📄 ntldr分析.mht
字号:
=D4=DAsu.asm=D6=D0=A3=AC=C4=E3=BB=E1=BF=B4=B5=BD=A3=AC=D4=DA=BF=AA=CA=BC=B5=
=C4=B2=BF=B7=D6=A3=A8=B5=B1=C8=BB=B2=A2=B2=BB=B0=FC=C0=A8=B5=DA=D2=BB=CC=F5=
=D6=B8=C1=EE=A3=A9=B2=A2=C3=BB=D3=D0=D6=B1=BD=D3=D6=B4=D0=D0ntldr=B5=C4=B3=
=F5=CA=BC=BB=AF=B2=BF=B7=D6=A3=AC=C8=E7=B9=FB=C4=E3=B5=C4=CE=C4=BC=FE=B7=D6=
=C7=F8=B8=F1=CA=BDfat12=BB=F2=D5=DF=CA=C7fat16=B5=C4=BB=B0=A3=AC=C4=C7=C3=
=B4=CF=B5=CD=B3=D2=FD=B5=BC=BC=C7=C2=BC=A3=A8OBR=A3=A9=D4=DA=CF=F2startup=
.com=D7=AA=BD=BB=BF=D8=D6=C6=C8=A8=CA=B1=BB=E1=CC=F8=B9=FDstartup.com=D6=D0=
=B5=C4=B5=DA=D2=BB=CC=F5=D6=B8=C1=EE=A3=A8jmp=20
=
RealStart=A3=A9=A3=AC=CA=D7=CF=C8=B6=C1=C8=A1ntldr=C6=E4=CB=FB=B2=BF=B7=D6=
=B5=C4=B4=FA=C2=EB=B5=BD=C4=DA=B4=E6=A3=AC=C8=BB=BA=F3=D4=D9=D6=B4=D0=D0R=
ealStart=B2=BF=B7=D6=A3=AC=C8=E7=B9=FB=CE=C4=BC=FE=B7=D6=C7=F8=B8=F1=CA=BD=
=CA=C7fat32=D3=D6=BB=F2=D5=DF=CA=C7=C6=E4=CB=FB=B5=C4=CE=C4=BC=FE=B7=D6=C7=
=F8=B8=F1=CA=BD=A3=AC=D4=F2=C3=BB=D3=D0=D5=E2=D2=BB=B2=BD=A1=A3=D6=C1=D3=DA=
=C6=E4=CB=FB=B5=C4=CE=C4=BC=FE=CF=B5=CD=B3=B8=F1=CA=BD=CE=D2=B2=BB=D4=DA=D5=
=E2=C0=EF=C9=E6=BC=B0=A1=A3<SPAN=20
style=3D"DISPLAY: none"> M=13=06=0E=3Dtf=1E~ =
</SPAN> <BR><SPAN=20
style=3D"DISPLAY: none">@a=19=11-%i=1BK </SPAN> <BR>jmp =
RealStart =20
=
;=CE=D2=C3=C7=C0=B4=BF=B4=BF=B4=D5=E6=D5=FD=B5=C4ntldr=B4=FA=C2=EB=B5=C4=B3=
=F5=CA=BC=BB=AF=B2=BF=B7=D6<SPAN style=3D"DISPLAY: none"> =
7=0EzK=06=01Q%xU=20
=
</SPAN> <BR>RealStart=B2=BF=B7=D6=B5=C4=B4=FA=C2=EB=CF=E0=B5=B1=B5=C4=
=BC=F2=B6=CC=A3=AC=D5=E2=C0=EF=CA=C7=D7=EE=BB=F9=B4=A1=B5=C4=B3=F5=CA=BC=BB=
=AF=B9=A4=D7=F7=A3=AC=B0=FC=C0=A8=C9=E8=D6=C3=B8=F7=B8=F6=B6=CE=BC=C4=B4=E6=
=C6=F7=A3=AC=C9=E8=D6=C3=B6=D1=D5=BB=B5=C8=B5=C8=A3=AC=B5=B1=C8=BB=C1=CB=A3=
=AC=CB=FB=BB=B9=D3=D0=D2=BB=B8=F6=D6=D8=D2=AA=B5=C4=D6=B0=D4=F0=A3=BA=CF=F2=
SuMain=B4=AB=C8=EB=B2=CE=CA=FD=A1=A3<SPAN=20
style=3D"DISPLAY: none"> 0z{a?=1B=18i=1D5 </SPAN> <BR> =
=20
=
=B4=FA=C2=EB=B6=CE=B5=C4=C6=F0=CA=BC=CE=BB=D6=C3=B5=B1=C8=BB=CA=C72000:00=
