Results 1 to 13 of 13

Thread: Breakpoint problems

  1. #1
    matt
    Guest

    Breakpoint problems

    I am having a problem with Softice where the breakpoints aren't working! This is the NT version of softice btw.. I have had this problem for a while, so I got the example program that comes with Masm32, called MessageBox .. set a breakpoint on MessageBoxA, which I for sure know that it calls... and run the program - however softice does nothing! I didn't get a symbol not defined error.. so what could be wrong?

    I was running halflife though and i set a breakpoint on WM_LBUTTONDOWN and it worked fine, so at least it works a little bit..

    Perhaps breakpoints are process specific??

    Thanks, in advance. Matt.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    qferret
    Guest
    [quote]matt (08-24-2001 21:00):
    so I got the example program that comes with Masm32, called MessageBox .. set a breakpoint on MessageBoxA, which I for sure know that it calls... quote]

    For SURE? ....I didn't check, but r u sure it doesn't just call MessageBox and not MessageBoxA? (1 is 16 bit....the one with the "a" at the end is 32 bit)
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  3. #3
    matt
    Guest
    Well, I checked the source code, and it called MessageBox.. however, when I ran it using softsnoop, softsnoop said that it called messageboxa.. And when I try and set a breakpoint for messagebox in softice it says symbol not defined.

    I dont think windows2000 would export a 16bit function.

    But if i still need to set a breakpoint for MessageBox, how do I 'define the symbol'?
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #4
    matt
    Guest
    Ok i dissassembled it and it IS calling MessageBoxA, and after I read the #c4n faq i learnt that I might need to set something up for the breakpoints to work.. so i am going to set a breakpoint for program entry - use 'addr msgbox' (the name of the program), then set bpx messageboxa.. that might work
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #5
    matt
    Guest
    but it didn't.. anybody have any ideas?

    maybe a reinstall of ice
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #6
    matt
    Guest
    but it didn't.. anybody have any ideas?

    maybe a reinstall of ice
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7
    frustrated
    Guest
    Just out of curiosity, did you see any messagebox produced by the program you want to run in softice? When you say the breakpoint doesn't work, has there been at any point of time when you set the breakpoint, the breakpoint doesn't break and you see a real messagebox?
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  8. #8
    matt
    Guest
    I've been testing Softice on two programs. So far the breakpoints havent worked. I dissassembled both and found out that they both called MessageBoxA, - one ONLY called it, it was an example win32 programming project, and the other called it when you entered an invalid registration.

    The breakpoint is always set, and I always see the messagebox, and softice doesnt catch it.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  9. #9
    matt
    Guest
    Curiously the symbol loader doesnt load the symbols, and doesnt break at winmain like it should.

    I could be something to do with my system configuration. But I don't know what.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  10. #10
    frustrated
    Guest
    in this case, try this.
    after you disassemble one of that program you want, and you know where the messagebox is at, set a breakpoint near it. Don't set it on a API. Just one of the addresses close to the messagebox. To do that however, you might have to gain entry into the program's thread 1st. That is up to you to figure.

    Then trace to the messagebox and see what is shown in softice and trace into that call and see what causes the messagebox. Is it user32.dll like other gates' OS or some other weird dlls? I don't use win2k so that's all I can think of to help.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  11. #11
    matt
    Guest
    maybe the fact that typing 'sym' in softice returns 'No symbol table' means something?
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  12. #12
    isotope
    Guest
    You are not alone!

    I've been working with SIce for years, but recently switched to Win2K SP2. SIce sorta works for me too. Especially in the message box area. I can't get it to do anything. A second problem here is that the API names appear to be different than any other version of windows. I downloaded the 180MB symbol tables from M$ and installed, but SIce can't seem to translate the information without producing an error every other line in the file.

    I'm assuming that others have over come this problem or just went back to Win98. Me? I guess I'll just have to start waiting for someone else to fix the programs. It was just a hobby anyway.

    Good luck.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  13. #13
    matthew
    Guest
    Well I got the symbols to load properly, except for user32 and shell32 (yes they are main ones!). But it didnt matter because nothing worked anyways - and they should have worked because of the exports loading (?).. oh well.

    I'm burning a cd that will have win98SE. masm32, tasm5, virus zines, windows ebooks, sandman and orc cracking tutorials, directx and some other driver updates, plus some apps like winrar etc.

    Win98 is only taking up 400 megabytes for some reason so I can still cram a lot of stuff onto that 700 meg cd-rom.

    After the cd is set up it should only take 1 hour to have the computer fully setup.

    I'll miss things about windows 2000 though ;( I could disable and install networking protocols without rebooting.. lots of little enhancments .. but compatibility was a big issue. Win98 will be ok.

    BTW the main problem with win2k would be the build of your version. mine was unsupported mostly which sucks ;(
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Similar Threads

  1. Breakpoint
    By TrainingDay in forum The Newbie Forum
    Replies: 12
    Last Post: March 13th, 2005, 01:59
  2. Breakpoint on file
    By Anonymous in forum OllyDbg Support Forums
    Replies: 8
    Last Post: July 15th, 2003, 22:26
  3. Breakpoint issue
    By helloword in forum OllyDbg Support Forums
    Replies: 1
    Last Post: February 7th, 2003, 07:55
  4. Conditional Breakpoint
    By Anonymous in forum OllyDbg Support Forums
    Replies: 5
    Last Post: January 27th, 2003, 11:06
  5. Breakpoint problem
    By delit in forum Malware Analysis and Unpacking Forum
    Replies: 4
    Last Post: November 13th, 2000, 11:14

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •