PDA

View Full Version : Disassembling x86 16-bit ROM file with IDA.


FrankRizzo
December 25th, 2012, 18:43
Guys, I have a ROM file from an older device that used an NEC V40 chip, that I'm trying to disassemble. It's a ROM file, so it has no header, and I've been beating my head against the wall trying to get the segments to work correctly.

Can anyone tell me how to make IDA behave with respect to the segments?

The ROM starts at C000:0000. So, that plays a part as well. Has anyone done this before?

FF

Kayaker
December 25th, 2012, 20:50
Not something I'm very familiar with, but aren't you supposed to define the segment and offset in the initial loading dialog?

http://www.woodmann.com/forum/showthread.php?12712-Trying-to-ID-the-packing-in-a-BIOS-file&p=80876#post80876

IDA seems to default the segment name visually to "seg000" in any case, but you can change the name manually later, or alternatively with a script as Pinczakko seems to do:

https://sites.google.com/site/pinczakko/pinczakko-s-guide-to-award-bios-reverse-engineering#IDA_Pro_Intro

dion
December 26th, 2012, 07:24
i once disassemble NEC V25 rom. sure enough, i don't have problem with segments. you can create, delete, etc with segments. there's submenu about segment.

FrankRizzo
December 27th, 2012, 00:02
My issue is that IDA loads the whole ROM as 1 segment. seg000:0-40000.

If anyone knows how to break it up into the correct segments, PLEASE post that info. I'd like to be able to click on a FAR call, and have it go there, and more importantly, I'd like to know the references to the strings in the ROM. Using them, I can find my patch location in short order.

Thanks Guys (and gals, just in case).

Kayaker
December 27th, 2012, 22:20
Is this of any use? Perhaps you've seen them already.

A MASM commented source code of an 8088/NEC V20 BIOS.

http://www.intel-assembler.it/portale/5/8088-bios-source-code-masm/8088-bios-source-code-masm.asp
http://www.intel-assembler.it/PORTALE/4/bios.zip

I also found these, related to the NEC V40

http://www.seasip.info/VintagePC/prodestpc1.html
http://www.winsystems.com/manuals/SAT-V41.PDF