00=A3=AC=C6=E4=CB=FB=B5=C4=B6=CE=BC=C4=B4=E6=C6=F7=CA=C7=D4=DA=D5=E2=C0=EF=
=B6=AF=CC=AC=B5=C4=BC=C6=CB=E3=B5=C3=C0=B4=B5=C4<SPAN style=3D"DISPLAY: =
none"> =10F x"=20
_'=08 </SPAN> <BR> mov bx,offset =
_TEXT:DGROUP=20
;bochs:mov bx,0x2ac0<SPAN style=3D"DISPLAY: none"> tTL;*h)S2=1F=20
</SPAN> <BR> shr bx,4 =
=20
; must be para aligned<SPAN style=3D"DISPLAY: =
none">=20
Ai=18n?=12=06i=13T </SPAN> <BR><SPAN style=3D"DISPLAY: =
none">&"@}I=17Ob_L=20
</SPAN> <BR> mov ax,cs =
=20
; get base of code<SPAN style=3D"DISPLAY: =
none">=20
>oS-`=05r=15,u </SPAN> <BR> add ax,bx =
=20
; add paragraph offset to =
data<SPAN=20
style=3D"DISPLAY: none"> &{oK(=031=06k=0F =
</SPAN> <BR><SPAN=20
style=3D"DISPLAY: none">Q=19/=04P=07`=1AT </SPAN> <BR> =
mov =20
ss,ax ; =
ints=20
disabled for next instruct<SPAN style=3D"DISPLAY: none"> =18;}r =
1?'^=20
</SPAN> <BR> mov sp,offset =
DGROUP:SuStack=20
; bochs:mov sp,0x1528<SPAN style=3D"DISPLAY: none"> k< =
-M=04oN=0FC=20
</SPAN> <BR><SPAN style=3D"DISPLAY: none">BNrevr=13=1El@=20
</SPAN> <BR> xor dh,dh<SPAN=20
style=3D"DISPLAY: none"> Ij=11=1AnAjJ5=1E </SPAN> <BR> =
push=20
dx <SPAN=20
style=3D"DISPLAY: none">g[=05x=1A,Ez3; </SPAN> <BR> =
push=20
ds <SPAN=20
style=3D"DISPLAY: none">I=18=18=1EIk-FM& =
</SPAN> <BR> push=20
si =
<SPAN=20
style=3D"DISPLAY: none">l?,=06;jSV:C </SPAN> <BR> =
push=20
es <SPAN=20
style=3D"DISPLAY: none">{6g;fIhgi </SPAN> <BR> =
push =20
di <SPAN style=3D"DISPLAY: =
none">|TY=0E+=12c}~%=20
</SPAN> <BR>;<SPAN style=3D"DISPLAY: none"> =01kk3m=036q[=20
</SPAN> <BR>; Make DS point to the paragraph address of =
DGROUP<SPAN=20
style=3D"DISPLAY: none"> 87gF=19l=03,=0E: </SPAN> <BR>;<SPAN=20
style=3D"DISPLAY: none"> =0E=1D=19 1Ro=16w\ =
</SPAN> <BR> mov=20
ds,ax<SPAN style=3D"DISPLAY: none"> =
=1Avh<=17E=13=1F=19=19=20
</SPAN> <BR><SPAN style=3D"DISPLAY: none">P AARuKW[=1F=20
</SPAN> <BR> movzx edx,ax<SPAN=20
style=3D"DISPLAY: none"> *5dr@f'=0F4L </SPAN> <BR> =
shl=20
edx,4<SPAN style=3D"DISPLAY: none"> #hL=08=19q=10ws, =
</SPAN> <BR> add edx,offset =
DGROUP:_edata=20
;bochs:add edx,0x1dd0<SPAN style=3D"DISPLAY: none"> /*. =
=1E; u=19=20
</SPAN> <BR> mov dword ptr =
_FileStart,edx=20
;bochs:mov [0xcbe],edx<SPAN style=3D"DISPLAY: none"> =
9[-jlY:q(2=20
</SPAN> <BR> xor bp,bp<SPAN=20
style=3D"DISPLAY: none"> >D =04Hay5xc </SPAN> <BR> =
movzx=20
ebp,bp<SPAN style=3D"DISPLAY: none"> w=16ZP^:'^ ^=20
</SPAN> <BR> movzx esp,sp<SPAN=20
style=3D"DISPLAY: none"> 0`dG4=1F8x=14t </SPAN> <BR> =
mov=20
[saveDS],ds ;bochs:mov word=20
ptr[0x15bc],ds<SPAN style=3D"DISPLAY: none"> =15CRL=01J_Zr#=20
</SPAN> <BR>call _SuMain =20
=
;=B5=F7=D3=C3SuMain=A3=AC=BD=F8=D0=D0=BD=FC=D2=BB=B2=BD=B5=C4=B3=F5=CA=BC=
=BB=AF=B9=A4=D7=F7<SPAN style=3D"DISPLAY: none"> C>=18=12=06b=06LXQ=20
=
</SPAN> <BR>=D6=D5=D3=DA=BF=B4=B5=BDC=B4=FA=C2=EB=C1=CB=A1=A3<SPAN =
style=3D"DISPLAY: none"> =14=1A=1Aj=19=11Q=0F<V=20
</SPAN> <BR><SPAN style=3D"DISPLAY: none">Br=10yJ=07r*VM=20
=
</SPAN> <BR>SuMain=C4=A3=BF=E9=D4=DAmain.c=D6=D0=BF=C9=D2=D4=D5=D2=B5=
=BD=A3=AC=CD=AC=CA=B1=A3=AC=CB=FB=D2=B2=CA=C7ntldr=B5=DA=D2=BB=B2=BD=B3=F5=
=CA=BC=BB=AF=B5=C4=D6=F7=CC=E5=B2=BF=B7=D6=A1=A3<SPAN=20
style=3D"DISPLAY: none"> z=17=13=08{:X[( </SPAN> <BR><SPAN=20
style=3D"DISPLAY: none">++UwG0hcu$ </SPAN> <BR>VOID SuMain(IN =
FPVOID=20
BtRootDir,IN FPDISKBPB BtBiosBlock,IN SHORT BtBootDriver)<SPAN=20
style=3D"DISPLAY: none"> k@;=0E`{=04b"f </SPAN> <BR><SPAN=20
style=3D"DISPLAY: none">%o(~F=10Zt=13=07=20
=
</SPAN> <BR>=B4=AB=C8=EB=B5=C4=B2=CE=CA=FD=B5=C4=C0=E0=D0=CD=BF=C9=D2=
=D4=B2=CE=BF=BCtypes.h=D6=D0=B6=D4=C0=E0=D0=CD=B5=C4=D6=D8=D0=C2=B6=A8=D2=
=E5=A1=A3<SPAN style=3D"DISPLAY: none">=20
=08uiv=153=12=01 ? </SPAN> <BR><SPAN style=3D"DISPLAY: =
none">\~=08Pi<=1F=3D:S=20
=
</SPAN> <BR>=D4=DAsu.asm=D6=D0=BF=B4=B5=BD=C1=CB=B2=CE=CA=FD=B5=C4=B4=
=AB=B5=DD=A3=BA<SPAN style=3D"DISPLAY: none"> =11=18=1D=1F=1Btz ]=20
</SPAN> <BR>;Build C stack frame for _SuMain<SPAN=20
style=3D"DISPLAY: none"> P '>Hg-O=19=15 </SPAN> <BR>;<SPAN =
style=3D"DISPLAY: none"> nd pLo=196 =14 </SPAN> <BR>xor =
dh,dh<SPAN=20
style=3D"DISPLAY: none"> >=1A^gb4<=0F=19 =
</SPAN> <BR>push dx =20
;pass bootdisk(dl)to =
main,=BC=B4BtBootDriver=B2=CE=CA=FD=A3=AC=CA=B5=CE=AA=C7=FD=B6=AF=C6=F7=BA=
=C5<SPAN=20
style=3D"DISPLAY: none"> 7 Rq=05=3D2~f </SPAN> <BR>push ds =
;segment=20
of bios parameter block<SPAN style=3D"DISPLAY: none"> =
K(f>=17+;=11F=01=20
</SPAN> <BR>push si ;offset of bios parameter block=20
,ds:si=BC=B4BtBiosBlock=B2=CE=CA=FD<SPAN style=3D"DISPLAY: none"> =
8Cgw=058@]PL=20
</SPAN> <BR>push es ;segment of root directory<SPAN=20
style=3D"DISPLAY: none"> t =02Q=05|=016P=04 </SPAN> <BR>push =
di ;offset=20
of root directory ,es:di=BC=B4BtRootDir=B2=CE=CA=FD<SPAN =
style=3D"DISPLAY: none">=20
QP|jR%=115cz </SPAN> <BR><SPAN style=3D"DISPLAY: =
none">eo@Tdos=14N=11=20
</SPAN> <BR>=D4=DA=C0=B4=BF=B4=BF=B4SuMain =
=BA=AF=CA=FD=B5=C4=B7=B5=BB=D8=D6=B5=A3=AC=B8=C3=BA=AF=CA=FD=C3=BB=D3=D0=B7=
=B5=BB=D8=D6=B5=A3=AC=D6=B1=BD=D3=BD=AB=BF=D8=D6=C6=C8=A8=BD=BB=B8=F8osLo=
ader=A1=A3<SPAN=20
style=3D"DISPLAY: none"> {qBwEJ`(;B </SPAN> <BR><SPAN=20
style=3D"DISPLAY: none">O=18"5v=0FrD=3D =
</SPAN> <BR>=BA=C3=C1=CB=A3=AC=CE=D2=C3=C7=C0=B4=BF=B4=BF=B4=BE=DF=CC=
=E5=B5=C4=CA=B5=CF=D6=A3=BA<SPAN=20
style=3D"DISPLAY: none"> M@|x>S=1BU 1 =
</SPAN> <BR>=D4=DASuMain =
=D6=D0=CA=D7=CF=C8=D2=AA=D7=F6=B5=C4=BE=CD=CA=C7=B1=A3=B4=E6fs=20
context info =A3=AC=D2=D4=C3=E2=B1=BB=B8=B2=B8=C7=B5=F4<SPAN =
style=3D"DISPLAY: none"> =0Fv=14>U0=02=07=12q=20
</SPAN> <BR> FsContext.BootDrive =3D =
(ULONG)BtBootDrive;<SPAN=20
style=3D"DISPLAY: none"> e=3DE+CoS O=05 </SPAN> <BR> =20
FsContext.PointerToBPB =3D MAKE_FLAT_ADDRESS(BtBiosBlock); =
//=D4=DAbochs=B7=B4=BB=E3=B1=E0=B5=C4//=20
=B4=FA=C2=EB=D6=D0=A3=A8=D2=B2=BE=CD=CA=C7win2k=CF=C2// =
