The Ultimate Beginner
Session 1: SoftICE Install for Beginners
student
Not Assigned
15 March 1998
by i_magnus
Courtesy of Fravia's page of reverse engineering
slightly edited
by Fravia+
fra_00xx
98xxxx
handle
1100
NA
PC
I try to mantain a balance in favour of more advanced essays, as anyone perusing my site knows, yet I receive myself so many requests for help, by so many talented beginners, that I reckon we should, at times, offer some real 'plain' BEGINNERS essays. Beginners essays can be either very simple and thoroughly explained cracks (see for instance my own "cracking for dummies" serie) or more THEORETICAL essays on 'everydays cracking" aspects. Like this one, that I believe useful for all those (and there are many) that have had and will have some problems installing their LEGITIMATELY BOUGHT copy of sofice, our most beloved debugger.
Be warned, this is very basic stuff, great for newbyes, yet it has NO value at all for seasoned (or even half-seasoned) Fravias.
There is a crack, a crack in everything That's how the light gets in
Rating
(x)Beginner ( )Intermediate ( )Advanced ( )Expert

This is an essay on how to install SoftICE 3.2 for beginners, and I mean Beginners.
The Ultimate Beginner
Session 1: SoftICE for Windows v 3.20 + v 3.22
Written by i_magnus


Introduction

Introduction
Hello there newbies! This is the first article in a series which will take you from an 'Ultimate Beginner', on to become a full fledged cracker. I know, it sounds like a daunting task, but, as you will see, we can learn together.

In the first session I will show you how to install and setup the best debugger for windoze, SoftICE version 3.20. What's that you say? You don't have SoftICE? Well go get it. It's on the NET everywhere. You can't swing a dead cat around out there without hitting at least one copy. :-)
Try it out for the allowed period and then BUY it. It's a great tool and it deserve to be bought.

Tools required

Target's URL/FTP
You may be able to find and download a time limited trial copy of softice from many web-sites, yet not on Fravia's one. SoftICE update to 3.22 from NuMega

Essay

What is SoftICE?
SoftICE, by NuMega Technologies, is a debugger. A debugger is a software (or hardware) device that is used to disassemble program code as it is running. Why would we want to do that? Well, if you have a bug in a program, it is nice to be able to open up the program while it is running to find the bug and eradicate it.;=) Or just to see what the bug is.

NOTE: A disassembler/debugger can only change the code that is in memory at the moment. If you want to change the program code permanently you have to use a Hex Editor. I recommend UltraEdit-32 version 5.0a by IDComp (http://www.idcomp.com/).

For instance, a lot of programs nowadays have a 'registration' bug. This insidious bug usually pops up at the beginning of a program and asks you to input some arcane code. If you don't put in the right code then the program limits what you can do, or wont run at all. Now why would any one release software that has bugs in it? Following Micro$oft's lead, I guess. :P

Most Reverse Engineers (RE) will tell you that SoftICE is the very best debugger for breaking in and reversing code. Now that it has the Universal Video driver, I would have to agree. Older versions of SoftICE (3.0 and below) required you to use a video driver specific to your video card. The problem with these versions? They didn't have drivers for all cards. My card (Creative Labs 3D Blaster PCI) wasn't supported. It was difficult to use this great debugger when you couldn't see it's output. My computer would switch to SoftICE with the standard CTRL-D hotkey, but my screen wouldn't. Now, with version 3.20 of SoftICE, they have incorporated a 'Universal Video Driver' which works just fine with most video cards.

OK, so by now you have searched for and found the SoftICE 3.2 program and it is time to show you how to install it.

Installing SoftICE
You should have found the install program for SoftICE in a zip file (si95win320.zip perhaps?). Unzip that file to the c:\temp directory, or where ever you want to, and run setup.exe. This will start the install process for SoftICE 3.20.

Installation Directory
After all the boring welcome screens and registrations screens, Setup asks you for the directory where SoftICE will be installed (FIG. 1). I chose C:\ICE, because it has a nice ring to it. Your results may differ ;). Be aware though, later on when I use 'C:\ICE' to setup the Config.sys and AutoConfig.bat, you should use the directory where YOU installed SoftICE. Other than that there is no difference.

Fig 1 Directory Selection

Video Driver Selection
Go through all the initial screens (i.e., registration, License Agreement, etc.) until you get to the Display Adapter Selection Screen (FIG. 2). Thumb through all the different display adapter cards and find yours. Be sure to test the display with the handy 'TEST' button that they include. If you don't see a text message when you Test the driver, then it isn't working correctly. Try another driver or use the 'Universal Video Driver'. This is the one that I used, as you can see from FIG. 2.

Fig. 2 Selecting the Display Adapter

Mouse Selection
When you get to the mouse driver screen (FIG. 3) select the type of mouse that you have. If you have a PS/2 mouse it will have a small circular connector on the end. A Serial mouse will have a 'D' type connecter. This is a rectangular connector that has lock down screws on it. The 'D' type looks like a 'D', hence the name. If you do have the Serial type, make sure you select the proper one, i.e., COM 1 or COM 2. Check the back of your computer to see which Port it hooks up to. They should be labeled 1 and 2. Select the correct one, and we are off.

Fig. 3 Mouse Selection

SoftICE System Configuration
The last screen you can edit is the Configuration screen. It has what you have set up so far, plus three (3) options (FIG. 4). Select the last option-- "Do not make any changes." The changes that it would make wouldn't be the best changes (as most automated ones aren't). We will make the required changes to the files ourselves.

