Do you have a question? Post it now! No Registration Necessary
Threaded View
Subject
- Posted on
MBR(Master Boot Record) please help!
- 01-31-2007
- Navid Shakibapour
January 31, 2007, 11:42 pm
Reply
Save
Print
Hi
I want to disassemble a MBR file and understand what that code does,
In particular I want to know the role of each line of the code (or
each logically connected fragment of it) in the boot sequence and why
that line is needed.
You can download the MBR file that I choose from the following link:
http://s15.quicksharing.com/v/3894883/final.bin.html
Here is the disassembled of the .bin file
00000000 EB48 jmp short 0x4a
00000002 90 nop
00000003 108ED0BC adc [bp+0xbcd0],cl
00000007 00B0B800 add [bx+si+0xb8],dh
0000000B 008ED88E add [bp+0x8ed8],cl
0000000F C0FBBE sar bl,0xbe
00000012 007CBF add [si-0x41],bh
00000015 0006B900 add [0xb9],al
00000019 02F3 add dh,bl
0000001B A4 movsb
0000001C EA21060000 jmp 0x0:0x621
00000021 BEBE07 mov si,0x7be
00000024 3804 cmp [si],al
00000026 750B jnz 0x33
00000028 83C610 add si,byte +0x10
0000002B 81FEFE07 cmp si,0x7fe
0000002F 75F3 jnz 0x24
00000031 EB16 jmp short 0x49
00000033 B402 mov ah,0x2
00000035 B001 mov al,0x1
00000037 BB007C mov bx,0x7c00
0000003A B280 mov dl,0x80
0000003C 8A7403 mov dh,[si+0x3]
0000003F 02800000 add al,[bx+si+0x0]
00000043 808B820000 or byte [bp+di+0x82],0x0
00000048 0008 add [bx+si],cl
0000004A FA cli
0000004B EA507C0000 jmp 0x0:0x7c50
00000050 31C0 xor ax,ax
00000052 8ED8 mov ds,ax
00000054 8ED0 mov ss,ax
00000056 BC0020 mov sp,0x2000
00000059 FB sti
0000005A A0407C mov al,[0x7c40]
0000005D 3CFF cmp al,0xff
0000005F 7402 jz 0x63
00000061 88C2 mov dl,al
00000063 52 push dx
00000064 BE767D mov si,0x7d76
00000067 E83401 call 0x19e
0000006A F6C280 test dl,0x80
0000006D 7454 jz 0xc3
0000006F B441 mov ah,0x41
00000071 BBAA55 mov bx,0x55aa
00000074 CD13 int 0x13
00000076 5A pop dx
00000077 52 push dx
00000078 7249 jc 0xc3
0000007A 81FB55AA cmp bx,0xaa55
0000007E 7543 jnz 0xc3
00000080 A0417C mov al,[0x7c41]
00000083 84C0 test al,al
00000085 7505 jnz 0x8c
00000087 83E101 and cx,byte +0x1
0000008A 7437 jz 0xc3
0000008C 668B4C10 mov ecx,[si+0x10]
00000090 BE057C mov si,0x7c05
00000093 C644FF01 mov byte [si-0x1],0x1
00000097 668B1E447C mov ebx,[0x7c44]
0000009C C7041000 mov word [si],0x10
000000A0 C744020100 mov word [si+0x2],0x1
000000A5 66895C08 mov [si+0x8],ebx
000000A9 C744060070 mov word [si+0x6],0x7000
000000AE 6631C0 xor eax,eax
000000B1 894404 mov [si+0x4],ax
000000B4 6689440C mov [si+0xc],eax
000000B8 B442 mov ah,0x42
000000BA CD13 int 0x13
000000BC 7205 jc 0xc3
000000BE BB0070 mov bx,0x7000
000000C1 EB7D jmp short 0x140
000000C3 B408 mov ah,0x8
000000C5 CD13 int 0x13
000000C7 730A jnc 0xd3
000000C9 F6C280 test dl,0x80
