📄 硬盘保护锁.txt
字号:
北亚科技&信息科技大学数据恢复服务中心 >>硬盘保护锁
| 网站首页 | 数据恢复资料 | 数据恢复软件 | 咨询留言 | 数据恢复论坛 |
您现在的位置: 北亚数据恢复技术站 >> 数据恢复资料 >> 相关编程资料 >> 文章正文
硬盘保护锁 热 ★★★【字体:小 大】
硬盘保护锁
作者:风般的男… 文章来源:本站成员原创 点击数:1196 更新时间:2004-4-20
[原创]硬盘保护锁
我在前一段时间写了一个硬盘锁,拿出来和大家交流交流,同时有个问题,希望大
家能帮我想想。
首先,大略介绍一下我的程序,我是用汇编写成,程序有2个文件:hdlock.exe
hdlock.dat ,其中hdlock.dat是我写的用于装入硬盘0柱0道1扇的硬盘锁,hdlock.exe实现
(1)把hdlock.dat装入硬盘0柱0道1扇并设置硬盘锁的密码,(2)修改密码,(3)卸载
硬盘锁
在此,先介绍一下 hdlock.dat,因为硬盘锁本身受空间限制,必须严格控制在1bdH
字节内,(知道为什么吗?)所以是不能用masm先写原程序,再编译,我基本上是用debug
的A命令一次性写出来的,我把这些反汇编了出来,加上一些注释,给大家看看,互相学习
吗。
;这一段是将整个硬盘锁从0000:7c00移至0000:0600,以免被后来读入的代码覆盖
0F6D:0100 1E PUSHDS
0F6D:0101 06 PUSHES
0F6D:0102 B90001 MOVCX,0100
0F6D:0105 BF0006 MOVDI,0600
0F6D:0108 B80000 MOVAX,0000
0F6D:010B 8ED8 MOVDS,AX
0F6D:010D 8EC0 MOVES,AX
0F6D:010F BE007C MOVSI,7C00
0F6D:0112 F2 REPNZ
0F6D:0113 A5 MOVSW
0F6D:0114 EA1A060000 JMP0000:061A ;长跳转至移动后的代码,也就是从011a处开始执行
0F6D:0119 90 NOP
0F6D:011A EB09 JMP0125 ;这一段是对屏幕进行初始化,显示字符串"PASSWORD"
0F6D:0125 B80006 MOVAX,0600
0F6D:0128 B7F0 MOVBH,F0
0F6D:012A B90000 MOVCX,0000
0F6D:012D BA4F18 MOVDX,184F
0F6D:0130 CD10 INT10 ;初始化屏幕(前景为黑色,背景为灰白,字符闪烁)
0F6D:0132 B21A MOVDL,1A
0F6D:0134 BE1C06 MOVSI,061C ;从061cH处显示字符(因为程序将被读入了0000:0600处,
;实际显示的也就是现在的11cH处开始的字符串)
0F6D:0137 B402 MOVAH,02
0F6D:0139 B610 MOVDH,10
0F6D:013B B700 MOVBH,00
0F6D:013D CD10 INT10 ;设光标位置(10H行1aH列)
0F6D:013F 8A04 MOVAL,[SI]
0F6D:0141 3C00 CMPAL,00
0F6D:0143 741B JZ0160 ;是否已显示完字符串,是则跳至从键盘读取密码处
0F6D:0145 B409 MOVAH,09
0F6D:0147 B90100 MOVCX,0001
0F6D:014A B700 MOVBH,00
0F6D:014C B370 MOVBL,70
0F6D:014E CD10 INT10 ;显示一个字符
0F6D:0150 FEC2 INCDL ;光标后移一位
0F6D:0152 46 INCSI ;字符指针后移一位
0F6D:0153 EBE2 JMP0137 ;继续显示下一字符 0f6d:011c db 'PASSWARD'00 ;用于显示的字符串
; 从键盘读取密码
0F6D:0160 B90400 MOVCX,0004
0F6D:0163 B80000 MOVAX,0000
0F6D:0166 8EC0 MOVES,AX
0F6D:0168 BF0108 MOVDI,0801
0F6D:016B F3 REPZ
0F6D:016C AB STOSW ;在0000:0801开始处开一片长度为8个字节的缓冲区
;(用00H来标记),用于存放从键盘读入的密码,(密码
;最多为8个字符,最少为0个字符)
0F6D:016D B90900 MOVCX,0009 ;最多读9次键盘(当然第9次是重头读过)
0F6D:0170 BF0108 MOVDI,0801 ;从801H处开始写密码
0F6D:0173 B223 MOVDL,23 0F6D:0175 B400 MOVAH,00
0F6D:0177 CD16 INT16 ;读键盘
0F6D:0179 3C0D CMPAL,0D
0F6D:017B 7479 JZ01F6 ;是回车则跳至密码比较处
0F6D:017D B402 MOVAH,02
0F6D:017F 90 NOP
0F6D:0180 90 NOP
0F6D:0181 B610 MOVDH,10
0F6D:0183 B700 MOVBH,00
0F6D:0185 CD10 INT10 ;设置光标位置(当然是"PASSWARD"字符串后面了)
0F6D:0187 3C08 CMPAL,08
0F6D:0189 7437 JZ01C2 ;是退格键则跳至退格处理
0F6D:018B 50 PUSHAX
0F6D:018C B40E MOVAH,0E
0F6D:018E B02A MOVAL,2A
0F6D:0190 B307 MOVBL,07
0F6D:0192 CD10 INT10 ;显示一个"*"(没有回显的密码输入是不是很恐怖)
0F6D:0194 58 POPAX
0F6D:0195 0423 ADDAL,23 ;密码字符加23H(受空间限制,加上该程序在系统启
;动前执行,在此,我只是简单的将密字加上23H,
;如果谁有好而小巧的算法,别忘了告诉我)
0F6D:0197 8805 MOV[DI],AL
0F6D:0199 47 INCDI
0F6D:019A 49 DECCX
0F6D:019B 83F900 CMPCX,+00
0F6D:019E 740A JZ01AA ;是否读了第9次键盘,是跳转至输入溢出处
0F60:01A0 FEC2 INC DL
0F60:01A2 EBD1 JMP 0175 ;本段用于处理键盘输入超过8次
0F6D:01AA B610 MOVDH,10
0F6D:01AC B402 MOVAH,02
0F6D:01AE B223 MOVDL,23
0F6D:01B0 B700 MOVBH,00
0F6D:01B2 CD10 INT10
0F6D:01B4 B409 MOVAH,09
0F6D:01B6 B000 MOVAL,00
0F6D:01B8 B307 MOVBL,07
0F6D:01BA B90900 MOVCX,0009
0F6D:01BD CD10 INT10
0F6D:01BF EB9F JMP0160 ;重新读取密码 ;本段用于退格处理
0F6D:01C2 51 PUSHCX
0F6D:01C3 B403 MOVAH,03
0F6D:01C5 B700 MOVBH,00
0F6D:01C7 CD10 INT10 ;读光标位置
0F6D:01C9 80FA23 CMPDL,23
0F6D:01CC 74A7 JZ0175 ;光标是否已到头,是则去读下一密字
0F6D:01CE 81FF0008 CMPDI,0800
0F6D:01D2 74A1 JZ0175 ;密码缓冲是否已到头,是则去读下一密字 0F6D:01D4 B402 MOVAH,02
0F6D:01D6 FECA DECDL
0F6D:01D8 CD10 INT10
0F6D:01DA B40E MOVAH,0E
0F6D:01DC B000 MOVAL,00
0F6D:01DE B307 MOVBL,07
0F6D:01E0 CD10 INT10 ;光标前移一位,并删除一个"*"
0F6D:01E2 B80000 MOVAX,0000
0F6D:01E5 8905 MOV[DI],AX ;密码缓冲当前指针处清零
0F6D:01E7 4F DECDI ;密码缓冲指针减一
0F6D:01E8 8905 MOV[DI],AX ;密码缓冲当前指针处清零
0F6D:01EA 59 POPCX
INC CX ;///CX 应该加1
0F6D:01EB EB88 JMP0175 ;重新读键盘 ;本段用于比较密字
0F6D:01F6 B80000 MOVAX,0000
0F6D:01F9 8EC0 MOVES,AX
0F6D:01FB 8ED8 MOVDS,AX
0F6D:01FD BEB007 MOVSI,07B0
0F6D:0200 BF0108 MOVDI,0801
0F6D:0203 B90400 MOVCX,0004
0F6D:0206 F3 REPZ
0F6D:0207 A7 CMPSW
0F6D:0208 7404 JZ020E ;字符串相同则跳转至正确引导系统代码
0F6D:020A EB3C JMP0248 ;字符串不相同则跳转至加密硬盘代码 ;正确引导系统代码
0F6D:020E B80000 MOVAX,0000
0F6D:0211 8EC0 MOVES,AX
0F6D:0213 B80102 MOVAX,0201
0F6D:0216 B90200 MOVCX,0002
0F6D:0219 BA8000 MOVDX,0080
0F6D:021C BB00F0 MOVBX,F000
0F6D:021F CD13 INT13
0F6D:0221 B80103 MOVAX,0301
0F6D:0224 B90100 MOVCX,0001
0F6D:0227 BA8000 MOVDX,0080
0F6D:022A CD13 INT13 ;0柱0道2扇是HDBOOT.EXE写入的由硬盘锁代码
;(也就是大家现在看到的代码)+正确的硬盘分
;区表组成,将其写入0柱0道1扇后操作系统就可
;正常读取硬盘了
0F6D:022C B80000 MOVAX,0000
0F6D:022F 8EC0 MOVES,AX
0F6D:0231 B80102 MOVAX,0201
0F6D:0234 B90300 MOVCX,0003
0F6D:0237 BA8000 MOVDX,0080
0F6D:023A BB007C MOVBX,7C00
0F6D:023D CD13 INT13 ;0柱0道3扇是HDBOOT.EXE写入的原MBR区的备份,将
;其读入0000:7c00处
0F6D:023F EA007C0000 JMP0000:7C00 ;长跳转至原MBR代码处执行(以后怎么样引导就不
