Results 1 to 12 of 12

Thread: [RESOLVED] NASM - Trying to write a TSR->

Threaded View

  1. #1

    Thread Starter
    Frenzied Member
    Join Date
    Feb 2003
    Posts
    1,945

    Resolved [RESOLVED] NASM - Trying to write a TSR->

    I decided to write a TSR for MS-DOS (specifically DOSBox) Why? Because I am curious as to what all that software writes to memory. DOSBox has a debugger version but I don't like it. Anyway:

    Code:
    ; Memory Dumper TSR v1.00 - by: Peter Swinkels, ***2021***
    ; This terminate and stay resident program dumps all conventional memory to a file upon request.
    ORG 0x100
    
    Main:
    MOV AH, 0x35          ; Retrieves the keyboard interrupt vector.
    MOV AL, 0x16          ;
    INT 0x21              ;
    
    MOV AX, ES            ; Redirects the retrieved keyboard interrupt vector.
    MOV DS, AX            ;
    MOV DX, BX            ;
    MOV AH, 0x25          ;
    MOV AL, 0xFF          ;
    INT 0x21              ;
    
    MOV AX, CS            ; Sets the original keyboard vector to this program's memory dump function.
    MOV DS, AX            ;
    MOV DX, MemoryDumper  ;
    MOV AH, 0x25          ;
    MOV AL, 0x16          ;
    INT 0x21              ;
    
    MOV AH, 0x31          ; Terminates and stays resident.
    INT 0x21              ;
    
    
    
    MemoryDumper:
    PUSHA                 ; Saves all registers.
    
    MOV AH, 0x01          ; Skips the memory dump unless the F12 key has been pressed.
    INT 0xFF              ;
    CMP AX, 0x0086        ;
    JNE Done              ;
    
    MOV AX, CS
    SUB AX, 0x0100
    MOV DS, AX
    
    MOV AH, 0x3C          ; Creates the output file.
    MOV CX, 0x00          ;
    MOV DX, OutputFile    ;
    INT 0x21              ;
    JC Done               ;
    
    MOV AH, 0x3D          ; Opens the output file for writing.
    MOV AL, 0x01          ;
    MOV DX, OutputFile    ;
    INT 0x21              ;
    JC Done               ;
    
    MOV BX, AX            ; Retrieves the filehandle.
    
    MOV AX, DS            ; Saves the current data segment.
    MOV ES, AX            ;
    
    MOV WORD [MemorySegment], 0x0000    ; Sets the first memory block.
    
    Dump:
       ES                          ; Sets the memory block to be written to the output file.
       MOV AX, [MemorySegment]     ;
       MOV DS, AX                  ;
    
       MOV AH, 0x40                ; Writes the memory block to the output file.
       MOV CX, 0xFFFF              ;
       MOV DX, 0x0000              ;
       INT 0x21                    ;
       JC Done                     ;
    
       ES                          ; Checks whether the last memory block has been reached.
       MOV AX, [MemorySegment]     ;
       CMP AX, 0xF000              ;
       JAE DumpFinished            ;
    
       ADD AX, 0x1000              ; Moves to the next memory block.
       ES                          ;
       MOV [MemorySegment], AX     ;
    JMP Dump
    
    DumpFinished:
    MOV AH, 0x3E          ; Closes the output file.
    INT 21h               ;
    JC Done               ;
    
    Done:
    POPA                  ; Restores all registers.
    INT 0xFF              ; Calls the redirected keyboard interrupt.
    IRET                  ; Returns.
    
    OutputFile DB "MemDump.dat", 0x00
    MemorySegment DW 0x0000
    It appears to set up the hook fine and I know the part that writes the memory to a file should work because I tested it separately. Does anyone see any obvious flaw? It could be any small thing I overlooked. No file is ever created.

    EDIT:
    I am using the Netwide Assembler (NASM)
    Last edited by Peter Swinkels; Jun 14th, 2021 at 02:06 PM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width