=B5=C4ntldr=A3=A9=A3=AC=CE=D2=C3=BB=D3=D0=D5=D2=B5=BD// =
=BA=CD=D5=E2=CC=F5=B4=FA=C2=EB=CF=E0=B9=D8=B5=C4=D6=B8=C1=EE=A3=AC// =
=D2=B2=BE=CD=CA=C7=CB=B5=D4=DAwin2k=D6=D0=B5=C4//=20
ntldr=BF=C9=C4=DC=C3=BB=D3=D0=D5=E2=D2=BB=B2=BD<SPAN =
style=3D"DISPLAY: none"> A\I~.=01yQL=07=20
=
</SPAN> <BR>FSCONTEXT_RECORD=D4=DAtypes.h=D6=D0=B6=A8=D2=E5=A3=ACMAK=
E_FLAT_ADDRESS=BA=EA=BA=AF=CA=FD=D4=DAconstant.h=D6=D0=B6=A8=D2=E5=A1=A3<=
SPAN=20
style=3D"DISPLAY: none"> V=07=17=13i#q{=06=1E =
</SPAN> <BR><SPAN=20
style=3D"DISPLAY: none">:n}JH=04gI=1D=06 =
</SPAN> <BR>=BD=D3=CF=C2=C0=B4=B3=F5=CA=BC=BB=AFVideo=20
=
SubSystem=A3=AC=D3=C3=D2=D4=CF=D4=CA=BE=B4=ED=CE=F3=BA=CD=D2=EC=B3=A3=A3=BA=
<SPAN style=3D"DISPLAY: none"> ,nz`$#NT=1Fz=20
</SPAN> <BR>InitializeVideoSubSystem() =20
=
//=B8=C3=BA=AF=CA=FD=C7=EB=B2=CE=BF=BCdisplay.c=A3=AC=D4=DA=D5=E2=C0=EF=CE=
=D2=D6=BB=BD=B2=BD=E2=D2=BB=CF=C2=B9=D8=BC=FC=B5=C4=B2=BF=B7=D6<SPAN =
style=3D"DISPLAY: none"> =1B VW=06=14uL=05U=20
</SPAN> <BR> =
=D4=DA=B2=CE=BF=BCdisplay.c=CA=B1=A3=AC=C4=E3=BF=C9=C4=DC=B6=D4=CF=C2=
=C3=E6=B5=C4=B4=FA=C2=EB=B2=BB=C9=F5=C3=F7=C1=CB=A3=BA<SPAN=20
style=3D"DISPLAY: none"> c@@A=1Db@=1B=02A </SPAN> <BR> =
=20
BiosArea=3D(UCHAR_far*)(0x410L); =
//=D5=E2=BE=E4=D6=B8=C1=EE=CF=E0=B5=B1=D3=DABiosArea=3D(40:10)<SPAN=20
style=3D"DISPLAY: none"> =06o>=1F=16T$ uG =
</SPAN> <BR> =20
*BiosArea&=3D~0x30;<SPAN style=3D"DISPLAY: none"> =
"|%_cG8=08M=0F=20
</SPAN> <BR>*BiosArea|=3D0x20; =20
=
//=D4=DA=A3=A840=A3=BA10=A3=A9=B4=A6=B4=E6=B4=A2=B5=C4=CA=C7=C9=E8=B1=B8=B1=
=E0=C2=EB=B1=ED=A3=AC=CB=F9=D2=D4=D5=E2=C1=BD=BE=E4=B5=C4=D2=E2=CB=BC=BE=CD=
=CA=C7=BD=AB=C9=E8=B1=B8<SPAN style=3D"DISPLAY: none"> P=04b=12#=04Fb/=20
</SPAN> <BR>// =
=B1=E0=C2=EB=B1=ED=B5=C45~4=CE=BB=D6=C3=CE=AA10=A3=AC=CB=FB=B5=C4=D2=E2=CB=
=BC=CA=C7=BD=AB=B3=F5=CA=BC=CF=D4=CA=BE=B7=BD=CA=BD=D6=C3=CE=AA80=C1=D0=CE=
=C4<SPAN=20
style=3D"DISPLAY: none"> =13=1A=06@((=11WU=1E </SPAN> <BR>//=20
=
=B1=BE=B7=BD=CA=BD=A3=A8=C8=CF=CE=AA=CA=C7=B2=CA=C9=AB=CD=BC=D0=CE=CA=CA=C5=
=E4=C6=F7=A3=A9=A3=AC=C8=E7=B9=FB=C4=E3=BB=B9=B2=BB=C3=F7=B0=D7=A3=AC=D5=D2=
=D2=BB=D0=A9=B9=D8=D3=DA=C9=E8<SPAN style=3D"DISPLAY: none"> =
WA=1DJq=05CWom=20
</SPAN> <BR>// =
=B1=B8=B1=E0=C2=EB=B1=ED=B5=C4=D7=CA=C1=CF=A3=AC=D2=BB=BF=B4=B1=E3=D6=AA<=
SPAN style=3D"DISPLAY: none"> :K=0F=04A}I^gL=20
</SPAN> <BR><SPAN style=3D"DISPLAY: none">U-g(M3& 2:=20
=
</SPAN> <BR>=C8=C3=CE=D2=C3=C7=BB=D8=B5=BDSuMain=D6=D0=A3=AC=BF=B4=BF=
=B4=BD=D3=CF=C2=C0=B4=D7=F6=CA=B2=C3=B4<SPAN style=3D"DISPLAY: none">=20
D*=1D'vV{fN=1D </SPAN> <BR>TurnMotorOff() =
//=B8=C3=BA=AF=CA=FD=B2=CE=BF=BCsu.asm<SPAN=20
style=3D"DISPLAY: none"> 1@> C=18h%2 </SPAN> <BR> =
=20
=
=B8=C3=BA=AF=CA=FD=BA=C3=CF=F3=CA=C7=B9=D8=B5=F4=C8=ED=C5=CC=C2=ED=B4=
=EF=A3=AC=CE=AA=B4=D3=C8=ED=C5=CC=D2=FD=B5=BC=D7=F6=D7=BC=B1=B8<SPAN =
style=3D"DISPLAY: none"> !i=17k-$w?z=3D=20
</SPAN> <BR> DriveControlRegister =
=20
equ 3f2h =
;=C8=ED=C5=CC=BF=D8=D6=C6=BC=C4=B4=E6=C6=F7<SPAN style=3D"DISPLAY: =
none">=20
W=18v=12=13Cj"z </SPAN> <BR> out dx,al =
=20
;=B6=D4=B6=CB=BF=DA=B5=C4=B6=C1=D0=B4<SPAN =
style=3D"DISPLAY: none"> 83eGS)4DI|=20
</SPAN> <BR> =20
=
=B6=D4=D3=DAout=C3=FC=C1=EE=A3=AC=B8=FC=CF=EA=CF=B8=B5=C4=D7=CA=C1=CF=CE=D2=
=BE=CD=C3=BB=D3=D0=C1=CB=A3=AC=C8=E7=B9=FB=C4=C4=CE=BB=D3=D0=B5=C4=BB=B0=A3=
=AC=C4=DC=B2=BB=C4=DC=B8=F8=CE=D2=D2=BB=B7=DD=A3=AC=B2=BB=CA=A4=B8=D0=BC=A4=
=A3=A8<A=20
=
href=3D"mailto:zl21_spawn@163.com">zl21_spawn@163.com</A>=A3=A9<SPAN=20
style=3D"DISPLAY: none"> R[2o=0F=19=1F=02l- </SPAN> <BR><SPAN =
style=3D"DISPLAY: none">'jU_uf=07f=08(=20
=
</SPAN> <BR>=BD=D3=D7=C5,SuMain=B5=F7=D3=C3PatchDiskBaseTable()=BA=AF=
=CA=FD=A3=AC=B8=C3=BA=AF=CA=FD=B1=C8=BD=CF=BC=F2=B5=A5=A3=AC=B2=BB=CC=E1=A1=
=A3<SPAN=20
style=3D"DISPLAY: none"> sSu"L/=06=051F </SPAN> <BR><SPAN=20
style=3D"DISPLAY: none">}cc<=16WH1=04R=20
=
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -