Thursday, June 2, 2011

Unpacked bootmgr x86 part

Unpacked bootmgr
First 5 sections is correct. Other segments are wrong. But anymore IDA can associate it with pdb.


This version is check Win 7 Sp0. You also can find free version or asking me. 
Also there are small differences after ms-advisory-2506014-x64. 

2 comments:

  1. I'm a newbie, and trying to debug bootmgr x64 free build... I did not understand what you mean by "unpack". I have the file bootmgr (not exe), which has a 16-bit real mode, 16-bit protected mode, and 32-bit mode.
    Is it packed? I loaded the PDB and debugged through windbg a bit, but am not able to find what I am looking for. Can you give me some tips?

    ReplyDelete
  2. Hi,
    Here I mean that unpack version is 32 bit part of bootmgr. This version allows you to load PDB file. I have dumped it from debugger.

    ReplyDelete