SoftICE
I used SoftICE to debug a multitasking IVR application I'd written in C/C++ with a stack-switching kernel on top of MS-DOS :) Great project, but it would crash once or twice a day on both the test machines we had. Couldn't figure out why. Went through the code with a fine-tooth comb, still at a total loss.
Enter Soft-ICE. Within a week I found that Soft ICE wouldn't interrupt in the hung state. That started making us suspicious that it might not be just our code.
What do you know -- both test machines (though otherwise completely different) had the same cheap $5 ripoff network card. These were causing the crashes.
Replaced those and the software worked perfectly -- ran 24/7 for 3 years without a hitch. The one time it did stop, was the NetWare stack crashing underneath.
So that's my SoftICE story :)
For those that like the history of the Cracking scene - there was a set of binary-patching SoftICE extensions called "nticedump" and "icedump". They were pretty nuts, too - one reverse engineer got annoyed by his music playback stopping when he was in SoftICE, so he hacked an MP3 player into the SoftICE driver.
http://n8on.free.fr/hackzines/bhz/7/crackingbeginner3.txt
There was also in-SoftICE tetris.
I used SoftICE extensively from 96-00'-ish ... to the extent that as a teenager I had single-step dreams and dreams where I tried to hit CTRL-D.
There is a similar approach for a modern age - use the hypervisor for the debugger agent. The application called HDBG[1]. It was never production-ready though, so not so famous. Another similar application is PulseDBG[2]. It's not exactly like SoftICE, but allows you to observe the execution process locally[3], which is sometimes enough.
[1] http://fdbg.x86asm.net/hdbg/hdbg.html
[2] https://github.com/honorarybot/PulseDbg
[3] https://github.com/honorarybot/PulseDbg/wiki/8.-Local-debugg...
Oh man, SoftICE was the shit. It was a bit inconvenient to have to reboot with it enabled, but it allowed you to debug things no other debugger did.
I was equally impressed with OllyDBG later on, it was more convenient (if less powerful but always seemed like amazing software for just one author.
This part of the explanation of what happened to it is extremely unsatisfying:
>As of April 3, 2006 the DriverStudio product family has been discontinued because of "a variety of technical and business issues as well as general market conditions". Maintenance support was offered until March 31, 2007.
From reading about SoftICE, it seems to have been doing what other debuggers could not. So how could they not find enough customers to keep it going? Does anyone know what actually happened?
I recall those lessons for script-kiddies “Crack [software name here] with SoftICE” in early 2000s.
It was the Hercules monitor support that had those amber fossils still sitting on the desks of every video card driver authors desks (and games programmers too) into the late nineties. VxD dot commands allowed you to extend and use a plethora of debug commands beyond the built in. Once Windows had working multimonitor support, that crucial aspect of Softice's utility was no longer unique.
I used this, and you had that kind of power over the machine only in the low-end architectures, Z80, 6502 and on the enterprise, on IBM mainframes, to breakpoint and stop and look at what the processors was doing. Of course, you still can do the same thing on mainframes, but we are forgetting that in the end, on our X64 machines, that we are all running machine code.
Oh my I remember friends debugging Windows device drivers with SoftICE, that was hardcore.
Who else had a monochrome monitor to display Soft-ICE info while debugging video-intensive programs? Text at B000:0000 instead of B800:0000.
I used it for only one task but it was worth the price anyway--I needed support for both VGA and monochrome on the same machine. As the years went by there were fewer and fewer monochrome cards and the cards became worse and worse at playing nice together. It eventually reached the point where we couldn't find any that would behave--I ended up stepping through the initialization code for the monochrome (which was in ROM, no breakpoints otherwise) and noting exactly what it told the card and reproducing that in my code. (By then 100% of my screen writing was in my code, the lack of that capability didn't matter.)
btw, there was also a Syser debugger, developed as a replacement for SoftICE, I never used it, except playing with it a little, few years ago, it was nice experience.
Although I heard they stopped the development, a little google -ing found a page with fresh release and win10 support claim, but I have no idea, how the legitimate is it https://qpdownload.com/syser-debugger/
also there is rewriting project on github, with last commit from 5th June, 2019 https://github.com/marakew/syser
Would appreciate to hear any info about current status of Syser
UPDATE: Just FYI, after lurking a bit over the github repo and associated links, found that gihub repo maintainer seems to be a pretty qualified reverse engineer, for example, he made his own independent skype protocol reconstruction (https://marakew.github.io) and the README.md in gihub repo say, that Syser sources were lost due to the corrupt flash drive, so I guess he was one of the (author?) developers of Syser.
Still would be happy to hear more, if somebody know the full story.
Nothing like a kernel mode mp3 player to listen to music while you step through assembly and see some very colorful symbol names of windows internals.
If SoftICE, then not without its awesome addon IceExt - https://sourceforge.net/projects/iceext/
It had a kernel-mode mp3 player so that you could shred software protections while listening to your favorite music (among other cool features of course)
What modern debuggers/tool can do what SoftICE did? How do you debug services and device drivers modern Windows?
SoftICE being called ancient really amuses me. I recall my childhood in the 90s/00s learning how software and game activation codes work, and how to bypass them using SoftICE, it was really quite sad that it didn't go beyond XP.
Periscope represent!!!
Probably the best software I had ever used.
As a debugger you could automate everything and catch any error in existence. It made myself hundreds of times more productive.
I maintained a Windows partition just for using it. I used Linux and mac but I usually debuged my programs on SoftIce under Windows. I had to port all my programs to use it. It was that good.
I learned how to use it from a cracking group. It took a long time to be proficient at it, but even to this day lldb or gdb or anything in Windows can't come close of what SoftIce could do.
Mucking around with SoftICE was essential to my understanding of reverse engineering and low-level programming. It was an amazing piece of software, as was all the other NuMega products!
That feeling when you are pressing SoftIce popup hotkey and guessing will application survive or not. then your computer just freeze :D just old good times
Learned SoftICE at my first job out of university, writing Windows device drivers. I also object to the “ancient” designation!
Seriously the coolest tool to tinker with in my youth. Gave you so much control. It felt like magic to halt execution of a DOS program to inspect exactly what it's doing instruction by instruction, patching code or injecting chunks of self-modifying code.
That was long time ago when NuMEGA was make really great software!
This is a piece of computer history. They should release it as open source. Get some free publicity for whatever their actual revenue-generating products are.
Not strictly related to SoftICE but those days make me reminisce about another useful tool, “Sourcer” from V Communications, anyone remember that?
I still remember those times when I forgot to switch SoftICE off and whenever Windows fucked up I ended up in SoftICE's debugger.
The good old days. SoftICE for me was essentially the OS, and Windows was just a GUI around it. Windows without SoftICE felt... empty
A really nice tool for debugging Windows drivers. God knows you needed all the help you could get :-)
I remember using it on the 90's to crack Space Empires III
On the Amiga, hrtmon.
Hmm...I remember a time before "realICE".
Ancient? I'm feeling a little old now.
I've always felt like I have neglected debuggers to my own detriment. Print debugging is just very convenient and once you get in that habit it's hard to stop. On rare occasions where I didn't know where in the code or in the system to start they've always shined.
Ancient!? shiiiit, im old ;-D how about AFD/SFD then? https://vulms.vu.edu.pk/Courses/CS401/Downloads/AFD_Tutorial...
Ancient? Ughh. I remember using SoftICE to cheat in games back in the 1990’s. Wonderful software, I wish I would’ve been knowledgeable to do something more useful than making myself invincible in Mortal Kombat or giving my characters super powers in UFO: Enemy Unknown (aka: X-Com outside North America).
This was a great learning tool to understand how programs actually allocate and use memory. Long before I had taken an architecture class and understood big endian and little endian, I had learned all about it by searching for values in memory. From there you could basically deconstruct the C structs used to handle the memory and then write a pretty simple TSR to cheat the heck out of DOS games. If I recall correctly, at least some of the time I was even able to use it to cheat at APCIDoom - which was a specialized launcher for Doom that let you play four player deathmatches through your local multi-line BBS.