Banki
02-23-2009, 01:44 AM
Following is a list of commands for SoftICE. SoftICE is worth being studied ... the more about SoftICE you know the faster you can crack (Assembly Knowledge Needed Of Course).
Basic Stuff
--------------------------------------------------------------------------------
? Evulate Expression
A Assemble code
ADDR Display/Change address contents
BC Clear Breakpoint
BD Disable Breakpoint
BE Enable Breakpoint
BL List current Breakpoints
BPE Edit Breakpoint
BPT Use Breakpoint as a template
BPM, BPMB, BPMW, BPMD Breakpoint on memory access
BPR Breakpoint on memory range
BPIO Breakpoint on I/O port access
BPINT Breakpoint on Interrupt
BPX Breakpoint on execution
BPMSG Breakpoint on windows message
C Compare two data blocks
CLASS Display window class information
D, DB, DW, DD, DS, DL, DT Display memory
DATA Change data window
E, EB, EW, ED, EL, ET Edit memory
EXIT EXIT
F Fill memory with data
FORMAT Change format of data window
G Go to address
H Help on specific function
HBOOT System boot (total reset)
HERE Go to current cursor line
HWND Display window handle information
M Move Data
MOD Display windows module list
P Step skipping calls, Int, etc
R Display/Change Register contents
S Search for data
T Single Step one instruction
TASK Display windows task list
THREAD Display thread information
U Un-Assemblers instructions
VER SoftICE Version
WATCH Add watch
WHAT Identify the type of expression
WMSG Display windows messages
X Return to host debugger or program
--------------------------------------------------------------------------------
Advanced Stuff
--------------------------------------------------------------------------------
CPU Display CPU register information
GDT Display global descriptor table
GENINT Generate an interrupt
HEAP Display windows global heap
LHEAP Display windows local heap
IDT Display interrupt descriptor table
I, IB, IW, ID Input data from I/O Port
O. OB, OW, OD Output data form I/O Port
LDT Display local descriptor table
MAP32 Display 32Bit section map
MAPV86 Display v86 memory map
PAGE Display page table information
PCI Display PCI device information
PEEK Read from physical address
PHYS Display all virtual addresses for physical address
POKE Write to physical address
PROC Display process information
QUERY Display process virtual address space map
TSS Display task state segment
STACK Display call stack
VCALL Display VxD calls
VM Display virtual machine information
VXD Display windows VxD map
XFRAME Display active exeption frames
--------------------------------------------------------------------------------
Mode Control
--------------------------------------------------------------------------------
FAULTS Enable/Disable SoftIce fault trapping
I1HERE Direct INT1 to SoftICE
I3HERE Direct INT3 to SoftICE
SET Change an internal variable
ZAP Zap embedded INT1 or INT3
--------------------------------------------------------------------------------
Customization Commands
--------------------------------------------------------------------------------
ALTKEY Set key sequence to invoke window
ANSWER Auto-answer and redirect console to modem
CODE Display insctruction bytes in code window
COLOR Display/Set screen colors
DEX Display/Assign window data expression
DIAL Redirect console to modem
FKEY Display/Set function keys
LINES Set/Display number of lines on screen
MACRO Define a named macro command
PAUSE Control display scroll mode
PRN Set printer output port
SERIAL Redirect console
TABS Set/Display tab setting
--------------------------------------------------------------------------------
Window Commands
--------------------------------------------------------------------------------
. Locate current instruction
EC Enable/Disable code window
WC Toggle code window
WD Toggle data window
WF Toggle float point stack window
WL Toggle locals window
WR Toggle register window
WW Toggle watch window
--------------------------------------------------------------------------------
Window Control
--------------------------------------------------------------------------------
ALTSCR Change to alternate display
CLS Clear window
FLASH Restore screen during P and T
RS Restore program screen
--------------------------------------------------------------------------------
Symbole/Source Commands
--------------------------------------------------------------------------------
EXP Display export symbols
FILE Change/Display current source file
LOCALS Display locals currently in scope
SRC Toggle between source, mixed & code
SS Search source module for string
SYMLOC Relocate symbol base
TAB Select/Remove symbol table
TYPES List all types, or display type defination
--------------------------------------------------------------------------------
Back Trace Commands
--------------------------------------------------------------------------------
SHOW Display from backtrace buffer
TRACE Enter backtrace simulation mode
XT Step in trace simulation mode
XP Program step in trace simulation mode
XG Go to address in trace simulation mode
XRSET Reset backtrace history buffer
--------------------------------------------------------------------------------
Special Operators
--------------------------------------------------------------------------------
. Preceding a decimal number specifies a line number
$ Preceding an address specifies SEGMENT addressing
# Preceding an address specifies SELECTOR
@ Preceding an address
