disassembly of the bootsector

Discussion:

(too old to reply)

Sylvain Kerjean

2005-02-24 15:16:24 UTC

Does anybody know how to disassemble the bootsector of a R5 Pro ?

What i did :
-Create a file main.c containing the definition of a string : char *c="";
-With diskprobe, copy the first sector of the disk into the preceding
string .
-Compile.
-Do a "objdump --disassembly-all" on the executable.

What i get :
well the first instruction is "jmp 75" that seems ok.
But when i get to the address "0x75" i get no intelligible instructions
or bad instructions.

So my very question : what did i wrong ??

m***@xs4a11.nl

2005-02-25 22:02:13 UTC

Permalink

Post by Sylvain Kerjean
Does anybody know how to disassemble the bootsector of a R5 Pro ?
-Create a file main.c containing the definition of a string : char *c="";
-With diskprobe, copy the first sector of the disk into the preceding
string .
-Compile.
-Do a "objdump --disassembly-all" on the executable.
well the first instruction is "jmp 75" that seems ok.
But when i get to the address "0x75" i get no intelligible instructions
or bad instructions.
So my very question : what did i wrong ??

You assumed that the string would be disassembled. This is not the
case. objdump knows which part of the executable is code and which
is data (the string), and it will not try to disassemble data.

Sylvain Kerjean

2005-03-02 15:41:07 UTC

Permalink

Post by m***@xs4a11.nl
You assumed that the string would be disassembled. This is not the
case. objdump knows which part of the executable is code and which
is data (the string), and it will not try to disassemble data.

In fact my string contains code, and with the "disassembly-all" option
it will be disassembled.

My failure was that the objdump utility assumes the code is in a 32-bit
assembly. After having installed NASM i get the correct i386 opcodes for
my boot sector with NDISASM.

Thanks for your interest :)