000000CC 0F84F300 jz near 0x1c3
000000D0 E98D00 jmp 0x160
000000D3 BE057C mov si,0x7c05
000000D6 C644FF00 mov byte [si-0x1],0x0
000000DA 6631C0 xor eax,eax
000000DD 88F0 mov al,dh
000000DF 40 inc ax
000000E0 66894404 mov [si+0x4],eax
000000E4 31D2 xor dx,dx
000000E6 88CA mov dl,cl
000000E8 C1E202 shl dx,0x2
000000EB 88E8 mov al,ch
000000ED 88F4 mov ah,dh
000000EF 40 inc ax
000000F0 894408 mov [si+0x8],ax
000000F3 31C0 xor ax,ax
000000F5 88D0 mov al,dl
000000F7 C0E802 shr al,0x2
000000FA 668904 mov [si],eax
000000FD 66A1447C mov eax,[0x7c44]
00000101 6631D2 xor edx,edx
00000104 66F734 div dword [si]
00000107 88540A mov [si+0xa],dl
0000010A 6631D2 xor edx,edx
0000010D 66F77404 div dword [si+0x4]
00000111 88540B mov [si+0xb],dl
00000114 89440C mov [si+0xc],ax
00000117 3B4408 cmp ax,[si+0x8]
0000011A 7D3C jnl 0x158
0000011C 8A540D mov dl,[si+0xd]
0000011F C0E206 shl dl,0x6
00000122 8A4C0A mov cl,[si+0xa]
00000125 FEC1 inc cl
00000127 08D1 or cl,dl
00000129 8A6C0C mov ch,[si+0xc]
0000012C 5A pop dx
0000012D 8A740B mov dh,[si+0xb]
00000130 BB0070 mov bx,0x7000
00000133 8EC3 mov es,bx
00000135 31DB xor bx,bx
00000137 B80102 mov ax,0x201
0000013A CD13 int 0x13
0000013C 722A jc 0x168
0000013E 8CC3 mov bx,es
00000140 8E06487C mov es,[0x7c48]
00000144 60 pusha
00000145 1E push ds
00000146 B90001 mov cx,0x100
00000149 8EDB mov ds,bx
0000014B 31F6 xor si,si
0000014D 31FF xor di,di
0000014F FC cld
00000150 F3A5 rep movsw
00000152 1F pop ds
00000153 61 popa
00000154 FF26427C jmp near [0x7c42]
00000158 BE7C7D mov si,0x7d7c
0000015B E84000 call 0x19e
0000015E EB0E jmp short 0x16e
00000160 BE817D mov si,0x7d81
00000163 E83800 call 0x19e
00000166 EB06 jmp short 0x16e
00000168 BE8B7D mov si,0x7d8b
0000016B E83000 call 0x19e
0000016E BE907D mov si,0x7d90
00000171 E82A00 call 0x19e
00000174 EBFE jmp short 0x174
00000176 47 inc di
00000177 52 push dx
00000178 55 push bp
00000179 42 inc dx
0000017A 2000 and [bx+si],al
0000017C 47 inc di
0000017D 656F gs outsw
0000017F 6D insw
00000180 004861 add [bx+si+0x61],cl
00000183 7264 jc 0x1e9
00000185 204469 and [si+0x69],al
00000188 736B jnc 0x1f5
0000018A 005265 add [bp+si+0x65],dl
0000018D 61 popa
0000018E 640020 add [fs:bx+si],ah
00000191 45 inc bp
00000192 7272 jc 0x206
00000194 6F outsw
00000195 7200 jc 0x197
00000197 BB0100 mov bx,0x1
0000019A B40E mov ah,0xe
0000019C CD10 int 0x10
0000019E AC lodsb
0000019F 3C00 cmp al,0x0
000001A1 75F4 jnz 0x197
000001A3 C3 ret
000001A4 0000 add [bx+si],al
000001A6 0000 add [bx+si],al
000001A8 0000 add [bx+si],al
000001AA 0000 add [bx+si],al
000001AC 0000 add [bx+si],al
000001AE 0000 add [bx+si],al
000001B0 0000 add [bx+si],al
000001B2 0000 add [bx+si],al
000001B4 0000 add [bx+si],al
000001B6 0000 add [bx+si],al
000001B8 0000 add [bx+si],al
000001BA 0000 add [bx+si],al
000001BC 0000 add [bx+si],al
000001BE 800101 add byte [bx+di],0x1
000001C1 0083FE3F add [bp+di+0x3ffe],al
000001C5 0C3F or al,0x3f
000001C7 0000 add [bx+si],al
000001C9 008E2F03 add [bp+0x32f],cl
000001CD 0000 add [bx+si],al
000001CF 0001 add [bx+di],al
000001D1 0D83FE or ax,0xfe83
000001D4 BFDECD mov di,0xcdde
000001D7 2F das
000001D8 0300 add ax,[bx+si]
000001DA 52 push dx
000001DB FC cld
000001DC B000 mov al,0x0
000001DE 0000 add [bx+si],al
000001E0 81DF82FE sbb di,0xfe82
000001E4 FF0E1F2C dec word [0x2c1f]
000001E8 B400 mov ah,0x0
000001EA 30C4 xor ah,al
000001EC 0B00 or ax,[bx+si]
000001EE 0000 add [bx+si],al
000001F0 0000 add [bx+si],al
000001F2 0000 add [bx+si],al
000001F4 0000 add [bx+si],al
000001F6 0000 add [bx+si],al
000001F8 0000 add [bx+si],al
000001FA 0000 add [bx+si],al
000001FC 0000 add [bx+si],al
000001FE 55 push bp
000001FF AA stosb
I want to disassemble a MBR file and understand what that code does,
In particular I want to know the role of each line of the code (or
each logically connected fragment of it) in the boot sequence and why
that line is needed.
You can download the MBR file that I choose from the following link:
http://s15.quicksharing.com/v/3894883/final.bin.html
Here is the disassembled of the .bin file
00000000 EB48 jmp short 0x4a
00000002 90 nop
00000003 108ED0BC adc [bp+0xbcd0],cl
00000007 00B0B800 add [bx+si+0xb8],dh
0000000B 008ED88E add [bp+0x8ed8],cl
0000000F C0FBBE sar bl,0xbe
00000012 007CBF add [si-0x41],bh
00000015 0006B900 add [0xb9],al
00000019 02F3 add dh,bl
0000001B A4 movsb
0000001C EA21060000 jmp 0x0:0x621
00000021 BEBE07 mov si,0x7be
00000024 3804 cmp [si],al
00000026 750B jnz 0x33
00000028 83C610 add si,byte +0x10
0000002B 81FEFE07 cmp si,0x7fe
0000002F 75F3 jnz 0x24
00000031 EB16 jmp short 0x49
00000033 B402 mov ah,0x2
00000035 B001 mov al,0x1
00000037 BB007C mov bx,0x7c00
0000003A B280 mov dl,0x80
0000003C 8A7403 mov dh,[si+0x3]
0000003F 02800000 add al,[bx+si+0x0]
00000043 808B820000 or byte [bp+di+0x82],0x0
00000048 0008 add [bx+si],cl
0000004A FA cli
0000004B EA507C0000 jmp 0x0:0x7c50
00000050 31C0 xor ax,ax
00000052 8ED8 mov ds,ax
00000054 8ED0 mov ss,ax
00000056 BC0020 mov sp,0x2000
00000059 FB sti
0000005A A0407C mov al,[0x7c40]
0000005D 3CFF cmp al,0xff
0000005F 7402 jz 0x63
00000061 88C2 mov dl,al
00000063 52 push dx
00000064 BE767D mov si,0x7d76
00000067 E83401 call 0x19e
0000006A F6C280 test dl,0x80
0000006D 7454 jz 0xc3
0000006F B441 mov ah,0x41
00000071 BBAA55 mov bx,0x55aa
00000074 CD13 int 0x13
00000076 5A pop dx
00000077 52 push dx
00000078 7249 jc 0xc3
0000007A 81FB55AA cmp bx,0xaa55
0000007E 7543 jnz 0xc3
00000080 A0417C mov al,[0x7c41]
00000083 84C0 test al,al
00000085 7505 jnz 0x8c
00000087 83E101 and cx,byte +0x1
0000008A 7437 jz 0xc3
0000008C 668B4C10 mov ecx,[si+0x10]
00000090 BE057C mov si,0x7c05
00000093 C644FF01 mov byte [si-0x1],0x1
00000097 668B1E447C mov ebx,[0x7c44]
0000009C C7041000 mov word [si],0x10
000000A0 C744020100 mov word [si+0x2],0x1
000000A5 66895C08 mov [si+0x8],ebx
000000A9 C744060070 mov word [si+0x6],0x7000
000000AE 6631C0 xor eax,eax
000000B1 894404 mov [si+0x4],ax
000000B4 6689440C mov [si+0xc],eax
000000B8 B442 mov ah,0x42
000000BA CD13 int 0x13
000000BC 7205 jc 0xc3
000000BE BB0070 mov bx,0x7000
000000C1 EB7D jmp short 0x140
000000C3 B408 mov ah,0x8
000000C5 CD13 int 0x13
000000C7 730A jnc 0xd3
000000C9 F6C280 test dl,0x80
000000CC 0F84F300 jz near 0x1c3
000000D0 E98D00 jmp 0x160
000000D3 BE057C mov si,0x7c05
000000D6 C644FF00 mov byte [si-0x1],0x0
000000DA 6631C0 xor eax,eax
000000DD 88F0 mov al,dh
000000DF 40 inc ax
000000E0 66894404 mov [si+0x4],eax
000000E4 31D2 xor dx,dx
000000E6 88CA mov dl,cl
000000E8 C1E202 shl dx,0x2
000000EB 88E8 mov al,ch
000000ED 88F4 mov ah,dh
000000EF 40 inc ax
000000F0 894408 mov [si+0x8],ax
000000F3 31C0 xor ax,ax
000000F5 88D0 mov al,dl
000000F7 C0E802 shr al,0x2
000000FA 668904 mov [si],eax
000000FD 66A1447C mov eax,[0x7c44]
00000101 6631D2 xor edx,edx
00000104 66F734 div dword [si]
00000107 88540A mov [si+0xa],dl
0000010A 6631D2 xor edx,edx
0000010D 66F77404 div dword [si+0x4]
00000111 88540B mov [si+0xb],dl
00000114 89440C mov [si+0xc],ax
00000117 3B4408 cmp ax,[si+0x8]
0000011A 7D3C jnl 0x158
0000011C 8A540D mov dl,[si+0xd]
0000011F C0E206 shl dl,0x6
00000122 8A4C0A mov cl,[si+0xa]
00000125 FEC1 inc cl
00000127 08D1 or cl,dl
00000129 8A6C0C mov ch,[si+0xc]
0000012C 5A pop dx
0000012D 8A740B mov dh,[si+0xb]
00000130 BB0070 mov bx,0x7000
00000133 8EC3 mov es,bx
00000135 31DB xor bx,bx
00000137 B80102 mov ax,0x201
0000013A CD13 int 0x13
0000013C 722A jc 0x168
0000013E 8CC3 mov bx,es
00000140 8E06487C mov es,[0x7c48]
00000144 60 pusha
00000145 1E push ds
00000146 B90001 mov cx,0x100
00000149 8EDB mov ds,bx
0000014B 31F6 xor si,si
0000014D 31FF xor di,di
0000014F FC cld
00000150 F3A5 rep movsw
00000152 1F pop ds
00000153 61 popa
00000154 FF26427C jmp near [0x7c42]
00000158 BE7C7D mov si,0x7d7c
0000015B E84000 call 0x19e
0000015E EB0E jmp short 0x16e
00000160 BE817D mov si,0x7d81
00000163 E83800 call 0x19e
00000166 EB06 jmp short 0x16e
00000168 BE8B7D mov si,0x7d8b
0000016B E83000 call 0x19e
0000016E BE907D mov si,0x7d90
00000171 E82A00 call 0x19e
00000174 EBFE jmp short 0x174
00000176 47 inc di
00000177 52 push dx
00000178 55 push bp
00000179 42 inc dx
0000017A 2000 and [bx+si],al
0000017C 47 inc di
0000017D 656F gs outsw
0000017F 6D insw
00000180 004861 add [bx+si+0x61],cl
