Copy Link
Add to Bookmark
Report

Hexfiles Issue 3 File 014

eZine's profile picture
Published in 
hexfiles
 · 3 months ago

  
HEX-FILES No. 3 File 014
ÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ


HOW TO COMPILE LISTINGS IN HEX-FILES



***********************************************************************
* *
* HEX-FILES does not carry live virus. However, program listings and *
* scripts found in HEX-FILES create first generation viruses, *
* infected programs, virus droppers or other virus related programs *
* when compiled. This was intentionally done to prevent someone from *
* executing these programs without exactly knowing what the programs *
* really are. Believe me, there are people stupid enough to do this. *
* *
* If you create an executable program out of those listed in *
* HEX-FILES, it is taken to mean that you are fully aware of the *
* nature of these programs and the consequences of their use. You *
* also agree that HEX-FILES and/or anybody connected with HEX-FILES *
* in any way are not responsible for any damage that may result from *
* the use or misuse of these programs. *
* *
* You, the person who created the executable program and/or executed *
* the program shall bear full responsibility for your actions. *
* *
* Furthermore, you fully agree that these programs are only to be *
* used for research and/or educational purposes. Last but not least, *
* in no way shall these programs be used to inflict harm and/or *
* damage on another person and/or his property. *
* *
***********************************************************************


Programs in HEX-FILES are presented as assembly language source code
(*.asm) or debug scripts (*.scr). The suggested name for the assembly
source code or debug script is indicated before the listing. The
compiler used to exactly recreate the virus is indicated at the start
of the assembly listing. If another compiler is used, you might not
be able to recreate the exact virus and instead create a new variant
of the virus.


If the debug scripts contains an infected program, the virus that
infected the program is at least on the third generation. The first
generation being the compilation of the source code that appears with
it. If this is not the case, this would be stated somewhere in the
accompanying article and/or immediately before the debug script.


How to create an executable program

1. Open the selected file in a text editor. You can also use your
word processor but you will have to save it as a plain text or
ms-dos text file. Save a back-up copy of the file. Most files
contain both asm and scr listings, and others contain multiple
listings.

2. Cut everything from the start of the file up to the line which
says

ÄÄÄÄÄÄÄÄ xxxxxxxx.ASM starts here ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
or ÄÄÄÄÄÄÄÄ xxxxxxxx.SCR starts here ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ


3. Cut everything from the line which says

ÄÄÄÄÄÄÄÄ xxxxxxxx.ASM ends here ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ
or ÄÄÄÄÄÄÄÄ xxxxxxxx.SCR ends here ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ

up to the end of the file.

4. Save the file as xxxxxxxx.ASM or xxxxxxxx.SCR, as the case may
be. Remember to save the file as plain text or ms-dos text file.


5. Compile the listing

5.1. For debug scripts, the command line is

debug < xxxxxxxx.SCR

An executable file is created, usually a com. If the created
file is an exe, it will have an .ex_ extension. Rename to
xxxxxxxx.exe to make it executable.

5.2. For assembly source codes, the listing is written in a way
that it could be compiled by different compilers,
specifically A86 4.02, TASM 2.01 and MASM 5.0. Other
compilers could be used but might require code fixes.

5.2.1. Command line for A86 version 4.02

5.2.1.1. Create COM program with org 100 directive

a86 xxxxxxxx.ASM

5.2.1.2. Create COM program with org 0 directive

a86 xxxxxxxx.ASM xxxxxxxx.COM

5.2.1.3. Create EXE program

a86 xxxxxxxx.ASM xxxxxxxx.OBJ
linker xxxxxxxx.OBJ

You can use tasm's tlink, masm's link or a linker
of your choice. a86 does not have a separate linker
program.


5.2.2. Command line for TASM version 2.01

5.2.2.1. Create COM program with org 100 directive

tasm xxxxxxxx.ASM;
tlink /t xxxxxxxx.OBJ;

5.2.2.2. Create COM program with org 0 directive

tasm xxxxxxxx.ASM;
tlink xxxxxxxx.OBJ;
exe2bin xxxxxxxx.EXE xxxxxxxx.COM

You can use other binary converters instead of
exe2bin.

5.2.2.3. Create EXE program

tasm xxxxxxxx.ASM;
tlink xxxxxxxx.OBJ;


5.2.3. Command line for MASM version 5.0

5.2.3.1. Create COM program

masm xxxxxxxx.ASM;
link xxxxxxxx.OBJ;
exe2bin xxxxxxxx.EXE xxxxxxxx.COM

You can use other binary converters instead of
exe2bin.

5.2.3.2. Create EXE program

masm xxxxxxxx.ASM;
link xxxxxxxx.OBJ;


5.2.4. For other compilers, refer to the program documentation
or the compiler's help screen.



Availability of Compilers/Programs

1. DEBUG.EXE comes with Microsoft's operating system. If you are
using ms-dos/win9x you have debug unless you deleted it.

2. EXE2BIN.EXE comes with ms-dos but was dropped from ms-dos 6.
Programs similar to exe2bin are available from shareware sites.
However, if you still want exe2bin, I think you can download a
copy from microsoft.

3. A86 is a shareware program and is available from shareware sites
or you can get it directly from its distribution site at

http://eji.com/a86/index.htm

4. TASM and MASM are commercial programs. If you are interested, get
in touch with Borland and Microsoft, respectively.

However, if like me, you couldn't afford to buy these programs
(with my meager allowance and the dwindling value of the
Philippine peso, how could I), a copy is available from your
friendly warez and virus sites. I won't tell you where but...

Look and you shall find
Knock and it shall be opened unto you

5. For other compilers, you can find many shareware assembly
compilers in the Internet. Refer to FAQs assembly language
newsgroups, such as alt.lang.asm and comp.lang.asm.x86, on what
are these and where you can get them.






-=<HF3>=-

← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT