📄 2.txt
字号:
#0004 Base=0009CEF0 Limit=000000FF Flags=92 USE32 Byte granularity
#000C Base=00CA0000 Limit=00000031 Flags=9B USE32 Page granularity
#0014 Base=00CA0000 Limit=00000031 Flags=93 USE32 Page granularity
#001C Base=000B8000 Limit=0000FFFF Flags=92 USE32 Byte granularity
#0024 Base=0009CEF0 Limit=000000FF Flags=92 USE32 Byte granularity
#002C Base=0009CE90 Limit=0000004D Flags=92 USE32 Byte granularity
#0034 Base=00000000 Limit=00000144 Flags=93 USE32 Page granularity
#003C Base=00000000 Limit=00000000 Flags=92 USE32 Byte granularity
#0044 Base=000B8000 Limit=0000FFFF Flags=92 USE32 Byte granularity
#004C Base=00000000 Limit=00000000 Flags=92 USE32 Byte granularity
#0054 Segment not present.
#005C Segment not present.
#0064 Segment not present.
#006C Segment not present.
#0074 Segment not present.
#007C Segment not present.
--------------------------------------------------------------------------
【 IDT 介绍 】
在以往中断向量表都是用 4 byte 来表示 ,但是在保护模式下则由 8 byte 表
示 ,至於那几个 byte 表示什麽 ,笔者还未搞懂 ,底下只弄懂几个。
C:\>386debug 386debug.exp (改过的.exp档)
000C:00027434 660F010F SIDT [EDI]
-D EDI
0014:00000000 FF 07 6C F5 01 00 .. ..-.. .. .. .. .. .. .. ..
^^^^^^^^^^^线性记忆体位址
^^^^^长+1
因为该线性记忆体已对映到 50:0
#0050 Base=0001F56C Limit=000007FF Flags=92 USE32 Byte granularity
所以:
0050:00000000 00 34 08 00 00 EE 00 00-0A 34 08 00 00 EE 00 00 .4...n...4...n..
0050:00000010 14 34 08 00 00 EE 00 00-1E 34 08 00 00 EE 00 00 .4...n...4...n..
0050:00000020 28 34 08 00 00 EE 00 00-32 34 08 00 00 EE 00 00 (4...n..24...n..
0050:00000030 3C 34 08 00 00 EE 00 00-6C 16 C8 0F 00 8E 00 00 <4...n..F4...n..
0050:00000040 50 34 08 00 00 EE 00 00-5A 34 08 00 00 EE 00 00 P4...n..Z4...n..
0050:00000050 64 34 08 00 00 EE 00 00-6E 34 08 00 00 EE 00 00 d4...n..n4...n..
0050:00000060 78 34 08 00 00 EE 00 00-82 34 08 00 00 EE 00 00 x4...n...4...n..
0050:00000070 8C 34 08 00 00 EE 00 00-96 34 08 00 00 EE 00 00 .4...n...4...n..
-DI 0
#0000 Selector=0008 Offset=00003400 Flags=EE ;int_0
#0001 Selector=0008 Offset=0000340A Flags=EE ;int_1
#0002 Selector=0008 Offset=00003414 Flags=EE ;int_2
#0003 Selector=0008 Offset=0000341E Flags=EE ;int_3
#0004 Selector=0008 Offset=00003428 Flags=EE
#0005 Selector=0008 Offset=00003432 Flags=EE
#0006 Selector=0008 Offset=0000343C Flags=EE
#0007 Selector=0FC8 Offset=0000166C Flags=8E ;此处为Q387使用
#0008 Selector=0008 Offset=00003450 Flags=EE
#0009 Selector=0008 Offset=0000345A Flags=EE
#000A Selector=0008 Offset=00003464 Flags=EE
#000B Selector=0008 Offset=0000346E Flags=EE
#000C Selector=0008 Offset=00003478 Flags=EE
#000D Selector=0008 Offset=00003482 Flags=EE
#000E Selector=0008 Offset=0000348C Flags=EE
#000F Selector=0008 Offset=00003496 Flags=EE
请仔细看一看这个表的对应情形 ,笔者故意载入Q387 以便让 INT_7 的 Selector 与
众不同 ,让您更易判断中断表对应关系。
--------------------------------------------------------------------------
实例解说∶
底下是读取 SoftICE INT_0 的程式码范例∶
Load IDT
LDT = FF 07 12 C0 80 00 所以观看 0080C012 的记忆体
0080C012 47 2C 18 00 00 EE 00 00-4C 2C 18 00 00 EE 00 00 G,...⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -