Puppy Linux Discussion Forum

[Mark L]

What's the simplest way to read the contents of the master boot record (MBR)? Should I be able to view the contents using a read-only command from a console (newbie here)? If so, how do I do that?

Mark L

[rarsa]

I don't know about the simplest. And I don't know that as a newbie you will make any sense of the boot record. In any case, I think this will work:

[Sage]

You can inspect MBR from a Disk Editor like Norton running out of DOS. You can even change it, if you know how - most folk don't!

[Flash]

[kethd]

I've been learning how to deal with the first sector. (I've learned ways to find out what is really there.) If you are dealing with the MBR, I've gathered what I've learned so far here:
http://puppylinux.org/wikka/Sector0
(Please add what you learn, so we can all learn!)

-------
Sector0

Sector 0 is the first sector of the Hard Disk Drive.
Absolute (or Physical) Sector 0 is at CHS 0,0,1.

It contains the Partition Table, which is four 16-byte entries, starting at location 01BE.
The Partition Table can be viewed (and changed) with Pdisk, fdisk, and cfdisk.

The last two bytes, at location 01FE, should always be 55 AA.
This is called the Signature ID or Magic Number.

The first 446 bytes of the MBR is the IPL (Initial Program Loader) or boot code. This searches the partition table for an active partition and then loads the first sector of that partition in to memory, and starts executing its code. If the IPL is damaged or missing, the MBR cannot boot an otherwise undamaged disk, even if the partition table is intact. (But booting from a floppy or other device should allow access to the drive and its partitions -- if the partition table is OK.)

Use the Linux utility hexdump to view the contents of Sector 0.

Learn all about the details of this code at
http://thestarman.dan123.com/asm/mbr/MBR_in_detail.htm
Daniel B. Sedory dis-assembles and analyzes each version of boot code!

Unfortunately, Puppy 1.0.6. and previous versions are missing hexdump. (It is rumored to be returning in Puppy 1.0.7.) But dd and awk are present, and can be used to find out what IPL is actually present.

This code can be used from the console command line:
# dd if=/dev/hda bs=512 count=1 | awk 'BEGIN {RS="GRUB"} {printf "%X\n", length($0)}'
1+0 records in
1+0 records out
179
83

dd reads the first 512 byte sector from the hard drive.
awk searches for the string "GRUB", and prints out the location (in hexadecimal).
This example shows a normal GRUB installation, at hex location 0179. Other versions of GRUB might locate at 0176. (The 83 is the number of bytes remaining, from the end of the found string to the end of the sector.)

If there is no GRUB, the program would print just one number, 200 (that equals 512 bytes, in hex). Replace "GRUB" with "LILO" -- that would be located at 0006.

To find out if Windows is installed, replace "GRUB" with "Invalid", the beginning of an error message that is included in all DOS/Windows IPLs, at these locations:
008B - MS-DOS3.30/Win95A
010F - Win95B/98/98SE/ME
012C - Win2000/XP

[rarsa]

[kethd]

Programs for viewing the MBR and Partition Table:
http://puppylinux.org/wikka/hexdumpBASIC

[greengeek]

sorry, only posting so that I can get this topic into my current watchlist. (I think I may have a problem with correct creation of mbr or maybe partition table)