 |
|
|
 
|
|
Нужна помощь!!! помогите с алгоритмом! 
| bublgummer |
|
|||
|
Новичок Профиль Группа: Участник Сообщений: 1 Регистрация: 20.5.2007 Репутация: нет Всего: нет |
Парни! Нужна помощь! Нужно помочь очень хорошей девушке написать алгоритм к программе антивируса, написанной на ассемблере! Можно неточный, просто примерный. Блин, реально жизнь спасете!
;**************************************************************** ; ANTI775.ASM - program to find files infected by the "775" virus ; and to restore these files in their original state ;**************************************************************** CSEG segment assume cs:CSEG,ds:CSEG,es:CSEG org 100h START: mov SIG[10],0FFh ; Completes SIG string READ_PARAM: cmp byte ptr cs:[80h],0 je FIND_MODE ; If no parameters, "find" mode mov ax,ds mov es,ax cld mov al,'q' ; 'q' - "find & cure mode" (MODE=1) mov ch,0 mov cl,cs:[80h] ; Length of UPA (from PSP) mov di,81h ; Offset of UPA (from PSP) repne scasb je CURE_MODE FIND_MODE: mov MODE,0 jmp ALLOC_MEM CURE_MODE: mov MODE,1 ALLOC_MEM: mov ax,ds mov es,ax mov bx,1100h ; Reallocate 68 К bytes mov ah,4Ah int 21h jnc ALLOCATED NOT_ALLOCATED: lea dx,NO_MEM mov ah,09h int 21h ; Print a message jmp TO_DOS NO_MEM db 10,13,'Insufficient memory to run ANTI775',10,13,'$' ALLOCATED: lea ax,LBL mov cl,4 shr ax,cl inc ax mov bx,ds add ax,bx mov FSEG,ax ; Segment of program in memory FIND_FIRST: lea dx,FMASK ; Mask of file name mov cx,00100111b ; arc,dir,voL,sys,hid,r/o mov ah,4Eh int 21h jnc STORE_FNAME jmp EXIT FIND_NEXT: mov bx,HANDLE mov ah,3Eh int 21h ; Close previous file mov HANDLE,0FFFFh ; Note that file was closed mov ah,4Fh int 21h ; Find next file jnc STORE_FNAME jmp EXIT STORE_FNAME: mov bx,0 NEXT_SYM: mov al,byte ptr cs:[bx+9Eh] mov FNAME[bx],al cmp byte ptr cs:[bx+9Eh],0 je SET_ATTRIB inc bx cmp bx,13 jng NEXT_SYM jmp ERR SET_ATTRIB: lea dx,FNAME mov cx,00100000b ; arc,dir,vol,sys,hid,r/o mov ax,4301h int 21h ; Set file attributes jnc READ_HANDLE jmp ERR READ_HANDLE: lea dx,FNAME mov ax,3D02h ; Read/wite mode int 21h ; Open a file (handle is in ax) jnc READ_FLEN jmp ERR READ_FLEN: mov HANDLE,ax ; Store handle number mov cx,0 mov dx,0 ; NULL seek position in cx:dx mov bx,HANDLE mov ax,4202h ; Get program length in dx:ax int 21h mov FLEN,ax cmp dx,0 je SET_FSTART mov FLEN,0FFFEh SET_FSTART: mov bx,HANDLE mov cx,0 mov dx,0 mov ax,4200h int 21h ; Set seek pointer to start of file READ_FILE: mov bx,HANDLE mov cx,FLEN mov dx,0 cmp FLEN,8001h ; If length of file < 32769, jb READ_REST ; Read file in one step mov cx,8000h push ds mov dx,0 mov ax,FSEG mov ds,ax mov ah,3Fh int 21h ; Read 32768 bytes from file to buffer pop ds mov cx,FLEN mov dx,8000h sub cx,8000h ; Prepare to read the rest of the file READ_REST: mov bx,HANDLE ; bx = HANDLE push ds mov ax,FSEG mov ds,ax ; ds:dx - buffer address mov ah,3Fh int 21h ; Read and store entire file pop ds jne CHECK_SIG jmp ERR CHECK_SIG: mov ax,FSEG mov es,ax mov di,0 ; es:di - address of COM. file cld mov cx,FLEN sub cx,SIGL mov al,0FFh ; al = FF (hexadecimal) NEXT_FF: repne scasb je FOUND_FF NO_FF: jmp FIND_NEXT FOUND_FF: push cx ; Store counter for next 0FFh search push di ; Store di for next 0FFh search dec di ; es:di - address of 0FFh found mov SIGO,di ; Store offset of 0FFh found lea si,SIG ; ds:si - address of SIG string mov cx,SIGL ; cx - Length of SIG string repe cmpsb ; Compare SIG with string in file je FOUND_SIG pop di ; Restore di for next 0FFh dearch pop cx ; Restore counter for next