Fig. 4 Sytem Configuration

Done
OK, you have selected the third option, and now we will press the 'NEXT' button and complete the installation. Press 'FINISH' on the next screen and come back when it is done installing...
...
...Back already? OK, let's move on.

If you haven't already, download the patch from NuMega or some other site that has it, to Upgrade to version 3.22. The file should be called SI322ServicePack95.exe. Run this .exe file (automatic setup) and then come back...
...
There that wasn't too hard was it?

Setup
Now we just have to setup the Config.sys and AutoExec.bat files to our liking. The setup I am about to show you originally came from exact's Windows 95 Cracking tutorial. I have modified it a little to fit my system, as you will to fit yours.

This setup will allow you to select whether or not you want to load SoftICE at startup. It uses the [menu] command in config.sys and allows user selection of options.

-----------Begin  File: C:\CONFIG.SYS--------------------------------

[menu]
 menuitem SoftICE,Start Windows with 'Soft-Ice v3.22' Debugger [CTRL-D Popup]
 menuitem NORM,Start Windows without Soft-Ice
 menuitem DOSICE,Start DOS with 'S-ICE v2.62' Debugger [CTRL-D Popup]
 menuitem DOS,Start DOS without Soft-Ice
 menudefault SoftICE,10

[DOSICE]
e:\arena\emmsetup e:\arena\s-ice.exe
DEVICE=e:\arena\s-ice.exe /sym 50
[SoftICE]
[NORM]
[DOS]
[COMMON]
DEVICE=C:\WINDOWS\HIMEM.SYS
DEVICE=C:\OCTEK\CDR812.SYS /D:MSCD001 /V
FILES=40
BUFFERS=40

-------------------------END CONFIG.SYS------------------------------

This config will give 4 options: (Screen looks like this)


1.  Start Windows with 'Soft-Ice v3.22' Debugger [CTRL-D Popup]
2.  Start Windows without Soft-Ice
3.  Start DOS with 'S-ICE v 2.62' Debugger [CTRL-D Popup]
4.  Start DOS without Soft-Ice


Selection: 1              Time Remaining: 3

The 'menudefault' setting makes this default to SoftICE (selection 1) in 10 seconds. The start of each 'menuitem' gives the value to jump to below the menu, and the value that %CONFIG% will be set to when we get to the AUTOEXEC.BAT file. Case is important in this, so be careful that you keep everything the same. You can add more menuitem 's if you choose, just remember to keep the case constant.

The third option is to load S-ice.exe, the DOS debugger from NuMega. Note the path of each program (ie, e:\arena\emmsetup e:\arena\s-ice.exe). This is my path, it may not be yours.
Currently I can't get DOS Ice to run on my system; it gives me a GPF and pops up in SoftICE where I have to reboot; but I keep the selection there just in case. If you have any suggestions that might help, please let me know.

Your devices would go in the [COMMON] section. The ones I have won't necessarily be the ones that you have.

OK, so let's take a look at the Autoexec.bat and see where we are.

-------------------Begin File: C:\AUTOEXEC.BAT-----------------------

REM*****************   Common Stuff     ******************

REM your common stuff would go here...

REM **************** SoftIce below here ******************

REM              ********************************
REM              *****                      *****
REM              *****  S O F T I C E 3.22  *****
REM              *****  &  S-ICE DOS v2.62  *****
REM              *****       LOADER         *****
REM              *****                      *****
REM              *****         by           *****
REM              *****  Exact aka Siceboy   *****
REM              *****    i_magnus '98      *****
REM              *****                      *****
REM              ********************************


GOTO %CONFIG%

:DOSICE
        ECHO DOS Soft-ICE Loaded
        GOTO END
:NORM
        WIN
:COMMON 
:END
eof
:SoftICE
        WINICE.EXE
eof
-------------------------END AUTOEXEC.BAT---------------------------

As you can see, if we select option 1 in the Config.sys, then %CONFIG% is set to 'SoftICE' and we GOTO SoftICE when Autoexec.bat runs.

If we select option 2, we goto COMMON, which just loads windoze.

If we had selected option 3, 'DOSICE', config sys would have loaded s-ice.exe as a device and then quit to DOS.

Finally, option 4, jumps to [DOS] in the Config.sys which just runs the [COMMON] files and when it gets to the Autoexec.bat, it does the Common funtions and then not finding a :LABEL for :DOS, it quits to the command prompt.



Final Notes

The main point of using this configuration is that you can decide at startup whether you want to run SoftICE for DOS or SoftICE for Windows or nothing at all. I usually just have SoftICE for Windows installed by default.
So now that you have SoftICE installed what do you do with it? Well, now you can start learning from all those tutorials that Fravia+ has on his site :?)
Look for Session 2: An Ultimate Beginners Guide to using SoftICE 3.22, coming as soon as I finish writing it.



Ob Duh
I wont even bother explaining you that you should BUY this target program if you intend to use it for a longer period than the allowed one. Should you want to STEAL this software instead, you don't need to crack its protection scheme at all: you'll find it on most Warez sites, complete and already regged, farewell.

You are deep inside Fravia's page of reverse engineering, choose your way out:

redhomepage redlinks redsearch_forms red+ORC redstudents' essays redacademy database
redreality cracking redhow to search redjavascript wars
redtools redanonymity academy redcocktails redantismut CGI-scripts redmail_Fravia
redIs reverse engineering legal?