------------------------------------------------------------------------------------------------------
An Examination of the Assembly Code
You can learn a great deal about the instructions used here by obtaining the x86 Opcode Windows Help file and Ralf Brown's Interrupt List from our Intro to Assembly page.
Here's a Listing of the disassembled code (; with comments) after first being loaded into Memory at 0000:7C00 by the Windows Vista MBRcode. Until noted, the instructions below are referenced to a CS (Code Segment) of 0000. If you see an asterisk (*) next to an instruction, it means MS-DEBUG can not disassemble its code; you'd only see "DB nn" displayed.
7C00 EB52 JMP 7C54 ; Jump over BPB (BIOS Parameter
; Block) to code at 0x7C54.
7C02 90 NOP ; Used later ?
; 7C03 thru 7C0A 'NTFS ' 8-byte System Name or OEM ID. (Some think
; this is part of the BPB; it's not!)
; 7C0B thru 7C53 BIOS Parameter Block (BPB) Compare with XP VBR here.
; 0 1 2 3 4 5 6 7 8 9 A B C D E F
7C03 4E 54 46 53 20 20 20 20 00 02 08 00 00 NTFS .....
7C10 00 00 00 00 00 F8 00 00 3F 00 FF 00 00 08 00 00 ........?.......
7C20 00 00 00 00 80 00 80 00 FF EF 3F 01 00 00 00 00 ..........?.....
7C30 04 00 00 00 00 00 00 00 FF FE 13 00 00 00 00 00 ................
7C40 F6 00 00 00 01 00 00 00 6B E5 F9 78 1A FA 78 EA ........k..x..x.
7C50 00 00 00 00 ....
7C54 FA CLI ; Disable maskable Interrupts.
7C55 33C0 XOR AX,AX ; Zero out both the Accumulator
7C57 8ED0 MOV SS,AX ; and Stack Segment Registers.
7C59 BC007C MOV SP,7C00 ; Set Stack Pointer to 0000:7C00
7C5C FB STI ; Enable Interrupts again.
; NOTE: This section merely changes the Segment reference to locations in
; memory. It switches the Segment from 0000 to 07C0 when RETF is executed
; at 0000:7C65. The next instruction, at 07C0:0066, is the same location
; as linear address 0x7C66 (or, 0000:7C66).
7C5D 68C007 * PUSH 07C0 ; New segment ref. to be used for
7C60 1F POP DS ; both Data (DS = Data Segment)
7C61 1E PUSH DS ; . . .
7C62 686600 * PUSH 0066 ; and Code segements . . .
7C65 CB RETF ; after this RETF instruction.
All Code (CS) and Data (DS) in the instructions which follow are in reference to Segment 07C0.
0066 88160E00 MOV [000E],DL ;
006A 66813E03004E+ * CMP DWORD PTR [0003],5346544E ;/ -> "NTFS"
;| Check to see if this is an NTFS Boot Record, and if not display...
0073 7515 JNZ 008A ;\ ... Disk read error -> 015F.
; NOTE: Vista must be run on a computer with INT 13 Extensions!
0075 B441 MOV AH,41 ;/ Function 41h (with BX=55AAh):
0077 BBAA55 MOV BX,55AA ;| Checks for INT 13 Extentions
007A CD13 INT 13 ;| in BIOS. If CF flag cleared
;| and [BX] changes to AA55h, they are installed; Major version is in
;\ AH: 01h=1.x; 20h=2.0/EDD-1.0; 21h=2.1/EDD-1.1; 30h=EDD-3.0.
007C 720C JB 008A ; If CF flag not cleared, then
; declare 'Disk error' -> 015F.
007E 81FB55AA CMP BX,AA55 ; Was [BX] changed to AA55h ?
0082 7506 JNZ 008A ; If not, 'Disk error' -> 015F.
0084 F7C10100 TEST CX,0001 ;
0088 7503 JNZ 008D ;
008A E9D200 JMP 015F ;
The following code is missing many comments, but all the instructions are here for you to study.
008D 1E PUSH DS ;
008E 83EC18 SUB SP,+18 ;
0091 681A00 * PUSH 001A ;
0094 B448 MOV AH,48 ;
0096 8A160E00 MOV DL,[000E] ;
009A 8BF4 MOV SI,SP ;
009C 16 PUSH SS ;
009D 1F POP DS ;
009E CD13 INT 13 ;
00A0 9F LAHF ; Load Status flags into AH
00A1 83C418 ADD SP,+18
00A4 9E SAHF ; Save AH into flags register
00A5 58 POP AX ;
00A6 1F POP DS ;
00A7 72E1 JB 008A ;
00A9 3B060B00 CMP AX,[000B] ; [0B] -> 200h = 512
00AD 75DB JNZ 008A ;
00AF A30F00 MOV [000F],AX ;
00B2 C12E0F0004 * SHR WORD PTR [000F],04 ;
00B7 1E PUSH DS
00B8 5A POP DX
00B9 33DB XOR BX,BX
00BB B90020 MOV CX,2000 ; 2000h = 8192 = 16 sectors.
00BE 2BC8 SUB CX,AX
00C0 66FF061100 * INC DWORD PTR [0011]
00C5 03160F00 ADD DX,[000F]
00C9 8EC2 MOV ES,DX
00CB FF061600 INC WORD PTR [0016]
00CF E84000 CALL 0112
00D2 2BC8 SUB CX,AX
00D4 77EF JA 00C5
; =================================================================
; This code (from 00D6 through 010B) is related to discovering if
; TPM version 1.2 interface support is operational on the system.
;
; Comments below checked with the document, "TCG PC Client Specific
; Implementation Specification For Conventional BIOS" (Version 1.20
; FINAL/Revision 1.00/July 13, 2005/For TPM Family 1.2; Level 2), §
; 12.5, pages 85 ff. TCG and "TCG BIOS DOS Test Tool" (MSDN).
00D6 B800BB MOV AX,BB00 ; With AH = BBh and AL = 00h
00D9 CD1A INT 1A ; Int 1A -> TCG_StatusCheck
00DB 6623C0 * AND EAX,EAX ;/ If EAX does not equal zero,
00DE 752D JNZ 010D ;\ then no BIOS support for TCG.
00E0 6681FB544350+ * CMP EBX,41504354 ; EBX must also return ..
; the numerical equivalent
; of the ASCII character string "TCPA" ("54 43 50 41") as a further
; check. (Note: Since hex numbers are stored in reverse order on PC
; media or in Memory, a TPM BIOS would put 41504354h in EBX.)
00E7 7524 JNZ 010D ; If not, exit TCG code.
00E9 81F90201 CMP CX,0102 ; Version 1.2 or higher ?
00ED 721E JB 010D ; If not, exit TCG code.
; If TPM 1.2 found, perform a: "TCG_CompactHashLogExtendEvent".
06FD 666807BB0000 * PUSH 0000BB07 ; Setup for INT 1Ah AH = BB,
; AL = 07h command (p.94 f).
00EF 16 PUSH SS
00F0 6807BB * PUSH BB07
00F3 16 PUSH SS
00F4 68700E * PUSH 0E70
00F7 16 PUSH SS
00F8 680900 * PUSH 0009
00FB 6653 * PUSH EBX
00FD 6653 * PUSH EBX
00FF 6655 * PUSH EBP
0101 16 PUSH SS
0102 16 PUSH SS
0103 16 PUSH SS
0104 68B801 PUSH 01B8
0107 6661 POPAD
0109 0E PUSH CS
010A 07 POP ES
010B CD1A INT 1A (BIOS Clock)
; On return, "(EAX) = Return Code as defined in Section 12.3" and
; "(EDX) = Event number of the event that was logged".
; =================================================================
010D E96A01 JMP 027A ; Beginning of BOOTMGR
; "bootstrap" code in Boot
; Record's second sector.
0110 90 NOP
0111 90 NOP
; =============================================================
; SUBROUTINE - INT 13 Function 42h Extended DISK READ
; =============================================================
0112 6660 * PUSHAD
0114 1E PUSH DS
0115 06 PUSH ES
0116 66A11100 MOV EAX,[0011]
011A 6603061C00 ADD EAX,[001C]
011F 1E PUSH DS
0120 666800000000 * PUSH 00000000
0126 6650 * PUSH EAX
0128 06 PUSH ES
0129 53 PUSH BX
012A 680100 * PUSH 0001
012D 681000 * PUSH 0010
0130 B442 MOV AH,42
0132 8A160E00 MOV DL,[000E]
0136 16 PUSH SS
0137 1F POP DS
0138 8BF4 MOV SI,SP
013A CD13 INT 13
013C 6659 * POP ECX
013E 5B POP BX
013F 5A POP DX
0140 6659 * POP ECX
0142 6659 * POP ECX
0144 1F POP DS
0145 0F821600 * JB 015F
0149 66FF061100 * INC DWORD PTR [0011]
014E 03160F00 ADD DX,[000F]
0152 8EC2 MOV ES,DX
0154 FF0E1600 DEC WORD PTR [0016]
0158 75BC JNZ 0116
015A 07 POP ES
015B 1F POP DS
015C 6661 * POPAD
015E C3 RET
; Note: When the last character of any Error Message has been displayed on
; the screen, the instruction at offset 016B locks the computer's execution
; into an infinite loop! You must reboot the machine. INT 10, Function 0Eh
; (Teletype Output) is used to display each character of the error messages.
015F A0F801 MOV AL,[01F8] ; [1F8] = 80 + 100 -> 180 h
0162 E80800 CALL 016D ; Displays: "A disk read error occurred"
0165 A0FB01 MOV AL,[01FB] ; [1FB] = CA + 100 -> 1CA h
0168 E80200 CALL 016D ; Displays: "Press Ctrl+Alt+Del to
; restart"
016B EBFE JMP 016B
016D B401 MOV AH,01 ; Adds 100h to offsets from above.
016F 8BF0 MOV SI,AX ; Offset of message -> Source Index Reg.
0171 AC LODSB ; Load one character into AL from [SI].
0172 3C00 CMP AL,00 ;/ Have we reached end of message
0174 7409 JZ 017F ;\ marker?(00) If so, then RETurn.
0176 B40E MOV AH,0E ;/ Otherwise use Teletype Output to ...
0178 BB0700 MOV BX,0007 ;| (Display page 0, normal white
;| on black characters.)
017B CD10 INT 10 ;| ... display one character at a time,
017D EBF2 JMP 0171 ;\ and go back for another character...
017F C3 RET
________________________________________
Location of Error Messages and Message Offsets in Memory
0 1 2 3 4 5 6 7 8 9 A B C D E F
0180 0D 0A 41 20 64 69 73 6B 20 72 65 61 64 20 65 72 ..A disk read er
0190 72 6F 72 20 6F 63 63 75 72 72 65 64 00 0D 0A 42 ror occurred...B
01A0 4F 4F 54 4D 47 52 20 69 73 20 6D 69 73 73 69 6E OOTMGR is missin
01B0 67 00 0D 0A 42 4F 4F 54 4D 47 52 20 69 73 20 63 g...BOOTMGR is c
01C0 6F 6D 70 72 65 73 73 65 64 00 0D 0A 50 72 65 73 ompressed...Pres
01D0 73 20 43 74 72 6C 2B 41 6C 74 2B 44 65 6C 20 74 s Ctrl+Alt+Del t
01E0 6F 20 72 65 73 74 61 72 74 0D 0A 00 00 00 00 00 o restart.......
01F0 00 00 00 00 00 00 00 00 80 9D B2 CA 00 00 55 AA ..............U.
0 1 2 3 4 5 6 7 8 9 A B C D E F
덧글
http://v9withoutprescription.com/ , , http://c9withoutprescription.com/ , , http://v9onlinepharm.com/ , , http://c9onlinepharm.com/ , ,
http://c4generic.com/ , , http://sildenafil4v.com/ , , http://ci4order.com/ , , http://via4saleonline.com/ , , http://cia3india.com/ , ,
http://pills6conline.com/ , , http://buy6vonline.com/ , , http://c5sale.com/ , , http://buy5vonline.com/ , , http://purchase4c.com/ , ,
http://buy8vonline.com/ , , http://canadian7cc.com/ , , http://c6discountonline.com/ , , http://v6onlinepharmacy.com/ , , http://price6conline.com/ , ,
http://buy8vonline.com/ , , http://canadian7cc.com/ , , http://c6discountonline.com/ , , http://v6onlinepharmacy.com/ , , http://price6conline.com/ , ,
http://c9withoutprescription.com/ , , http://c9onlinepharm.com/ , , http://order6online.com/ , , http://v6sale.com/ , , http://c6sideffects.com/ , ,
http://pills6via.com/ , , http://pills6conline.com/ , , http://cheap5v.com/ , , http://c5sale.com/ , , http://buy5vonline.com/ , ,
http://sale10via.com/ , , http://v9onlinepharm.com/ , , http://canada9c.com/ , , http://buy8conline.com/ , , http://buy8vonline.com/ , ,
http://pills7v.com/ , , http://c4generic.com/ , , http://ci4order.com/ , , http://via4saleonline.com/ , , http://purchase3via.com/ , ,
http://cheaptabs12.com/ , , http://buy3cia.com/ , , http://cia3india.com/ , , http://cheaptabs12.com/ , , http://cheaptabs12.com/ , ,
http://sale9c.com/ , , http://buy8vonline.com/ , , http://buy8conline.com/ , , http://c8sale.com/ , , http://buy7conline.com/ , ,
http://indian7gc.com/ , , http://sfv7online.com/ , , http://price6conline.com/ , , http://order6online.com/ , , http://order6conline.com/ , ,
http://noscript10c.com/ , , http://indian10cia.com/ , , http://discount10onlinec.com/ , , http://fastdelivery10v.com/ , , http://c9onlinepharm.com/ , ,
http://www.order12via.com/ , , http://order12cia.com/ , , http://price12v.com/ , , http://price12c.com/ , ,
http://discount11v.com/ , , http://v11fastdelivery.com/ , , http://noscript10c.com/ , , http://purchasec10online.com/ , , http://fastdelivery10v.com/ , ,
http://www.v12noscript.com/ , , http://c12noscript.com/ , , http://onlinepharmacy12via.com/ , , http://onlinepharmacy12cia.com/ , ,
http://sale9v.com/ , , http://sale9c.com/ , , http://canada5cheapv.com/ , , http://via4saleonline.com/ , ,
http://sale9v.com/ , , http://sale9c.com/ , , http://canada5cheapv.com/ , , http://via4saleonline.com/ , ,
http://v4sale12.com/ , , http://c4sale12.com/ , , http://noscript12v.com/ , , http://noscript12c.com/ , ,
http://v9withoutprescription.com/ , , http://c9onlinepharm.com/ , , http://c7superactive.com/ , , http://c7discount.com/ , , http://purchase7v.com/ , ,
http://indian1vonline.com/ , , http://indian1conline.com/ , , http://www.via1buyonline.com/ , , http://cia1buyonline.com/ , ,
http://v1noprescription.com/ , , http://c1noprescription.com/ , , , , http://genericvv1online.com/ , ,
http://sale1genericv.com/ , , http://sildenafil-c12.com/ , , http://tadalafil-c12.com/ , , http://canadian12v.com/ , , http://onlinepharmacy12cia.com/ , ,
http://purchase12c.com/ , , http://via11india.com/ , , http://discount11cia.com/ , , http://c11professional.com/ , , http://discount11v.com/ , ,
http://v11fastdelivery.com/ , , http://purchasec10online.com/ , , http://fastdelivery10v.com/ , , http://v9withoutprescription.com/ , ,
http://via1sideffects.com/ , , http://cia1sideffects.com/ , , http://v1forsale.com/ , , http://c1forsale.com/ , ,
http://c4generic.com/ , , http://purchase4v.com/ , , http://sale5viagonline.com/ , , http://cia5purchase.com/ , ,
http://ww.reliablepillstore.com/ , , http://c1onlinecheap.com/ , , http://v1onlinepharm.com/ , , http://c1onlinepharm.com/ , ,
http://via1buycheap.com/ , , http://c1buyonline.com/ , , http://pills1via.com/ , , http://pills1cia.com/ , ,
http://via1buycheap.com/ , , http://c1buyonline.com/ , , http://pills1via.com/ , , http://pills1cia.com/ , ,
http://pur2via.com/ , , http://pur2cia.com/ , ,
http://fast2via.com/ , , http://fast2cia.com/cialis , , http://clia2online.com/ , ,
http://www.irov2online.com/ , , http://compmedonline.com/ , ,
http://via2online.com/ , , http://cia2online.com/ , , http://www.orderv2o.com/ , , http://orderc2o.com/ , ,
http://clia2online.com/ , , http://remote2medical.com/ , ,
http://v2withoutprescription.com/ , , http://c2withoutprescription.com/ , , http://onlinevia2.com/ , , http://onlinecia2.com/ , ,
http://v2effects.com/ , , http://c2effects.com/ , , http://v2forsale.com/ , , http://c2forsale.com/ , ,
http://v2cheaponline.com/ , , http://c2cheaponline.com/ , , http://via2india.com/ , , http://cia2india.com/ , ,
http://via1buycheap.com/ , , http://pills1cia.com/ , , http://cheap1v.com/ , , http://via1sideffects.com/ , , http://cia1sideffects.com/ , ,
http://indian1vonline.com/ , , http://purchase1c.com/ , , http://v1fastdelivery.com/ , , http://v4sale12.com/ , , http://onlinepharmacy12cia.com/ , ,
http://via1buycheap.com/ , , http://v1buyonline.com/ , , http://sale1genericv.com/ , , http://www.order12via.com/ , , http://fastdelivery10v.com/ , ,
http://via1buycheap.com/ , , http://v1buyonline.com/ , , http://sale1genericv.com/ , , http://www.order12via.com/ , , http://fastdelivery10v.com/ , ,
http://v2puronline.com/ , , http://c2puronline.com/purchase , , , , hhttp://fastdelivery2vv.com/ , ,
http://discount11cia.com/ , , http://purchase11online.com/ , , http://v11fastdelivery.com/ , , http://10ciaonline.com/ , , http://order8v.com/ , ,
http://c1forsale.com/ , , http://v1buyonline.com/ , , http://sideffects1c.com/ , , http://www.sideffects1v.com/ , , http://indian1vonline.com/ , ,
http://via3professional.com/ , , http://cia3superactive.com/ , , http://v33canada.com/ , , http://c33canada.com/ , ,
http://cia3sapmles.com/ , , http://via3cosr.com/ , , http://cia3cost.com/ , , http://via3sapmles.com/ , ,
http://via3sapmles.com/ , , http://cia3sapmles.com/ , , http://via3cosr.com/ , , http://cia3cost.com/ , ,
http://indian10via.com/ , , http://10ciaonline.com/ , , http://v1onlinepharm.com/ , , http://sale1genericv.com/ , , http://purchase1c.com/ , ,
http://order3onlinec.com/ , , http://order3onlinev.com/ , ,
http://withoutprescriptinv3ind.com/ , , http://withoutprescriptinc3ind.com/ , , http://online3via.com/ , , http://online3cia.com/ , ,
http://c9indian.com/ , , http://v2indian.com/ , , http://onlinecia2.com/ , , http://sideffects1c.com/ , , http://c12superactive.com/ , ,
http://via2pills.com/ , , http://v2cheaponline.com/ , , http://onlinevia2.com/ , , http://via3pills.com/ , , http://buyvia2.com/ , ,
http://www.cheap1c.com/ , , http://c4sale12.com/ , , http://noscript12c.com/ , , http://indian10via.com/ , , http://www.orderv2o.com/ , ,
http://generic1vsale.com/ , , http://sale1genericv.com/ , , http://cia2online.com/ , , http://clia2online.com/ , , http://www.sideffects1v.com/ , ,
http://ciasuperactive4.us/ , , http://quickpayday44.us/ , , http://viadiscount4.life/ , , http://discountcia4.store/ , , http://viaprofessional.us/ , ,
http://viaprofessional.us/ , , http://ciasuperactive4.us/ , , http://quickpayday44.us/ , , http://viadiscount4.life/ , , http://discountcia4.store/ , ,
http://cialischeapgeneric.com/ , ,
<a href=http://breastenlargementpillstzv.info/> breast enlargement pills top 10</a>
<a href=http://breastenlargementpillstzv.info/> breast enlargement supplements uk</a>
breast enlargement products uk
http://soloadvance.com/ , ,
http://www.cialisonline100.com/ , ,
http://soloadvance.com/ , , http://paydayfastnowz.com/ , , http://fastloansolo.com/ , , http://nofaxpaydaynpz.com/ , ,
http://genericialisak.com/ , , http://cialisjqp.com/ , , http://cialistas.com/ , , http://cialisactivefd.com/ , , http://cialisjha.com/ , ,
http://cialisubz.com/ , , http://cialisjqp.com/ , , http://cialisqpa.com/ , , http://cialisuperfd.com/ , , http://cialistas.com/ , ,
http://cialisrxss.com/ , , http://cialisubz.com/ , , http://cialisbva.com/ , , http://cialisuyb.com/ , , http://loansoloie.com/ , ,