home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Aminet 5
/
Aminet 5 - March 1995.iso
/
Aminet
/
util
/
virus
/
BBBF107.lha
/
BBBF107_31
/
Programmers
/
BootblockLibrary.doc
next >
Wrap
Text File
|
1994-06-07
|
13KB
|
379 lines
Bootblock.library
version 3.1
3324 bytes
Released the 26th of June 1993
Programmed by Johan Eliasson, SHI member.
Copyright © Safe Hex International 1992, 1993, 1994.
INTRODUCTION
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The Bootblock.library/brainfile is an attempt to make life a little
bit easier for programmers of anti-virus utilities, diskcopy programs,
directory utilities, disk packers and for whoever who wants to check the
bootblock of some device, and of course for you, the user, who are dead-
tired of those %$£&%$& viruses...
The library has some easy-to-use functions to read the brainfile, and to
check a bootblock with it. The brainfile will be kept in memory for
you by the library, so that more than one program can use it simultaneously.
I know this doc is short, but take a look at my CheckDrive.c source
and you will get it. If not, write me a letter!
Each bootblock is identified with a checksum of four strategically chosen
longwords.
I have about 600+ non-virus-bootblocks that I check every new version
of the brainfile with, and so far there has been no false alarms!
Note that this is not a standard auto-doc file. It is typed by hand!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
LEGAL STUFF
~~~~~~~~~~~
The BBBF package is freely distributable as long as all of its files are
included in their original form without additions, deletions, or
modifications of any kind, with the following exception:
If your program uses the Bootblock.library/Bootblock.brainfile then they
may be distributed along with it.
If you use this library in your program you must give credit to SHI (like
the note below) and the programmer in your documentation.
The BBBF package may not be used in a commercial program without written
permission by Safe Hex International.
Only a nominal fee (maximum 6$) may be charged for the distribution of BBBF.
This software is provided "AS IS" without warranty of any kind, either
expressed or implied. By using the BBBF package, you agree to accept the
entire risk as to the quality and performance of the program.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
A note about Safe Hex International:
If you know a virus programmer you can get a reward of $ 1000 for
supplying his name and address. The fact is that the law punishes data
crime very severely. (5 years in jail in most countries).
We are an international group with more than 250 members who have started
trying to stop the spread of virus. Let me give you some example:
1. Our motto is: "Safe Hex", who dares do anything else today?".
2. A virus bank containing all well known virus killer programmes.
3. We help people to get money back lost by virus infection.
4. We write articles about virus problems for 8 magazines.
5. We release the newest and the best virus killers around.
6. We have more than 20 "Virus Centers" worldwide where you
can get free virus help by phoning our "Hotline", and the
newest killers translated n your own language at very little
cost.
For more information contact:
SAFE HEX INTERNATIONAL (Please send a "Coupon-Response
Erik Loevendahl Soerensen International" and a self addres-
Snaphanevej 10 sed envelope, if you want infor-
DK-4720 Praestoe mation about SHI by letter).
Denmark
Phone: + 45 55 99 25 12
Fax : + 45 55 99 34 98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
TABLE OF CONTENTS
Bootblock.library/ReadBBBF
Bootblock.library/FreeBBBF
Bootblock.library/CheckBoot
Bootblock.library/GetBBBFInfo
Bootblock.library/ListBBBF
Bootblock.library/ReadBoot
Bootblock.library/WriteBoot
Bootblock.library/InstallBoot
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Bootblock.library/ReadBBBF
result = ReadBBBF(name);
long ReadBBBF(char *);
A0
DESCRIPTION
Will read the Bootblock.brainfile from name, and keep it in memory
for you until you FreeBBBF() it.
INPUTS
name = "L:Bootblock.brainfile" or wherever you want to load it from.
RESULT
result = errorcode.
if result > 0 then result is the code returned by IoErr() in case
of an IO error.
if result = 0 then the brainfile is successfully loaded and
everything's fine.
if result = -1 It was no brainfile...strange...
-2 Corrupted brainfile. Someone has fiddled with it.
-3 Already loaded by someone else!
-4 No memory for brainfile. Free some and try again...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Bootblock.library/FreeBBBF
result = FreeBBBF();
void FreeBBBF(void);
DESCRIPTION
Will free the memory used for the brainfile, ie. unload it.
If the brainfile is not loaded the function will just return.
You don't HAVE to do this. If you don't, it will be done when
the library is flushed.
INPUTS
none
RESULT
none
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Bootblock.library/CheckBoot
Boot = CheckBoot(buffer,&status);
struct Bootblock *CheckBoot(char *,ULONG);
A0 A1
DESCRIPTION
INPUTS
buffer = simply the bootblock that you want to check.
status = address of an ULONG. Status will afterwards contain one
of the following values:
-1 : Error - The brainfile is not loaded.
0 : The bootblock is unknown.
1 : The bootblock is a virus! Kill it!
2 : The bootblock is not bootable...
RESULT
Boot Bootblock struct that contains the name of the bootblock etc.
If status != 1 then Boot will be NULL.
NOTES
If the bootblock is a virus, then you'll have to append ' virus!' to
the name from the Bootblock struct. It saved me quite a lot of bytes
in the brainfile. 200 ' virus!' would be 1400 bytes...
I hope you don't mind! 8-)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Bootblock.library/GetBBBFInfo
result = GetBBBFInfo(&virus,version);
long GetBBBFInfo(USHORT,char[30]);
A0 A1
DESCRIPTION
INPUTS
virus = will be the number of viruses known to this brainfile.
version = string that will contain the brainfile version-string,
without the '$VER: '.
