***********************************************************************
***********************************************************************
(Part II of Hacking Doc)
MONAM2 HELP FILE
This is a copy of a monam2 help file I wrote ages ago
***********************************************************************
***********************************************************************
Devpac 2
Devpac 2 is the best Monitor program I have ever used. It has some very
nice break points that you can place conditions on. You can do nice things
like tell the monitor to trace the program for 10000 instructions and then
jump back to the monitor. Ok in the list below the Am = the right Amiga
button.
Window Commands
TAB Mo
ve to the next window
Am A Set address
sets the starting address of a memory or disassembly window
Am B Set Breakpoint
Sets various break point (see later)
Am E Edit Window
On the memory window this lets you edit memory. You can
edit in hex (delfault) or press the TAB key and jump to
the Ascii part of the window and edit in Ascii
Am L Lock Window
With this command you can lock the disassembly window or
memory win
dow to a particular register. The disassembly
window is lock by default to the PC. You can lock the
disassembly window and the memory window together by
locking the memory window to M2. (M2 is a memory registor
see later)
Am O Show Other
This does convertions and mathmatcis for you. It prompts
for a number but you can use symbols from your program
as well as complex maths
Am P Printer Dump
Dumps the current
window to the printer, it can be aborted
by pressing ESC
Am R Register Set
Alter a register. You can just feed in a number or define it
by a maths equation ex A3=A2+4 or you can even use the
symbols from the A3=A2+START
Am S Split Windows
Splits window 2 into window 2 and window 4 or window 3 into
window 3 and window 4
Am T Change Type
This only works on window 4 (created either by splitting
window 2 o
r by loading a source file). It changes the type
of the window between disassembly, memory and source-code
(if a file has been loaded).
Am Z Zoom Window
Zooms the current window to full size or back again. Zooming
the register window shows the values of M0-M9 (Devpac internal
memory registers... see later)
SCREEN SWITCHING
Monam uses its own screen display and will always make itself the front
and active window whenever an exception (including
breakpoint) occurs
V View other Screen
BREAKPOINTS
Am B Set Breakpoint
With this command you can set a variaty of kinds of break
points. After pressing B just enter one of the following
address
will set a simple break point
address,expression
will set a stop breakpoint at the given address,after
it has executed expression times
address,=
will set a count breakpoint. The ini
tial value of the
count will be zero
address,*
will set a permanent breakpoint
address,? expression
will set a conditional breakpoint, using the given
expression
such as the value of a registor etc
address,-
will clear any breakpoint at the given address
You can't set a break point in ROM
Help Show Help and Breakpoints
This displays the current breakpoints, task status, its
seqment list (showing where your program is), free memory
and the system memory list. Am commands are available within
this display
Ctrl B Set Breakpoints
Sets a breakpoint at the start address of the disassembly
window (you have to be in it). If there is one already there
it will clear it
U Go Until
Prompts for an address at which a simple breakpoint will be
placed then program execution resumed
Ctrl K Ki
ll Breakpoints
Clears all break points
Ctrl A Set Breakpoint then Execute
A real great command. It places a simple breakpoint at the
instruction after the Program counter and then runs the
program. This is really great for single stepping through
conditional loops, you just single step down to the command
that does the test and loop and press Ctrl A and it places a
breakpoint after the loop and then runs program (goes arou
nd
the loop until it falls through on to your break point). The
only thing to watch is the program exiting at another point
and never getting to your break point
Ctrl X Stop program executing
Stops your task running. It does this by setting the trace bit
so you will get a trace exception. While this does work, be
careful if you stop it in the middle of some AmigaDOS ROM
routines, particularly signal handling and message pa
ssing
OTHER STUFF
Monam has a history buffer showing the condition of the registors and
program counter.
H Show History buffer
Shows the history buffer (for the last 5 instructions)
Ctrl C Terminate
Leave Monam
Ctrl Q Quit a program
Stops a program running. This can be hazardous to use, and
should only be done as a last resort. If your program is
terminated in this way it will not clean up, and thus not
de-allocate any
memory it was using or close windows etc
Ctrl L Loading Executable Program
This will prompt for a filename and then a command line
and will attempt to load the file ready for execution.
