USB flash drive and int 13h extension read USB drive contents

Booting from the USB stick there are three ways: USB-HDD, Usb-cdrom, USB-FDD, which USB-FDD format is older, at the same time there is a certain problem of compatibility, and currently only for USB-HDD and Usb-cdrom two ways have been studied.

first, boot from the USB stick

1, USB-HDD Way Introduction

USB-HDD mode is to format the USB drive format, with the same form as the hard disk MBR, only need to write the boot code to the USB-HDD format U disk MBR, while on startup, enter the BIOS to choose from USB-HDD boot, or in the hard drive boot sequence, the USB flash drive into the primary disk.

USB-HDD way There are certain problems, for example, select USB-HDD startup, the USB drive becomes the main disk, call int 13h interrupt to read and write, dl=80h the corresponding disk is a USB flash drive, in the boot of the original system there are some problems, you need to switch the boot disk. At the same time, if you start with the USB-HDD mode, the system installation, you should also note that the C disk corresponds to a U disk, choose to install the System file directory should be noted.

2, the USB-HDD format U disk production process

Main tool: Select the HP USB disk Format tool, such as HP Storage

As shown in the figure above, run the tool, select the USB drive at device, then select Createa dos Startup disk, using DOS system files located at: Select DOS file, click Start, wait a moment.

3, Usb-cdrom Way Introduction

The usb-cdrom approach is more mainstream, but also a relatively good way to be compatible. Usb-cdrom Way is to use the USB flash drive using the designated manufacturer of USB flash memory production tools, the volume produced into CDROM form, with read-only characteristics. At startup, select Usb-cdrom to start, or in the CD Boot sequence, the usb-cdrom of the volume of the USB flash drive will be selected as a priority.

4, Usb-cdrom format U disk production process

Main tools: Chipgenius is used to view the information of USB drive, including important information such as the device ID, chip manufacturer, chip model and so on. U disk production tools, this and the chip manufacturer of U disk, you have to use the same volume production tools as the main control of U disk, otherwise it will cause bad consequences.

To find the corresponding USB flash drive production tools, such as the experiment U disk for Kingston 4GBU, the master chip for the cluster, Select the mass production tool v1.96.00, first open the Paramedt-f1-v1.0.20.2.exe for the production parameter setting, when the mode selection, choose 21 is the production of two modes of the U disk. The mass production process is then used for mass production.

If you choose to format the USB flash drive before processing, then in the mass production, you need to format the USB flash drive in the production tool, reseat the USB flash drive, after the system is recognized, click OK to start mass production, know the green can end, do not disconnect during the operation, in order to avoid abnormal.

Second, U Disk Guide Area code and U disk content read and write

1. Writing the boot code when the problem exists

A) when the BIOS loads the first sector (or boot area) code into the memory 0x7c00, do not think cs=0x7c0, in the physical machine, a lot of cs=0, and ip=0x7c00, error-prone

b) loading the original system MBR, due to boot from the USB stick, int 13h read, do not report errors, resulting in the original MBR fault-tolerant code is invalid, need to pass down the dl=80h load the hard disk system.

c) The call int13h_process differs from the Int 13h in that the stack balance has a difference, and calls Int13h_process returns, Sp=sp+2, so a sub sp,2 is required, or RETF 2 balance stack space is returned.

2. Read and write HDD USB drive at startup

To read and write to the USB drive, you need to support the Int 13h extension function, as follows:

MOV bx, 0x7c0

MOV ds, BX

mov si, @DiskAddressPacket;d s:si<--diskaddresspacket

mov ah, 0x42

mov dl, 0x81;d l<--disk number

int 13h

It is important to note that when the disk is a hard disk and there are multiple hard disks at the same time, the DL does not increment continuously from 0x80, and 0x81 does not necessarily point from the hard disk.

third, the debugging method

1. Qemu + Ida Debug

There is a problem, QEMU support for U-disk startup has some problems, in the trial USB-HDD format, QEMU BIOS loading is not MBR, but the so-called boot sector.

2. vmware+ Ida Commissioning

VMware supports MBR debugging, can be used with IDA, after MBR debugging, the specific setting method see reference

3, Bochs does not support USB boot, so no use Bochs

Reference Documents

Http://wiki.osdev.org/VMWare

Debugging Windows kernel under VMWare using IDA ' s ...-hex-rays