20h close_file: mov bx, ax mov ah, 3Eh ; close file int 21h ret get_fsize: mov bx, ax mov ax, 4201h ; seek from current position xor cx, cx xor dx, dx int 21h mov di, dx mov si, ax ; DI:SI <- original position mov ax, 4202h ; seek from end of file xor cx, cx xor dx, dx int 21h push ax mov ax, 4200h ; seek from start of file mov cx, di mov dx, si int 21h ; restore original position pop cx ; CX <- size of file mov ax, bx ret read_file: push ax mov bx, ax mov ah, 3fh ; read file mov dx, load_address int 21h jc read_file_err pop ax ret read_file_err: mov dx, offset fread_errmsg mov ah, 9 int 21h int 20h hex4: push ax mov al, ah call hex2 pop ax hex2: push ax shr al, 4 call hex1 pop ax hex1: push ax and al, 0Fh cmp al, 10 sbb al, 69h das mov dl, al mov ah, 2h int 21h pop ax ret print_usage: mov dx, offset usage_str mov ah, 9 int 21h int 20h filename db 13 dup (?) usage_str db "Usage: dbg <filename>[ <breakpoint>]" db 13,10," If a breakpoint isn't specified," db 13,10," dbg will go to tracing mode. Use keys:" db 13,10," [Enter] -> next point" db 13,10," [q] -> quit",13,10 db "Written by Roman Tereshin ($" fopen_errmsg db "Can not open file$" alloc_errmsg db "Can not allocate memory$" fread_errmsg db "Can not read file$" line_msg db 13,10,"---------",13,10,'$' ip_eq_msg db "ip = $" segment_msg db 13,10,"ds = $" ax_eq_msg db 13,10,"ax = $" bx_eq_msg db 13,10,"bx = $" cx_eq_msg db 13,10,"cx = $" dx_eq_msg db 13,10,"dx = $" debug_endmsg db "END$" int_old dw 2 dup (?) breakpoint dw 0 broken_byte db 0CFh int_mode db 3 free_memory: end start