00000183 7264 jc 0x1e9
00000185 204469 and [si+0x69],al
00000188 736B jnc 0x1f5
0000018A 005265 add [bp+si+0x65],dl
0000018D 61 popa
0000018E 640020 add [fs:bx+si],ah
00000191 45 inc bp
00000192 7272 jc 0x206
00000194 6F outsw
00000195 7200 jc 0x197
00000197 BB0100 mov bx,0x1
0000019A B40E mov ah,0xe
0000019C CD10 int 0x10
0000019E AC lodsb
0000019F 3C00 cmp al,0x0
000001A1 75F4 jnz 0x197
000001A3 C3 ret
000001A4 0000 add [bx+si],al
000001A6 0000 add [bx+si],al
000001A8 0000 add [bx+si],al
000001AA 0000 add [bx+si],al
000001AC 0000 add [bx+si],al
000001AE 0000 add [bx+si],al
000001B0 0000 add [bx+si],al
000001B2 0000 add [bx+si],al
000001B4 0000 add [bx+si],al
000001B6 0000 add [bx+si],al
000001B8 0000 add [bx+si],al
000001BA 0000 add [bx+si],al
000001BC 0000 add [bx+si],al
000001BE 800101 add byte [bx+di],0x1
000001C1 0083FE3F add [bp+di+0x3ffe],al
000001C5 0C3F or al,0x3f
000001C7 0000 add [bx+si],al
000001C9 008E2F03 add [bp+0x32f],cl
000001CD 0000 add [bx+si],al
000001CF 0001 add [bx+di],al
000001D1 0D83FE or ax,0xfe83
000001D4 BFDECD mov di,0xcdde
000001D7 2F das
000001D8 0300 add ax,[bx+si]
000001DA 52 push dx
000001DB FC cld
000001DC B000 mov al,0x0
000001DE 0000 add [bx+si],al
000001E0 81DF82FE sbb di,0xfe82
000001E4 FF0E1F2C dec word [0x2c1f]
000001E8 B400 mov ah,0x0
000001EA 30C4 xor ah,al
000001EC 0B00 or ax,[bx+si]
000001EE 0000 add [bx+si],al
000001F0 0000 add [bx+si],al
000001F2 0000 add [bx+si],al
000001F4 0000 add [bx+si],al
000001F6 0000 add [bx+si],al
000001F8 0000 add [bx+si],al
000001FA 0000 add [bx+si],al
000001FC 0000 add [bx+si],al
000001FE 55 push bp
000001FF AA stosb
Re: MBR(Master Boot Record) please help!
Then you are wrong here.
There are many web sites dedicated to operating system programming, e.g.
http://www.osdever.net /. These are more appropriate for you.
I see many lines with
add [bx+si],al
and I think that means you have disassembled the file without taking care of
strings or other variables. This way you can destroy everything, because
instructions have different opcode lengths on x86. Then a charachter (which
isn't executed, of course) may be recognized as a two-byte opcode,
disassembled, and disturb the following opcode (which began one byte ago).
So your disassembly is useless, and I wouldn't expect to get a solution
here.
Regards,
Sebastian
Site Timeline
- » USB data or audio capture on 64-bit PPC Linux?
- — Next thread in » Embedded Linux
-
- » Help selecting a single board computer.
- — Previous thread in » Embedded Linux
-
- » Crosscompiling for ARM: reloc type R_ARM_ABS32 is not supported for PIC - ...
- — Newest thread in » Embedded Linux
-
- » Capacitors at RF
- — The site's Newest Thread. Posted in » Electronics Design
-
XML Sitemap