OFFh search jmp NEXT_FF FOUND_SIG: inc FILES ; Count infected files lea dx,WARNING mov ah,09h int 21h ; Print warning message BLANK: mov cx,12 ; Width of file name field mov bx,0 REP32: mov FNAME[bx],32 inc bx loop REP32 ; Fill field with spaces cmp MODE,1 ; Was there 'q' in command line? je CURE jmp FIND_NEXT ; Do not cure! WARNING db 10,13,'File ' FNAME db 12 dup (32),0 ; File name ASCIIZ string db ' is infected by the 775 virus',10,13,'$' CURE: mov bx,SIGO ; SIGO - offset of virus signature add bx,SIGO3 ; SIGO3 - 3 bytes relative to SIG mov al,byte ptr es:[bx] ; es:bx - address of original 3 bytes mov byte ptr es:[0],al mov al,byte ptr es:[bx+1] mov byte ptr es:[1],al mov al,byte ptr es:[bx+2] mov byte ptr es:[2],al ; Three bytes were restored mov bx,SIGFL add bx,SIGO mov ax,word ptr es:[bx] ; Store old Length of file to be cured mov FLENOLD,ax SAVE_FILE: mov cx,0 mov dx,0 ; dx:cx - position of seek pointer (0) mov bx,HANDLE mov ax,4200h int 21h ; Set seek pointer to start of file mov cx,FLENOLD mov bx,HANDLE push ds mov ax,FSEG mov ds,ax mov dx,0 ; ds:dx - address of file in memory mov ah,40h int 21h ; Write cured file to disk CUT_FILE: mov cx,0 mov ah,40h int 21h ; Cut file to new length pop ds lea dx,CURED mov ah,09h int 21h ; Print "Cured" message jmp FIND_NEXT CURED db 'File was successfuly cured...',10,13,'$' ERR: lea dx,NOMORE mov ah,09h int 21h mov al,2 ; Return code 2 (Error, no files found) jmp TO_DOS NOMORE db 10,13,'Can not find infected .COM files...',10,13,'$' EXIT: cmp FILES,0 je NOFILES FNUM_OUT: mov al,FILES add al,30h mov ah,0Eh int 10h ; Print number of files (0-9) lea dx,MSGC cmp MODE,1 ; If MODE=1, mode is "cure" je MSGCF lea dx,MSGF MSGCF: mov ah,09h int 21h ; Print 'File(s) cured' message mov al,1 ; Return code 1 (found infected files) jmp TO_DOS MSGC db ' File(s) cured',10,13,'$' MSGF db ' Filets) infected',10,13,'S' NOFILES: lea dx,GOODBY mov ah,09h int 21h mov al,0 ; Return code 0 (Ho files infected) jmp TO_DOS GOODBY db 10,13,'No infected files found...',10,13,'$' TO_DOS: cmp HANDLE,0FFFFh je TERMINATE CLOSE_FILE: mov bx,HANDLE mov ah,3Eh int 21h TERMINATE: ; Free allocated memory mov ah,4Ch int 21h ; Terminate program (al - return code) MODE db 0 ; 0 - find, 1 - find & cure FILES db 0 ; Number of infected files SIG db 0FFh,080h,03Eh,0DEh,002h,024h,075h,003h,0E9h,021h db 0 ; Virus signature (last byte) SIGL equ $-SIG ; Length of SIG string SIGO dw (?) ; Offset of SIG in file SIGO3 dw 0BAh ; Offset of old 3 bytes relative to SIG SIGFL dw 0B1h ; Offset of old file length relative to SIG FMASK db '*.COM',0h ; File name mask FLEN dw (?) ; Current length af tested file FLENOLD dw (?) ; Old length of file to be cured HANDLE dw 0FFFFh ; File handle number ATTRIB db (?) ; File attribute FSEG dw (?) ; Segment to store file LBL db '$' ; Security label CSEG ends end START Вопрос жизни и смерти! |
|||
|
||||
Дата 21.5.2007, 00:02 (
Загрузка ...
|
|
| Правила форума "Asm: Общие вопросы" | |
|
|
Если Вам понравилась атмосфера форума, заходите к нам чаще! С уважением, MAKCim. |
| 1 Пользователей читают эту тему (1 Гостей и 0 Скрытых Пользователей) | |
| 0 Пользователей: | |
| « Предыдущая тема | Asm: Общие вопросы | Следующая тема » |
[ Время генерации скрипта: 0.0643 ] [ Использовано запросов: 21 ] [ GZIP включён ]
Реклама на сайте Информационное спонсорство
|
|
По вопросам размещения рекламы пишите на vladimir(sobaka)vingrad.ru
Отказ от ответственности Powered by Invision Power Board(R) 1.3 © 2003 IPS, Inc. |