--------------------------------------------------------------------------------
Basic Stuff
--------------------------------------------------------------------------------
? Evulate Expression
A Assemble code
ADDR Display/Change address contents
BC Clear Breakpoint
BD Disable Breakpoint
BE Enable Breakpoint
BL List current Breakpoints
BPE Edit Breakpoint
BPT Use Breakpoint as a template
BPM, BPMB, BPMW, BPMD Breakpoint on memory access
BPR Breakpoint on memory range
BPIO Breakpoint on I/O port access
BPINT Breakpoint on Interrupt
BPX Breakpoint on execution
BPMSG Breakpoint on windows message
C Compare two data blocks
CLASS Display window class information
D, DB, DW, DD, DS, DL, DT Display memory
DATA Change data window
E, EB, EW, ED, EL, ET Edit memory
EXIT EXIT
F Fill memory with data
FORMAT Change format of data window
G Go to address
H Help on specific function
HBOOT System boot (total reset)
HERE Go to current cursor line
HWND Display window handle information
M Move Data
MOD Display windows module list
P Step skipping calls, Int, etc
R Display/Change Register contents
S Search for data
T Single Step one instruction
TASK Display windows task list
THREAD Display thread information
U Un-Assemblers instructions
VER SoftICE Version
WATCH Add watch
WHAT Identify the type of expression
WMSG Display windows messages
X Return to host debugger or program
--------------------------------------------------------------------------------
Advanced Stuff
--------------------------------------------------------------------------------
CPU Display CPU register information
GDT Display global descriptor table
GENINT Generate an interrupt
HEAP Display windows global heap
LHEAP Display windows local heap
IDT Display interrupt descriptor table
I, IB, IW, ID Input data from I/O Port
O. OB, OW, OD Output data form I/O Port
LDT Display local descriptor table
MAP32 Display 32Bit section map
MAPV86 Display v86 memory map
PAGE Display page table information
PCI Display PCI device information
PEEK Read from physical address
PHYS Display all virtual addresses for physical address
POKE Write to physical address
PROC Display process information
QUERY Display process virtual address space map
TSS Display task state segment
STACK Display call stack
VCALL Display VxD calls
VM Display virtual machine information
VXD Display windows VxD map
XFRAME Display active exeption frames
--------------------------------------------------------------------------------
Mode Control
--------------------------------------------------------------------------------
FAULTS Enable/Disable SoftIce fault trapping
I1HERE Direct INT1 to SoftICE
I3HERE Direct INT3 to SoftICE
SET Change an internal variable
ZAP Zap embedded INT1 or INT3
--------------------------------------------------------------------------------
Customization Commands
--------------------------------------------------------------------------------
ALTKEY Set key sequence to invoke window
ANSWER Auto-answer and redirect console to modem
CODE Display insctruction bytes in code window
COLOR Display/Set screen colors
DEX Display/Assign window data expression
DIAL Redirect console to modem
FKEY Display/Set function keys
LINES Set/Display number of lines on screen
MACRO Define a named macro command
PAUSE Control display scroll mode
PRN Set printer output port
SERIAL Redirect console
TABS Set/Display tab setting
--------------------------------------------------------------------------------
Window Commands
--------------------------------------------------------------------------------
. Locate current instruction
EC Enable/Disable code window
WC Toggle code window
WD Toggle data window
WF Toggle float point stack window
WL Toggle locals window
WR Toggle register window
WW Toggle watch window
--------------------------------------------------------------------------------
Window Control
--------------------------------------------------------------------------------
ALTSCR Change to alternate display
CLS Clear window
FLASH Restore screen during P and T
RS Restore program screen
--------------------------------------------------------------------------------
Symbole/Source Commands
--------------------------------------------------------------------------------
EXP Display export symbols
FILE Change/Display current source file
LOCALS Display locals currently in scope
SRC Toggle between source, mixed & code
SS Search source module for string
SYMLOC Relocate symbol base
TAB Select/Remove symbol table
TYPES List all types, or display type defination
--------------------------------------------------------------------------------
Back Trace Commands
--------------------------------------------------------------------------------
SHOW Display from backtrace buffer
TRACE Enter backtrace simulation mode
XT Step in trace simulation mode
XP Program step in trace simulation mode
XG Go to address in trace simulation mode
XRSET Reset backtrace history buffer
--------------------------------------------------------------------------------
Special Operators
--------------------------------------------------------------------------------
. Preceding a decimal number specifies a line number
$ Preceding an address specifies SEGMENT addressing
# Preceding an address specifies SELECTOR
@ Preceding an address
--------------------------------------------------------------------------------