;是我们现在讨论的了),从而正确引导系统 ;加密硬盘代码
0F6D:0248 B80000 MOVAX,0000
0F6D:024B 8EC0 MOVES,AX
0F6D:024D B80102 MOVAX,0201
0F6D:0250 B90400 MOVCX,0004
0F6D:0253 BA8000 MOVDX,0080
0F6D:0256 BB00F0 MOVBX,F000
0F6D:0259 CD13 INT13
0F6D:025B B80103 MOVAX,0301
0F6D:025E B90100 MOVCX,0001
0F6D:0261 BA8000 MOVDX,0080
0F6D:0264 CD13 INT13 ;0柱0道4扇是HDBOOT.EXE写入的由硬盘锁代码(也就是
;大家现在看到的代码)加上江明原理的逻辑锁,将其写入
;0柱0道1扇后操作系统就被完全锁死了(不能从其它盘引导)
0F6D:0266 CD19 INT19 ;不用多说吧,相当于热启动
大家看后一定看出了一些问题,为了能够让这个硬盘锁可以跨平台,我设置为输入正确密码后就将
正确的分区表读入0柱0道1扇,输入不正确密码后就将江明锁读入0柱0道1扇,明白人一下就看出了,如
果电脑主人上次用正确密码进入了电脑,而电脑非法使用者一次都不试密码,就直接用软盘或光盘或
USB盘引导,那么就可以非法访问硬盘了,说实话,这个问题困扰了我许久,一直不得其解,不这样做,
就得在输入正确密码后就将正确的分区表读入0柱0道1扇,然后在操作系统启动后再做手脚把0柱0道1扇的
分区表加密,这样做有两个问题,(1)操作系统启动做的手脚一定是放在操作系统的自启动中(如DOS的
AUTOEXEC.BAT、WIN98的"启动"等),这样做显然不安全,(2)同时这样做显然不能做到"跨平台",所以我只
能在程序说明中告诉使用者,如果离开电脑,就故意输入一错误密码,那么江明锁就将硬盘锁死了,这样电脑
非法使用者用软盘或光盘或USB盘都不能引导了,(大家知道所谓江明锁,就是让扩展分区指向自己,从而使
启动程序陷入死循环,这个该死的东西也不知害死了多少硬盘,也该让他做做好事了),要是谁有更好的方法
解决这一问题,一定要告诉我.
再来介绍一下HDLCOK.EXE文件,以下是完整的程序源代码: ;硬盘锁安装程序
DATA SEGMENT
D1 DB 0CDH,0BFH,0D1H,0E5H,0EAH,0CDH
D2 DB 'You had not install the HDLOCK,do you
install?(y/n)',0dh,0ah,'$'
D3 DB 'HDLOCK.DAT',00H
D4 DB 'Can not find file (HDLOCK.DAT)',0dh,0ah,'$'
D5 DB 'PASSWORD',00H
D6 DB
1EH,06H,0B9H,00H,01H,0BFH,00H,06H,0B8H,00H,00H,8EH,0D8H,8EH,0C0H,0BEH;逻辑锁
DB
00H,7CH,0F2H,0A5H,0EAH,1AH,06H,00H,00H,90H,0EBH,09H,50H,41H,53H,53H
DB
57H,4FH,52H,44H,00H,0B8H,00H,06H,0B7H,0F0H,0B9H,00H,00H,0BAH,4FH,18H
DB
0CDH,10H,0B2H,01AH,0BEH,1CH,06H,0B4H,02H,0B6H,10H,0B7H,00H,0CDH,10H,8AH
DB
04H,3CH,00H,74H,1BH,0B4H,09H,0B9H,01H,00H,0B7H,00H,0B3H,70H,0CDH,10H
DB
0FEH,0C2H,46H,0EBH,0E2H,0CDH,20H,4FH,3DH,33H,0CDH,20H,33H,33H,33H,33H
DB
0B9H,04H,00H,0B8H,00H,00H,8EH,0C0H,0BFH,01H,08H,0F3H,0ABH,0B9H,09H,00H
DB
0BFH,01H,08H,0B2H,23H,0B4H,00H,0CDH,16H,3CH,0DH,74H,79H,0B4H,02H,90H
DB
90H,0B6H,10H,0B7H,00H,0CDH,10H,3CH,08H,74H,37H,50H,0B4H,0EH,0B0H,2AH
DB
0B3H,07H,0CDH,10H,58H,04H,23H,88H,05H,47H,49H,83H,0F9H,00H,74H,0AH
DB
0FEH,0C2H,0EBH,0D1H,24H,67H,00H,77H,69H,6EH,0B6H,10H,0B4H,02H,0B2H,23H
DB
0B7H,00H,0CDH,10H,0B4H,09H,0B0H,00H,0B3H,07H,0B9H,09H,00H,0CDH,10H,0EBH
DB
9FH,51H,51H,0B4H,03H,0B7H,00H,0CDH,10H,80H,0FAH,23H,74H,0A7H,81H,0FFH
DB
00H,08H,74H,0A1H,0B4H,02H,0FEH,0CAH,0CDH,10H,0B4H,0EH,0B0H,00H,0B3H,07H
DB
0CDH,10H,0B8H,00H,00H,89H,05H,4FH,89H,05H,59H,0EBH,88H,07H,43H,04H
DB
