📄 ravkeyb.asm
字号:
;本程序为破解瑞星软盘的程序,适用于最新版
; build with:
; nasm -f bin -o ravkeyb.com ravkeyb.asm
BITS 16
ORG 0x100
SECTION .text
jmp start ;
start mov dx,insert_disk
mov ah,0x9
int 0x21 ;显示信息insert_disk
mov ah,0x0
int 0x16 ;键盘输入
cmp ax,0x11b ;比较是否ESC键
jnz .not_esc ;不是,则跳
mov ax,0x4c00
int 0x21 ;是,则返回DOS
.not_esc mov dx,making_fingers
mov ah,0x9
int 0x21 ;显示信息making_fingers
call store_int78 ;调用子程序,保存并修改int78
call check_floppy ;调用子程序,测试软驱是否有盘
jc end ;CF置位,则跳出错信息
xor ax,ax
int 0x13 ;软驱复位
mov cx,0x3 ;设置格式化次数CX为3次
.loop1 push cx ;将次数压入堆栈
mov bx,format_data1 ;装入磁道地址
mov dh,0x0 ;装入磁头号
mov dl,[drive_id] ;装入驱动器号
mov cx,0x4f01 ;装入磁道号4F,开始扇区号01
mov ah,0x5 ;AH=5H功能,格式化磁道
mov al,[fan_num] ;装入扇区数
int 0x13 ;调用13H中断
pop cx ;弹出格式化次数
cmp ah,0x0 ;比较是否软驱
jz .is_floppy ;是,则跳转
cmp ah,0x80 ;比较是否硬盘
jz .is_density ;是,则跳转
loop .loop1 ;重试
jmp short .failed ;跳转至显示出错信息
nop ;空操作
.is_density mov dx,not_ready
mov ah,0x9
int 0x21 ;显示驱动器没有准备好
jmp short end ;跳转至结束
nop
.is_floppy xor ax,ax
int 0x13 ;软驱复位
mov cx,0x3 ;设置格式化次数CX为3次
.loop2 push cx
mov bx,format_data2
mov dh,0x1
mov dl,[drive_id]
mov cx,0x4f01
mov ah,0x5
mov al,[fan_num]
int 0x13 ;继续格式化磁道
pop cx
cmp ah,0x0 ;比较是否软盘
jz .sucess ;是,则跳转
loop .loop2 ;重试
jmp short .failed ;跳转至显示出错信息
nop
.sucess mov dx,label0
mov ah,0x9
int 0x21 ;显示信息label0
mov dx,done
mov ah,0x9
int 0x21 ;显示信息done
jmp short end ;跳转至结束
nop
.failed mov dx,failed
mov ah,0x9
int 0x21 ;显示信息failed
end call restore_int78 ;调用子程序,恢复int78
mov dx,thank_you
mov ah,0x9
int 0x21 ;显示信息thank_you
mov ah,0x4c
int 0x21 ;主程序结束,返回DOS
store_int78 push ds
push si ;保存调用现场
mov ax,0x0
mov ds,ax ;将0000装入DS段
mov si,0x78 ;置偏移地址为0078
lodsw ;读0000:0078处的字入AX
push ax ;将AX内容压入堆栈
lodsw ;读0000:007b处的字入AX
mov ds,ax ;将AX内容装入DS段
pop si ;弹出压入的偏移地址
mov ax,[si+0x3] ;将0000:0078指向的地址偏移3内容装入AX
mov [cs:data1],ax ;将AX内容保存在data1处
mov word [si+0x3],0x900 ;将0x900装入上述存储区
mov al,[si+0x7] ;将0000:0078指向的地址偏移7内容装入AL
mov [cs:data2],al ;将AX内容保存在data2处
mov byte [si+0x7],0x6c ;将0x6c装入上述存储区
pop si
pop ds ;弹出调用现场
ret ;子程序返回
data1 dw 0x0
data2 dw 0x0 ;此处四个字节为临时存储区
restore_int78 push ds
push si
mov ax,0x0
mov ds,ax ;将0000装入DS段
mov si,0x78 ;置偏移地址为0078
lodsw ;读0000:0078处的字入AX
push ax ;将AX内容压入堆栈
lodsw ;读0000:007b处的字入AX
mov ds,ax ;将AX内容装入DS段
pop si ;弹出压入的偏移地址
mov ax,[cs:data1] ;将保存在data1处内容送入AX
mov [si+0x3],ax ;将AX内容保存在0000:0078指向地址偏移3处
mov al,[cs:data2] ;将保存在data2处内容送入AL
mov [si+0x7],al ;将AL内容保存在0000:0078指向地址偏移3处
pop si
pop ds ;弹出调用现场
ret ;子程序返回
check_floppy mov ah,0x8 ;置测试功能8H
mov dx,0x0 ;0头A驱
int 0x13 ;调用13H中断
push cs
pop es ;装当前代码段地址至附加段ES
cmp bl,0x4 ;测试BL是否为4H
jnz .not_floppya ;不是,则跳转
mov byte [drive_id],0x0 ;置驱动器号为0,即A驱
jmp short .clear_cf ;跳转至清CF位
nop
.not_floppya mov ah,0x8
mov dx,0x1 ;0头A驱
int 0x13 ;调用13H中断
push cs
pop es
cmp bl,0x4 ;测试BL是否为4H
mov byte [drive_id],0x1 ;置驱动器号为1,即B驱
jz .clear_cf ;跳转至清CF位
jmp short .set_cf ;跳转至置CF位
nop
.clear_cf clc ;清CF位
ret ;子程序返回
.set_cf mov dx,not_support
mov ah,0x9
int 0x21 ;显示信息not_support
stc ;置CF位
ret ;子程序返回
SECTION .data
insert_disk db 'Rising Anti-Virus Key-Disk Maker 3.0',0xd,0xa,0xd,0xa,
db 'Please insert target disk into drive.',0xd,0xa,
db 'Press any key to continue,ESC to quit.',0xd,0xa,'$'
label0 db '...','$'
done db 'Done!',0xd,0xa,
db 'All done very well,It is OK!',0xd,0xa,'$'
failed db 0xd,0xa,'Failed!Please insert another disk to try again',0xd,0xa,'$'
making_fingers db 0xd,0xa,'Making fingers ...','$'
not_ready db 0xd,0xa,'Disk is not ready!Please try again!',0xd,0xa,'$'
not_support db 0xd,0xa,'Disk is not support 1.44MB floppy!',0xd,0xa,'$'
thank_you db 0xd,0xa,'Thank You,Welcome to http://www.xh.js.cn!',0xd,0xa,'$'
format_data2 db 0x4f,0x0,0x1,0x2,0x4f,0x0,0x2,0x2,0x4f,0x1,0x3,0x2,
db 0x4f,0x0,0xa7,0x2,0x4f,0x1,0x1,0x2,0x4f,0x1,0xbc,0x2,
db 0x4f,0x0,0xe,0x2,0x4,0x1,0x8,0x2,0x4f,0x1,0x67,0x2
format_data1 db 0x4f,0x0,0x1,0x2,0x4f,0x0,0x2,0x2,0x4f,0x0,0x3,0x2,
db 0x4f,0x0,0xa7,0x2,0x4f,0x0,0xd1,0x2,0x4f,0x0,0xbc,0x2,
db 0x4f,0x0,0xe,0x2,0x4f,0x0,0x8,0x2,0x4f,0x4f,0x0,0x9,0x2
fan_num db 0x9
drive_id db 0x0⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -