Decompiling a 1990 DOS application

Question

I have some crucial data written decades ago by an ancient 16bit DOS application. There are no docs, no source, and no information about the author. Just the 16 bit exe. I guess it's time for me to learn how to decompile stuff, since it seems the only way to restore file format. I've tried OllyDbg, it looks really great, but it can't 16 bit.

So, is there a disassembler/debugger capable of working with such executables? Thanks.

UPD: I know DOSbox, the app runs in it all right. The problem is, I don't need to run it, I need to understand the file format in which it writes data. Or maybe I don't know something about DOSbox and it can run as a debugger/decompiler as well? Or do you mean starting some old 16bit DOS debugger/decompiler in DOSbox? The latter sounds like an idea, but could you please name a decent DOS debugger, then?

Answer 1

disassembling tool:

use IDA Freeware https://www.hex-rays.com/products/ida/support/download_freeware.shtml you won't find any better tool for reversing - even for old dos programs :)

most other tools are only capable of doing disassembling for 32bit and don't reach in any way the analyze features of IDA - its the gold standard tool of reverse engineering

debugger: dosbox got its own builtin debugger (reachable through the "debug" command on command line) but you need to build your own version of dosbox with activated debugger (oder better heavy-debug) see: http://www.vogons.org/viewtopic.php?t=3944

or if you got a ida licence with the sdk there is an dosbox<->ida-debugger plugin available currently linux only https://github.com/wjp/idados

file format: do you know what the file contains (what do you want from the file) very complex information or "just" some lists of values?

maybe its better to start here with an hex-editor (http://mh-nexus.de/de/hxd/) and known result-values to compare

what program uses the data currently (or only the program itself)? maybe its possible to understand how the data is read in this program?

program itself: how large is the exe? console program or a big super gfx power app? real 16bit or 32bit with dos-extender? a single exe or overlays(dos-dlls)?

can you give access to the executable?

your turn

Answer 2

You're looking for IDA. It's the de-facto disassembler for pretty much anything.

You can get more help on this at https://reverseengineering.stackexchange.com/