I have not played with Softice for some months and have just got back to it in order to crack my first VB5 program.

I am running Softice V4.0 on W2000 with service pack 2.

When I try to run a program using the Loader (any program) the program does not break at the entry point. ISTR that this used to be an intermittent problem for me but I can't get it to work at all now.

IcyDee

The only thing i can think of is section flags.
In order for loader to break on the entrypoint the section that the OEP is in needs to be executable as code.
In most peoples understanding this means a simple changing the section flags from C******* to E*******
You can do this via LordPE by Peedit -> Sections -> Rightclick on section -> Edit section header -> Flags: you will see something like C0000040
CHange it to E0000020
Canging 40 to 20 simple is like declaring the C to E
etc..
probely confused the fuck outa ya :P

I am aware of that thanks, but this is the same for all programs including notepad.exe

Hi IcyDee

Here's a thought just to see if the info that you want to break at WinMain is getting across to Softice properly.

The nmtrans.dll function DevIO_SetWLDRBreak is used to communicate to the winice vxd via a DeviceIOControl call that the user wants to break at the program start. The DevIO_ConnectToSoftICE function opens the vxd in the usual way with CreateFileA and returns a valid handle. Then DeviceIOControl is called, pushing the dwIoControlCode (9C40601C) for the proper function within the winice vxd to set the "Stop at WinMain" flag.

I thought you could start to scope out the problem by checking these 2 calls and see if they are returning proper values. Load nmtrans.dll as a module in winice.dat (EXP=C:\SOFTICE\NMTRANS.DLL) and set a BPX on DevIO_SetWLDRBreak. Then trace through and check the return values. Note that you may not be able to step *over* the DeviceIOControl call without the rest of the program executing, but you can set a bp on the MOV [EBP-20],EAX immediately afterwards.

DevIO_ConnectToSoftICE should return a valid handle to the winice vxd
DeviceIOControl should return 1 in EAX if the flag to break at WinMain was successfully set in winice.



If this checks out OK then I guess you've got some weird Win2000 thing going on. You can always try editing in a CC at the OEP and then replace the opcodes. Hope this helps.

Regards,
Kayaker

i had this same problem w/ win2k. the only way i could get cracking properly was too, install win98 also.

Wasn't there a special ntice.sys update for win2k sp2, else try installing DS2.5 or sumtin (or check on the numega site which one should be working). Anywayz, I'd say check the numega site for an update for win2kSP2.

I'm using ds2.6 under winxp. Same problem appears. So reboot into win98...
Is this problem because of softice ,order due to winxp(2k)'s limit?

Howdy,

We are not quite sure why certain BP's dont work
after adding 2.6 with XP.
Very few people are having sucess making this work.

The best thing to do is not use the XP.

Peace, Woodmann

Now I installed driverstudio 2.7 and got the same result as 2.6:
cant break at winmain().
i'm using windows xp.

yeah.I met the same problem when I use the new softice4.27 just.I used win2k.but I used the 4.00version,there was no problem.Why?Is anyone ask the CompuSoft?

I think this is an underaddressed but very important issue. Why are breakpoints on entry point not working in 2k/xp? Clearly an in depth investigation of the loader and debugger itself is the only way to answer this question. If anyone does so I would love to know the results.

Snatch

hi
installed 2.7 under XP - the breakpoints are fixed (no problem to trace in and out win APIs as well as VB/MFC calls) but still, it doesn't break at WinMain().

2.6 runs smooth under Win2k SP2 (just as under Win98) - havn't try 2.7 yet under win2K

Sice config: 2048 kb for screen, Universal Driver, original Sice dlls (nmtrans etc...), usuall exports...

AY.