-
Notifications
You must be signed in to change notification settings - Fork 0
/
JillSym.txt
70 lines (70 loc) · 4.56 KB
/
JillSym.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
Notes on the Turbo C Debug Symbol Table
∙ Prologue (48 bytes)
fb 52 8 2 AA AA 0 0 BB BB CC CC 0 0 DD DD EE EE FF FF 0 0 GG GG
HH HH II II JJ JJ KK KK LL MM MM 0 0 0 0 0 1 0 0 0 0 0 0 0
with the following:
File AAAA BBBB CCCC DDDD EEEE FFFF GGGG HHHH IIII JJJJ KKKK LL MMMM
Jill1.exe 2092 0351 0018 02d8 02d8 0061 0000 0000 0000 0000 0000 32 0275
Jill2.exe 2029 034b 0025 02cb 02bd 0068 0002 0020 0001 0001 0001 66 02db
Jill3.exe 2014 0349 0025 02c9 02bb 0068 0002 0020 0001 0001 0001 d6 02dc
AAAA: Maybe the location of the list of name strings.
BBBB: The maximum symbol index.
DDDD: The number of variable names.
EEEE: The maximum global variable name.
FFFF: The number of segments
∙ Identifiers
Each entry is of the form:
word SymbolId; // Numbered 1, 2, ...
word XXX0; // Usually 0, but not always.
dword Address; // Segment:Offset (when Type == 01).
byte Type; // Apparently: 01 for the entry point(s), 00 for CS-relative symbols.
∙ Segments
Each entry is of the form:
word SymbolId; // Numbered 1, 2, ...
word XXX[7]; // Usually 0's, but not always.
∙ Names
Each entry is a C-string, corresponding to the numbers 1, 2, ...
∙ Epilogue
For Jill1.exe it is the following:
00 00 00 00 00 00 00 00 04 00 00 01 00 00 02 00 80 ff ff ff 7f 00 00 00 05 00 00 02 00 00 04 00
00 80 ff ff ff 7f 00 00 06 00 00 04 00 00 06 00 00 00 00 80 ff ff ff 7f 08 00 00 01 00 00 08 00
00 00 00 00 ff 00 00 00 09 00 00 02 00 00 0a 00 00 00 00 00 ff ff 00 00 0a 00 00 04 00 00 0c 00
00 00 00 00 ff ff ff ff 0d 00 00 04 00 00 00 00 0f 00 00 08 00 00 00 00 10 00 00 0a 00 00 00 00
0e 00 00 06 00 00 00 00 28 00 00 01 00 00 00 00 0c 00 00 01 00 00 13 00 00 00 00 00 ff 00 00 00
07 00 00 08 00 00 00 00 0b 00 00 08 00 00 00 00 2b 00 00 0a 00 00 00 00 00 00 00 00 00 00 00 00
For Jill2.exe it is the following:
02e3 563d 18b2
000e 0000 0015 0008 0016 001c 0017 002e 0018 0040 0019 0052 001a 0064 001b 0069
001c 006f 001d 0075 001e 007c 001f 0080 0020 008b 0023 00ae 0024 00b4 0026 00bb
0027 00cd 0028 00df 0029 00f1 002a 0103 002b 010b 002c 0110 002d 0135 002e 015a
002f 017f 0030 0191 0031 01a3 0032 01b5 0033 01c7 0034 01d9 0036 01fe 0038 0205
02be 0001 0000 0000 0000 020b 02bf 000a 0001 0000 0008 0203
000c 0556 0000 020b 0001 0002 0001 0001 0001 0001 0001 0020
00 00 00 00 00 00 00 00 04 00 00 01 00 00 02 00 80 ff ff ff 7f 00 00 00 05 00 00 02 00 00 04 00
00 80 ff ff ff 7f 00 00 06 00 00 04 00 00 06 00 00 00 00 80 ff ff ff 7f 08 00 00 01 00 00 08 00
00 00 00 00 ff 00 00 00 09 00 00 02 00 00 0a 00 00 00 00 00 ff ff 00 00 0a 00 00 04 00 00 0c 00
00 00 00 00 ff ff ff ff 0d 00 00 04 00 00 00 00 0f 00 00 08 00 00 00 00 10 00 00 0a 00 00 00 00
0e 00 00 06 00 00 00 00 28 00 00 01 00 00 00 00 0c 00 00 01 00 00 13 00 00 00 00 00 ff 00 00 00
07 00 00 08 00 00 00 00 0b 00 00 08 00 00 00 00 2b 00 00 0a 00 00 00 00 1a 00 00 10 00 00 02 00
1a 00 00 20 00 00 02 00 23 00 00 00 00 04 01 00 23 00 00 00 00 04 1c 00 16 00 00 04 00 00 02 00
23 00 00 00 00 04 1c 00 23 00 00 00 00 04 04 00 23 00 00 00 00 04 0a 00 1a 00 00 00 03 00 08 00
23 00 00 00 00 04 04 00 23 00 00 00 00 04 04 00 23 00 00 00 00 04 1c 00 23 00 00 00 00 04 01 00
00 00 00 00 00 00 00 00
For Jill3.exe it is the following:
02e1 563d 18b2
000e 0008 0015 0010 0016 0024 0017 0036 0018 0048 0019 005a 001a 006c 001b 0071
001c 0077 001d 007d 001e 0084 001f 0088 0020 0093 0023 00b6 0024 00bc 0026 00c3
0027 00d5 0028 00e7 0029 00f9 002a 010b 002b 0113 002c 0118 002d 013d 002e 0162
002f 0187 0030 0199 0031 01ab 0032 01bd 0033 01cf 0034 01e1 0036 0206 0038 020d
02bc 0001 0000 0000 0008 020b 02bd 000a 0001 0000 0010 0203
000c 0558 0008 020b 0001 0002 0001 0001 0001 0001 0001 0020
00 00 00 00 00 00 00 00 04 00 00 01 00 00 02 00 80 ff ff ff 7f 00 00 00 05 00 00 02 00 00 04 00
00 80 ff ff ff 7f 00 00 06 00 00 04 00 00 06 00 00 00 00 80 ff ff ff 7f 08 00 00 01 00 00 08 00
00 00 00 00 ff 00 00 00 09 00 00 02 00 00 0a 00 00 00 00 00 ff ff 00 00 0a 00 00 04 00 00 0c 00
00 00 00 00 ff ff ff ff 0d 00 00 04 00 00 00 00 0f 00 00 08 00 00 00 00 10 00 00 0a 00 00 00 00
0e 00 00 06 00 00 00 00 28 00 00 01 00 00 00 00 0c 00 00 01 00 00 13 00 00 00 00 00 ff 00 00 00
07 00 00 08 00 00 00 00 0b 00 00 08 00 00 00 00 2b 00 00 0a 00 00 00 00 1a 00 00 10 00 00 02 00
1a 00 00 20 00 00 02 00 23 00 00 00 00 04 01 00 23 00 00 00 00 04 1c 00 16 00 00 04 00 00 02 00
23 00 00 00 00 04 1c 00 23 00 00 00 00 04 04 00 23 00 00 00 00 04 0a 00 1a 00 00 00 03 00 08 00
23 00 00 00 00 04 04 00 23 00 00 00 00 04 04 00 23 00 00 00 00 04 1c 00 23 00 00 00 00 04 01 00
00 00 00 00 00 00 00 00