A deep technical exploration of how to detect DOSBox from within the emulator itself. The author discovers that DOSBox implements a custom, undocumented x86 opcode (FE /7) used internally for its callback mechanism in virtual programs like MOUNT.COM. By setting up an INT 06h (#UD) exception handler, code can test whether this secret instruction executes silently (DOSBox) or triggers an undefined opcode exception (real hardware or other emulators). The post also covers x86 instruction encoding details, a bug discovered in 86Box/PCem where FE group opcodes were mishandled, and briefly touches on detection methods for NTVDM, Win9x DOS prompt, and DOSEMU.
Table of contents
Easy Mode: The Correct WayInventing InstructionsDEBUGging x86The Finished Product(?)Sort: