728x90
LBA를 활용하기 위한 int 13 명령어 확인
0000:06E6 mov dl, [bp+00]
0000:06E9 pusha
0000:06EA mov bx, 55AA
0000:06ED mov ah, 41
0000:06EF int 13 ;INT 13
0000:06F1 jb 0729
0000:06F3 cmp bx, AA55
0000:06F7 jne 0729
0000:06F9 test cl, 01
0000:06FC je 0729
0000:06FE popa
해석 : Verify that the int 13 command to leverage the LBA address value works effectively.
확장한 int13 명령어를 읽을 수 있으면 LBA 주소값을 불러옵니다
0000:06FF pusha
0000:0700 push 0000
0000:0702 push 0000
0000:0704 push word ptr [bp+0A]
0000:0707 push word ptr [bp+08]
0000:070A push 0000
0000:070C push 7C00
0000:070F push 0001
0000:0711 push 0010
0000:0713 mov ah, 42 ;INT 13
0000:0715 mov si, sp
0000:0717 int 13
0000:0719 popa
0000:071A popa
0000:071B jnb 072B
0000:071D dec di
0000:071E je 072B
0000:0720 xor ah, ah
0000:0722 mov dl, [bp+00]
0000:0725 int 13
0000:0727 jmp 06FF
해석 : Read the bootable 512 bytes and overwrite them at 0:7C00.
In sum, you find a bootable entry in the partition entry table, and then find out if there is anything else that is viable. If there is only one bootable entry, load the boot sector into memory 0:7C00 by referring to the LBA address value.
출처 : Me
728x90
'호그와트' 카테고리의 다른 글
| 던던댄스 (1) | 2022.11.09 |
|---|---|
| ssh 자유자재로 공격하기 (0) | 2022.11.09 |
| MBR 어셈블리어와 간단한 해석 02 (0) | 2022.11.09 |
| MBR 어셈블리어와 간단한 해석 01 (0) | 2022.11.09 |
| 무한 echo 프로그램 (1) | 2022.11.08 |