Libris Britannia 4

home *** CD-ROM | disk | FTP | other *** search

/ Libris Britannia 4 / science library(b).zip / science library(b) / INFO / DOSTIPS3.ZIP / DOSSCTY.TXT < prev next >

Wrap

Text File | 1985-11-24 | 8KB | 185 lines

Come Out of Hiding (PC Magazine Vol 4 No 22 October 29, 1985 PC Tutor) Copy-protected software that can be installed on a hard disk often creates "hidden" files. These files do not show up in a DIR listing, so they cannot be deleted with the DEL command, but they prevent RMDIR from removing the directory. You can see these files by running CHKDSK with the /V parameter. Microsoft Word's installation program creates four hidden files in a subdirectory names \MSTOOLS. These are MW.COM, MW.COD, MW.DAT and MWA. REVEAL.COM, created with DEBUG, will turn hidden files into normal files. You can then delete them. When running REVEAL, one and only one space must separate the word REVEAL from the filename (with optional drive and path indicators), thus: REVEAL C:\MSTOOLS\MW.COM The program does not report errors -- if you see the file when you do a DIR listing, you know the program worked. To summarize: run CHKDSK/V to see the hidden files; use REVEAL to change them to normal files; get rid of them with DEL; and finally remove the subdirectory with RMDIR. You must use this technique with caution for other copy-protected programs. Since some such programs cannot be installed on a hard disk a second time, you should be absolutely sure that removing the hidden files from your hard disk is really what you want. A>DEBUG -A 100 xxxx:0100 MOV SI,0080 xxxx:0103 MOV BL,[SI] xxxx:0105 SUB BH,BH xxxx:0107 MOV BP [SI+BX+1],0 xxxx:010C MOV DX,0082 xxxx:010F MOV CX,0000 xxxx:0112 MOV AL,01 xxxx:0114 MOV AH,43 xxxx:0116 INT 21 xxxx:0118 INT 20 xxxx:011A -N REVEAL.COM -R CX CX 0000 :001A -W Writing 001A bytes -Q ----------------------------------------------------------------- File Protector (PC Magazine Vol 4 No 25 Dec 10, 1985 User-to-User) Hidden files are immune to deletion, but they're also invisible to the DIR command, and you can't tell that they're there unless you have access to a special utility. The routine below uses DOS Interrupt 43h to alter the attribute byte of a file and make it read-only. The protection is not infallible (you can easily write over a file with a program that has the same name). However, any file protected this way can be listed by DIR but is invisible to the DEL command. This trick protects files only; to create another utility that will unprotect them, change the MOV CX,21 line to MOV CX,20 and the N PERM.COM line to N UNPERM.COM. If you turn on the hidden file attribute for a subdirectory entry, the subdirectory remains hidden to casual users, but you can still CD to it, add or delete files in it, place it on your PATH, and execute programs in it from other subdirectories. This can be useful when you want to keep several programs in a semi-protected state. Editor's Note: You don't need a special utility to see what hidden files are on your disk. Just type CHKDSK/V and they'll all show up (along with all the other files on your disk). To create the PERM.COM and UNPERM.COM files, type the instructions into a file called SCRIPT, then make the two changes in the text above and create another file called SCRIPT2. Then use DEBUG 2.0 or later and type DEBUG < SCRIPT. Then, on the next line, type DEBUG < SCRIPT2 to create the files. To use them, type PERM filename to protect the file, and UNPERM filename to unprotect it. Trying to delete a PERMed file will result in the message, "Access denied." A 100 MOV BX,80 INC BX CMP BYTE PTR [BX],20 JZ 103 MOV DX,BX INC BX CMP BYTE PTR [BX],0D JZ 116 CMP BYTE PTR [BX],20 JNZ 10B MOV BYTE PTR [BX],0 MOV CX,21 (Change to MOV CX,20 for UNPERM.COM) MOV AL,1 MOV AH,43 INT 21 INT 20 RCX 24 N PERM.COM (Change to N UNPERM.COM for UNPERM.COM) W Q ----------------------------------------------------------------- Security Trick (PC Magazine Vol 4 No 24 Nov 26, 1985 User-to-User) It's fairly simple to prevent a nonexpert from using your system. The trick involves using DEBUG to patch COMMAND.COM. When DOS boots, it looks to see whether an AUTOEXEC.BAT file is in your root directory; if it is, DOS passes control to it. So the first thing you have to do is patch COMMAND.COM so it looks for another .BAT file, such as SAMPLE.BAT: DEBUG COMMAND.COM E 1078 "SAMPLE.BAT " W Q Note that there are two blank spaces between the .BAT and the second set of quotation marks. These spaces are needed, since SAMPLE.BAT is two letters shorter than AUTOEXEC.BAT. If the name of your new boot program is shorter than 11 characters (actually 12 including the period), be sure to pad the new name with enough extra spaces to add up to all 12 characters. An example of a new SAMPLE.BAT boot program that would shock an unauthorized user is: ECHO OFF CLS ECHO Unauthorized Access !! ECHO Damage will result ECHO if you do not turn ECHO this computer off ECHO immediately !! ECHO 5 ECHO 4 ECHO 3 ECHO 2 ECHO 1 ECHO 0 CLS PROMPT Error If the user manages to get through this shock, further tricks can thwart access to your files. Since the first thing most users do with an unfamiliar system is execute a DIR command, you can alter COMMAND.COM to change DIR to CAT (for CATalog), and change the error message that will result when DOS sees the now unknown command DIR. At the DOS prompt, type: DEBUG COMMAND.COM E 3ADD "CAT" E 367C "Unauthorized Access ! " W Q As with the previous example, if your new message is shorter than the existing one, add trailing blanks. You can use the CAT command yourself to replace the standard DIR command; all an unauthorized user will get by typing in DIR is an "Error" prompt and the new error message you've created. Editor's Note: The addresses given above are for DOS 2.1 only, but it's simple to use the DEBUG S (Search) command to find the patching locations in other versions of DOS. First type: DEBUG COMMAND.COM. At the DEBUG prompt, type RXC <Enter>. DEBUG will print out the length of your COMMAND.COM file in hex notation. Hit the Enter key again to get the prompt back. Then, to search for the location of AUTOEXEC.BAT, type: S 100 xxxx "AUTOEXEC" (but be sure to substitute the hex length RCX specified in place of the xxxx). Use the same trick to search for the DIR command and the "Bad command or filename" message. DEBUG will search through your file and print out the address of any matching strings of characters it finds. In the case of something liek DIR, it will find several occurrences, so you have to figure out which one to replace. You can do this by using the DEBUG D (Dump) command. Just type D yyyy (substituting an address the S command specified in place of the yyyy). The proper DIR is the one immediately followed by other DOS commands such as RENAME and REN. In DOS 3.1, for instance, AUTOEXEC.BAT is at address 130F, DIR at 4D11, and the "Bad command ..." message at 4750. Using the PROMPT Error trick is indeed nasty, but especially with a fast machine like the AT, the SAMPLE.BAT batch file goes by almost too quickly to read. In addition, the initial ECHO OFF is a tipoff that a batch file is doing the mischief. This trick is presumably for a hard disk system; all an experienced user has to do to circumvent it is stick a normal DOS disk in drive A: and boot the system with a conventional COMMAND.COM. Still, the CAT trick is a good one, and it will keep the quick snoops away.