RESULT
result If result == -1 then the brainfile is not loaded.
If success then result will be 0.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Bootblock.library/ListBBBF
Boot = ListBBBF()
struct Bootblock *ListBBBF(void)
DESCRIPTION
This function returns the pointer to the first Bootblock structure.
Useful for listing all known bootblocks etc.
INPUTS
none
RESULT
Boot Pointer to the first Bootblock structure, or
NULL == the brainfile is not loaded.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Bootblock.library/ReadBoot
result = ReadBoot(drive,buffer);
ULONG ReadBoot(ULONG,char *);
D0 A0
DESCRIPTION
This function will read the bootblock from the desired drive,
using the trackdisk.device and CMD_READ.
INPUTS
drive = drive number (0-3)
buffer = the destination of the bootblock. Must be at least 1024
bytes. Note that it must be in chip ram if running
under kickstart V36 or below.
RESULT
result = either NULL = success,
or an errorcode returned by IoErr(),
Can occur during the OpenDevice() (see <exec/errors.h>
or the bootread (see <devices/trackdisk.h>)
It can also be 103 (out of memory).
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Bootblock.library/WriteBoot
result = WriteBoot(drive,buffer);
ULONG WriteBoot(ULONG,char *);
D0 A0
DESCRIPTION
This function will write the bootblock to the selected drive.
INPUTS
drive = drive number (0-3)
buffer = the bootblock. Note that it must be in chip ram if running
under kickstart V36 or below.
RESULT
result = either NULL = success,
or an errorcode returned by IoErr(),
Can occur during the OpenDevice() (see <exec/errors.h>
or the bootwrite (see <devices/trackdisk.h>)
It can also be 103 (out of memory).
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Bootblock.library/InstallBoot
result = InstallBoot(drive,bootnumber);
long = InstallBoot(ULONG,USHORT)
D0 D1
DESCRIPTION
This function will install an AmigaDOS bootblock to the selected drive.
INPUTS
drive : drive number (0-3)
bootnumber : 0 = 1.x OFS
1 = 1.3 FFS
2 = 2.0 OFS
3 = 2.0 FFS
4 = 2.0 OFS International
5 = 2.0 FFS International
6 = 3.0 OFS DirCache
7 = 3.0 FFS DirCache
RESULT
result : either NULL = success,
or an errorcode returned by IoErr(),
Can occur during the OpenDevice() (see <exec/errors.h>
or the bootwrite (see <devices/trackdisk.h>)
It can also be 103 (out of memory),
or -99 = illegal bootnumber (must be 0 - 7).
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
LIBRARY HISTORY
~~~~~~~~~~~~~~~
Version 0.9 beta
~~~~~~~~~~~~~~~~
First version.
Version 0.91 beta
~~~~~~~~~~~~~~~~~
Removed all non-virus bootblocks from the brainfile upon request from
Erik Loevendahl Soerensen. Now you will only be alerted if the bootblock
contains a virus, anti-virus, or any other suspicious resident program.
This is for speed and so that the user won't be bothered with messages
like 'This bootblock is the MegaSuperDemoLoader 32.84' all the time.
The GetBBBFInfo() function is changed accordingly.
I have tried to clean up this doc a bit too. There were a few obvious
mistakes that I guess you spotted.
BBBF now knows 171 original viruses, and a vast number of clones.
Version 0.92 beta (15.10.92)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
V 0.91 didn't recognize the Chameleon (little Sven) virus correctly.
Instead of adding a short piece of code to deal with that, I rewrote
the complete brainfile-system, so it will be easier to add new viruses
to the brainfile from now on. As a result of that, the Bootblock structure
has changed a bit. Also, ReadBBBF() and CheckBoot() are a little bit slower,
and the brainfile is 656 bytes bigger......but a lot safer!
BBBF now knows 164 original viruses, and a vast number + 7 clones.
Version 0.93 beta (05.11.92)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Bug fix: If the brainfile-reading was interrupted due to lack of memory,
the already allocated memory would not be freed correctly.
Version 1.0 (11.11.92)
~~~~~~~~~~~~~~~~~~~~~~
New function - ReadBoot().
I also optimized the library down to 2876 bytes!
Version 1.01 (12.12.92)
~~~~~~~~~~~~~~~~~~~~~~~
Now you don't HAVE to free the memory with FreeBBBF() when you exit.
If you don't, it will be freed automagically when the library is flushed.
Version 2.00 (16.12.92)
~~~~~~~~~~~~~~~~~~~~~~~
New function - WriteBoot().
I learned that OpenLibrary() is case-sensitive. And I have spelled
Bootblock.library with a capital B... so if your OpenLibrary() fails,
that might be the cause...
Version 3.00 (02.03.93)
~~~~~~~~~~~~~~~~~~~~~~~
New function - InstallBoot()
Version 3.1 (26.06.93)
~~~~~~~~~~~~~~~~~~~~~~
Corrected the version-string as you can see.
Changed a few other internal things.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Please, I need your opinions! Even if you have no complaints nor ideas
it's nice just to hear that it works... 8-)
Send new viruses, ideas, threats and harddrives to:
Johan Eliasson Phone: +46 11 169138
Bäckgatan 6
60358 Norrköping
SWEDEN
Thanks goes to Magnus Holmgren and Tommy Hallgren for helping out with my
C problems, Tommy Hallgren and Mats Erlandsson for testing!
Erik Loevendahl Soerensen at SHI for all his support.
John Lohmeyer, whose Interpret.library I used as a model when designing
this library. Thanks guys!
END OF DOC.