If MonAm has already loaded a program it is not possible to
load another until the former has terminated
B Load Binary File
Prompts you for a file name and optional load address
(separated
by a commma) and will then load the file where specified
. If
no load address is given then memory will be allocated from the
system. M0 will be set to the start address and M1 to the end
address (see below for a discription of the M registers)
A Load Ascii file
A great command that allows you to load a ascii file (such as
the
sorce coad) into window four of Monam, if window 4 isn't
already
open then it will open it automaticly
EXECUTING PROGRAMS
Ctrl R Return to program/Run
Runs the current program from the PC position at full spead the
history buffer will not be updated while running.
Ctrl Z Single-Step
This single-steps the instruction at the PC with the current
register values. Single-stepping a trap, Line-A or Line-F
opcode
will, by default, be treated as a single instruction. This can
be
charged using Prefrences (Ctrl P)
Ctrl Y Single-Step
as above but included for the convenience of German u
sers
Ctrl T Interpret an Instruction (Trace)
A great command. It is the same as Ctrl Z but skips over BSR's,
JSR's, Traps, Line-A and Line-F calls, re-entering the debugger
on return from them to save stepping all the way through the
routine or trap. It works on instructions in ROM and RAM
Ctrl S Skip and Instruction
Ctrl S increments the PC register by the size of the current
instruction thus causing it to be skipped. Use this inst
ead
of Ctrl Z when you know this instruction is going to do
something
you dont want
R Run (various)
Prompts for the style of run you want just press it and you
will
be prompted for
G Go
Identicial to Ctrl R just runs the program at full speed
I Instruction
This is a great command that executes the entered number of
enstructions remembering the infomation in the history
buffer
and then returning to Monam. Traps are executed as single
insturctions
SEARCHING MEMORY
G Search memory (get a sequence)
Will prompt for B/W/L/T standing for Bytes, Words, Longs, Text and
Instructions (Intructions and Texzt are case sensitive). The SP is
not called SP in the searches it is called A7
N Find Next
Having found one with the G command (see above) you can find
another
occurence of it by pressing N
OTHER
STUFF
Ctrl P Preferences
Alows you to alter various options in Monam by answering Y/N to the
questions
I Intellegent Copy
Copies a block of memory to another area. The addresses should
be entered in the form
START,INCLUSIVE_END,DESTINATION
No checks are made on the validity of the move. It will let you
quite happily crash the system
L List Lables
Lists all the lables in the program. Lables are displaye
d in
the order they where found on the disk
W Fill Memory With
START,INCLUSIVE_END,FILLBYTE
P Disassemble to Printer/Disk
Disassembles Area of memory to printer or disk with lables
the first lines should be entered in the form
START_ADDRESS,END_ADDRESS
The next line prompts for an Area of memory to use to build
the cross-reference list, which should be left blank if no
automatic labels are require
d else should be of the form
BUFFER_START,BUFFER_END
Next is the prompt for data areas which will be disassembled as
DC instructions, of the form
DATA_START,DATA_END,SIZE
The optional size field shoudl be B, W, L, defaulting to L,
determining the size of the data. When all data areas have
been defined, a blank line should be entered
Finally a filename prompt will appear, if this is blank all
outp
ut will be to the printer, else it will be assumed to be a
disk file
**** Special Note **** I will be stuffed if I can get this to
work... I can get it to just disassemble the code but I can't
get it to put in lables. (it worked on the ST what happend
guy's). We hope for a fix in an upgrade.
M Modify Address
Same as Am A
O Show Other Bases
Same as Am O
D Change Drive and Directory
Change current
Drive and Directory
THE M REGISTERS (In the bits above where I said see later well here it is)
The Devpac manual is shy and doesn't blow it's own horn enough about some
of
it's features. The M registers are one of the things, Devpac has internal
registors numberred M0-M9 some of them are used by the program such as
M2 and M3 which control the start of the disembly window and the start of
the
Memory window. You can alter the value of the M registers and the windows
will reflect the change. You can use som
e of the registers for your own use
such as setting M7 to a memory address you want to look back at latter and
the go away and look at another memory address then when you want to go
back
you just go
M .... for Modify memory
and
M7
and you will jump back to the address you stored just by going MM7
when you load a binary file M0 and M1 are set to the start and end of
file you loaded. This makes it really easy to load a binary file change
a character and save it back again. You don't even have to en
ter in the
start and end addresses when you save it you just use M0 and M1 in the
save statement
M2, M3, M4 and M5 are the start addresses of windows 2,3,4,5
Another thing Devpac doesn't make to much about it the use of symbols
in your statements such as alterring a register
A5=A2+A3+START_PRG - SUM_OTHER_NUMBER
So why work it out let Devpac do it for you
Fuck that took me a long time to type in and I dearsay there are
heeps of spelling mistacks in it so if you find one all you have to
do is write it o
n a piece of paper and flush it down the loo. Or correct
the file and reload it up to the board.
Bye Fun_to_hack
***********************************************************************
***********************************************************************
MONAM2 METHODS
This is a copy of a file I wrote ages ago showing you how to get the
most out of monam
***********************************************************************
********
***************************************************************
HANDY THINGS TO KNOW ABOUT DEVPAC'S MONAM
I really like using Devpac's machine code monitor (called Monam or Monam2
from here on). Most people don't really use it to it's potential because
the manual dosn't emphasize some of the better features so I thought I
would write about some of the handy features and methods of using them that
I have found helpful in debugging programs. Everything I mention here is in
the manual but some it is in very o
bscure places or just mentioned in
passing. This is not an Help file of the commands but a help file showing
better ways to use the commands. For a list of the commands see the file
Monam2_help.txt
Monam2 will debug programs and tell you what the machine code calls are as
it comes to them so instead of looking at code that says JSR -$1E(A6) when
you are single stepping the program you will see JSR Open. This is great
and stops you looking up endless calls in the manual. The way to get it to
do it is to put
the file Libfile.Monam into the libs directory on your
systems disk. You will find the file in the Libs directory on the original
distribution disk. Monam2 will debug programs that have been saved with the
labels in them and display them in the program when you are single stepping
�it. Ok that is obvious but what isn't so obvious is you can use the labels
yourself. This is great if you are like me and hate keying in 6 didget Hex
numbers all the time. When ever you have to key in a hex address you can
just
type in the label instead. You can set the program counter to point to
a label just by using the Set register command (Right_Amiga_Key R PC=label)
that goes for setting the address of the current window as well (M label)
you can even use the names of the Registers to save you key in the values
in them. For example if A0=$123456 and you think it is pointing to a file
name and want to see what it is you can set the Data window to it by making
it the current window and going M A0 this will set the current win
dow to
the value in AO you can do this for all the Registers A0-A7, D0-D7, PC. All
these labels and short cuts really come into there own when you are doing a
calculation you can use the O command (Other) for doing calculations you
can do things like O A0+D0 and it will work out what the values in A0 plus
D0 equal. You can use all the Registers A0-A7, D0-D7 the PC and even use
the SR register (you can do it with the SR reg I didn't say you could do
anything useful with it). You can even use the operators {}
for the number
at an address instead of the address itself for example if A0 is pointing
at number $12345678 you can go M {A0} and it will set the current window to
address $12345678 this could be useful for looking up a table. If you want
to actually do something with the address A0 or the number A0 then all you
have to do is put a $ in front of it. Apart from using labels and Registers
as short cuts Monam2 has some built in reserve words they are CODE which is
set to the start address of any program you
load up and HUNK1 HUNK2 etc
which are set to the start of the Hunks. CODE is very handy for when you
are single steeping and want to nip back to the start to see what where you
started. Hunk can be handy for jumping around the code. There is no end off
HUNK or ENDOFCODE reserved words. The flexibly of the maths bits of Monam2
is extreamly good and you will find you can use it from any part of the
program so when ever you want to go to an address or set a register to a
value you have to work out you don't ha
ve to work it out and then set the
register or tell Monam2 to go to that address just include the equation in
the command to tell monam to go to the address or set the register to the
value. With out a doubt my feature of Monam2 is it's Memories there are 10
memories M0 to M9. M0, M1, M2 and M3 are used by Monam itself. M2 is set to
the top of the disassembly window and M3 is set to the top of the Hex
window when ever you move these windows then the values change to the top
of it's window. We can use these
for our own use. If you are in the
Disassembly window and come across a bit of code that looks a bit funny and
could be data so you nip over to the Data window and want to set it to the
same address as the disassemble window. Just go to the Data window (M3) and
press MM2 then hit RETURN (M for memory and M2 for the address of M2 which
is the disassemble window). Although this involves four keystrokes which is
in most cases only going to be a few less than going M and the address you
want to go anyway since
two of them are the same and the other one is
Return and you don't have to hunt and peck around the keyboard to type in a
hex number you get a great increase in speed and you are much more sure of
getting it right than keying in the number. You actually have two more
windows than are not obvious, if you go to the disassembly window and press
Right Amiga button and S at the same time then you split the window into
two windows both which are disassemble windows you can jump over to the
Data window and split i
t in two the same way and you can jump around them
with the TAB key just as you can do with the two normal windows and you can
Zoom each of the windows with Amiga Z. I will talk more about windows and
the M variables in the Section on Tracing techniques and Stuff. You can
also lock a window to an window to a Memory variable or a register. By
default the disassembly window is locked to the PC but you can lock any of
the windows to any register or Memory value. To lock the Data window to A0
you just move to t
he Data window and press the right Amiga key and L
simultaneously and then then type A0 and press return and from then on the
Data window will always be set to the value of A0 and if it should change
then the top of the window will change. You can also lock windows together
for example to lock M3 to M2 you go to the Data window (M3) and go Amiga L
M2 return and everytime the the disassembly window changes the Data window
will change to match. To unlock a window you just lock it to it's Memory
value example
move to the disassembly window and go Right Amiga L M2 and
�the window will not change when PC goes off the screen. The values M0 and
M1 are automatically set to the start and end of a file that is loaded in
with the binary function (B) this is very handy when you want to save a
file back again you just use M0 for the start and M1 as the end.
The values of M are set to
M0 Start of the last binary file loaded
M1 The end of the Last binary file loaded
M2 The start of the Disassembly window
M3 The sta
rt of the Data window
M4 The start of the second disassembly window if it exists otherwise free
M5 The start of the second Data window if it exists otherwise free
M6 A free variable to be used by you
M7 A free variable to be used by you
M8 A free variable to be used by you
M9 A free variable to be used by you
To get a list of all the M variables as well as the usual A0-A7, D0-D7, PC
and SR just keep pressing TAB key until you get to the register window and
press Right Amiga key and Z (for Zoom)
and you get a dump of all the
Registers. While you are in the Zoom mode you can't use the O command for
preforming calculations but you can use right Amiga O to do the same thing.
The O without an Amiga key is supposed to be there only to be compatible
with Monam 1 but I don't know anyone who uses the Amiga O version so you
tend to think Monam2 wont let you do calculations but it will, this is very
handy because so often the thing you want to calculate on is something you
have seen in Zoom mode the same go
es for the screen that displays the hunks
and break points (got to by pressing Help). You can also set Registers in
Zoom mode and in the help key screen just go Right Amiga R and set the
register as per normal. You can get a dump of the current window you are in
by going Right Amiga P this also works in Zoom mode giving you a bigger
dump. The disassemble to printer or drive option of monam2 (version 2.0)
has a floor in it... it won't put labels in even though it ask you for an
area to store the labels in. T
he only way to fix this is to get a latter
version of Monam there is a version of Monam2.05 that has been converted
from German to English (thanks Sigfried) have a look on the disk you got
this with if it is there it will be called Monam2.05 (my name not anyone
elses). The only problem we have found with this version is it wont save
Preferences (hopefully we will fix this). I found the easiest way around
this is to save the preferences from an earlier version of Monam2 (real men
change the file by hand).
T
racing techniques and stuff
When you are single stepping a program and stop half way through and go
into Zoom mode you are able to jump up and down the program and have a good
look around then when you press Escape to go back you where you where when
you went into Zoom mode this is great if you wanted to go back to there but
if you have just found something interesting and would rather have that at
the top of the window when you got back to the normal screen this is an
absolute pain. The way around this is
to set the window Memory variable
from Zoom mode if you are in the Disassembly window and you go into Zoom
mode then advance four or five pages all you have to do is go Amiga R
M2=address to set the memory variable M2 (top of disassembly window) to the
address that you want to be at and when you press escape the top of the
window will be the address you put into the register M2. When you are
tracing a program and you come to something of interest you can flag it by
setting a memory value to the PC (Amiga R
M3=PC) and if you find another
thing then set M4=Pc and M5 etc up to M9 then if you want to come back you
just go MM3 (Memory M3) and later MM4 etc. I use this quite alot to keep
track of the flow of a program that I am tracing if you get to a suspicious
part that calls a subroutine and you set M3=PC if that subroutine calls
another one you can set M4=PC etc. You can then conveniently jump around
the bits of the program without having to write a single address down. A
thing I use this for alot is working ba
ckwards. You find a bit of code in
the program that look of interest and you Set M9=Address then trace the
program using the Instruction search and when if you find the call to it
�you set M8=address then search again for a call to that address and set M7
to it's address. With all these memory variables set to different parts of
the program you can then go MM6 or MM7 or MM8 to jump around the different
parts of the program of course this is very limited in the amount of code
you can do this with and there i
s a good chance that you wont be able to
find the address call you are searching for but anytime you find you are
about to write a Memory address down set a Memory variable to equal it
instead. I find moving the address to the top of the window and using the
Memory variable for that window to define the new variable the best way to
do it.. for example want to set M5 to an address in M2 you just keep
pressing the down arrow until the address lines up with the top of its
window and go Right Amiga R M5=M2. Thi
s sounds very involved but you will
find your self doing it very quickly after a few times and it doesn't
involve keying in a number which is the thing that really slows you down
and is most likely to be got wrong. Saving and loading a binary file can be
very handy for changing a program you don't have the source code for
(Hacking who me?). If you load an executable program with the binary load
function (B) it loads the whole program including the program header and
file relocation table. The program looks
just as it would on the disk not
as it would look in memory if you had loaded it as an executable file
(Control L) because when a program is loaded by the operating system it is
relocated to run at that place in memory. If you load a program with the B
option you can save it with the S option and it will still run in the usual
fashion the trick is to save it with a correct start and end. If you were
to try and find out the start and end by looking in memory you would
without a doubt fail but since the varia
ble M0 and M1 are assigned to the
start and end of the binary file loaded all you have to do is to save it
using M0 for the start and M1 as the end. After you have loaded a program
you can then alter bits of it. But you have to be careful what you are
doing, you can't alter anything that has absolute address because this will
be altered by the relocation table when it is loaded but you can alter
things that are PC relative or change commands into Nop's or change a
conditional branch to another condition suc
h as make a BNE to BRA just by
changing one byte. I can not over emphasize the need to make sure you are
not changing something that will be altered by the relocation table when
the program is loaded. When you are looking at a program you have loaded as
a program (the normal way with Control L or when starting monam) have a
look the data window and see if the address that a call is talking about is
there in hex if it is then it was put there by the relocation table and is
to be left alone. The other thing t
o watch out for is making sure you don't
save the program down on top of something else on the disk. Normally the
file system makes sure you don't do that but if it is a protected disk then
they may be loading sectors directly from the disk and not have allocated
them as already used and the operating system will think there fair game
and save your file down over some other code on the disk. The way to be
sure this dosn't happen is to use Newzap or one of the other excellent file
zapers available on the ami
ga and change it directly on the disk. Loading
the file up as binary is still handy in this case as it will show you
exactly what the code looks like on the disk so you will have lots to code
surrounding the code you want to change to confirm you are in fact changing
the right bit of code.
UPDATE ON MONAM2_METHODS
SNAP & OSNAP
There are two programs that I have started using in conjunction with Monam2
and I dont know what I would do without them. They are both the same kind
of program. I started using sna
p and have now retired it in favour of OSNAP
but if you cant get OSNAP then snap will do fine. The programs allows you
to click on some text anywhere on the screen and copy it into a buffer and
then paste it somewhere else as if you had keyed it in by hand. The
programs have many uses including using them from inside a modem package to
quote other messages back at people. But from monam I use it for enterring
in hex numbers for me. You will have noticed I have a reel hatrid with hex
numbers and will do anyt
hing to get away from keying them in includeing
using the memories as much as posible to store them. With both SNAP and
�OSNAP you can do things like see a BSR $12345 instruction and move the
mouse pointer to the line hold down the Amiga key and drag the pointer
accross the number and copy it into a buffer then you just go M (for change
window address) and press Amiga I to insert it into the line. You can grab
the numbers from anywhere. OSNAP is the same as snap with more features the
main feature I like is
the fact it has a history buffer on the strings it
is grabing. I use this to follow the flow of a program. You come to a BSR
so you grab the whole line with the BSR instruction in it and then single
step to the address it is going to then the next time you get another BSR
you grab it again and you carry on doing this until you decide you went the
wrong way and then you just list the lines you have been grabing and to go
back one call you just change to the address at the start of the line.
FunToHack