0E8H,86H,0CDH,20H,44H,44H,0B8H,00H,00H,8EH,0C0H,8EH,0D8H,0BEH,0B0H,07H
DB
0BFH,01H,08H,0B9H,04H,00H,0F3H,0A7H,74H,04H,0EBH,3CH,55H,55H,0B8H,00H
DB
00H,8EH,0C0H,0B8H,01H,02H,0B9H,02H,00H,0BAH,80H,00H,0BBH,00H,0F0H,0CDH
DB
13H,0B8H,01H,03H,0B9H,01H,00H,0BAH,80H,00H,0CDH,13H,0B8H,00H,00H,8EH
DB
0C0H,0B8H,01H,02H,0B9H,03H,00H,0BAH,80H,00H,0BBH,00H,7CH,0CDH,13H,0EAH
DB
00H,7CH,00H,00H,00H,00H,00H,00H,0B8H,00H,00H,8EH,0C0H,0B8H,01H,02H
DB
0B9H,04H,00H,0BAH,80H,00H,0BBH,00H,0F0H,0CDH,13H,0B8H,01H,03H,0B9H,01H
DB
00H,0BAH,80H,00H,0CDH,13H,0CDH,19H,00H,00H,00H,00H,00H,00H,00H,00H
DB 00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H
DB 00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H
DB 00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H
DB 00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H
DB 64H,64H,64H,64H,64H,64H,64H,64H,00H,00H,00H,00H,00H,00H,00H,00H
DB 01H,00H,05H,0FEH,7FH,05H,3FH,00H,00H,00H,47H,39H,40H,00H,00H,00H
DB 00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H
DB 00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H
DB 00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,00H,55H,0AAH
D7 DB 'You have been installed HDLOCK,do you remove?(y/n)',0dh,'$'
D8 DB 'PASSWORD ERROR$'
D9 DB 0dh,0ah
DB 0dh,0ah
DB ' # # # # # # # # # # # # #',0dh,0ah
DB ' # # # # # # # # # # # # #',0dh,0ah
DB ' # # # # # # # # # # # # #',0dh,0ah
DB ' # # # # # # # # # # # # #',0dh,0ah
DB ' # # # # # # # # # # # # # #',0dh,0ah
DB 0dh,0ah
DB ' ----------# HARD DISK LOCK #------------',0dh,0ah
DB ' BY:THE MAN LIKE WIND',0dh,0ah
DB ' E-mail:tyhhyf@hotmail.com',0dh,0ah
DB ' OICQ:86633320',0dh,0ah
D10 DB 'Enter anykey to enter the PASSWORD.$'
D11 DB 'Enter anykey to enter the PASSWORD again.$'
D12 DB 'Error:Two PASSWORD is not alike!$'
D13 DB 'The HDLOCK had been installed,please remember you
PASSWORD!!!$'
D14 DB 'The HDLOCK had been removed.$'
DATA ENDS
CODE SEGMENT
ASSUME CS:CODE,DS:DATA,ES:DATA
START:
MOV AX,DATA
MOV DS,AX
MOV ES,AX
MOV DX,OFFSET D9
MOV AH,09H
INT 21H
MOV AH,00H
INT 16H
;判断是否安装过硬盘锁程序
NEXT:
MOV AX,0201H;读一扇区
MOV CX,0001H
MOV DX,0080H
MOV BX,0F000H
INT 13H
MOV AX,0201H
MOV CX,0001H
MOV DX,0080H
MOV BX,0E000H
INT 13H
MOV SI,0F1A0H
MOV DI,OFFSET D1
MOV CX,0003H
REPE CMPSW
JNZ INSTALL
JMP DEL
INSTALL:
MOV DX,OFFSET D2
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -