Results 1 to 5 of 5

Thread: Disassembling x86 16-bit ROM file with IDA.

  1. #1

    Disassembling x86 16-bit ROM file with IDA.

    Guys, I have a ROM file from an older device that used an NEC V40 chip, that I'm trying to disassemble. It's a ROM file, so it has no header, and I've been beating my head against the wall trying to get the segments to work correctly.

    Can anyone tell me how to make IDA behave with respect to the segments?

    The ROM starts at C000:0000. So, that plays a part as well. Has anyone done this before?

    FF

  2. #2
    Teach, Not Flame Kayaker's Avatar
    Join Date
    Oct 2000
    Posts
    4,157
    Blog Entries
    5
    Not something I'm very familiar with, but aren't you supposed to define the segment and offset in the initial loading dialog?

    http://www.woodmann.com/forum/showthread.php?12712-Trying-to-ID-the-packing-in-a-BIOS-file&p=80876#post80876

    IDA seems to default the segment name visually to "seg000" in any case, but you can change the name manually later, or alternatively with a script as Pinczakko seems to do:

    https://sites.google.com/site/pinczakko/pinczakko-s-guide-to-award-bios-reverse-engineering#IDA_Pro_Intro

  3. #3
    Registered User
    Join Date
    Jul 2007
    Posts
    61
    Blog Entries
    1
    i once disassemble NEC V25 rom. sure enough, i don't have problem with segments. you can create, delete, etc with segments. there's submenu about segment.

  4. #4
    My issue is that IDA loads the whole ROM as 1 segment. seg000:0-40000.

    If anyone knows how to break it up into the correct segments, PLEASE post that info. I'd like to be able to click on a FAR call, and have it go there, and more importantly, I'd like to know the references to the strings in the ROM. Using them, I can find my patch location in short order.

    Thanks Guys (and gals, just in case).

  5. #5
    Teach, Not Flame Kayaker's Avatar
    Join Date
    Oct 2000
    Posts
    4,157
    Blog Entries
    5
    Is this of any use? Perhaps you've seen them already.

    A MASM commented source code of an 8088/NEC V20 BIOS.

    http://www.intel-assembler.it/portale/5/8088-bios-source-code-masm/8088-bios-source-code-masm.asp
    http://www.intel-assembler.it/PORTALE/4/bios.zip

    I also found these, related to the NEC V40

    http://www.seasip.info/VintagePC/prodestpc1.html
    http://www.winsystems.com/manuals/SAT-V41.PDF

Similar Threads

  1. The Future of Disassembling - Cloud OS
    By Bengaly in forum Blogs Forum
    Replies: 0
    Last Post: May 23rd, 2010, 12:08
  2. Disassembling a kernel function
    By 1bitshort in forum OllyDbg Support Forums
    Replies: 3
    Last Post: November 7th, 2005, 12:22
  3. Disassembling a .DLL
    By SideSwipe in forum Malware Analysis and Unpacking Forum
    Replies: 8
    Last Post: June 20th, 2002, 19:49
  4. Disassembling Morpheus...
    By AllYourBase in forum Malware Analysis and Unpacking Forum
    Replies: 8
    Last Post: January 24th, 2002, 14:15
  5. Disassembling GEOS files!
    By n03l in forum Tools of Our Trade (TOT) Messageboard
    Replies: 0
    Last Post: February 3rd, 2001, 03:53

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •