看你这个怎么对付,检测FE页映射,直接call F000:EC59,替换中断8h,0eh,15h
.386p
cseg segment use16
assume cs:cseg,ds:cseg
org 100H
start:
jmp begin ;three byte
;------- Data area --------------------
tmp_sta db 82h dup(?)
drive db ?
cs_ip dd 0
ss_v dw 0
sp_v dw 0
t_info db 'RisingSunH'
nec_va db 44h,20h,20h,4fh,01h,86h,06h
psp dw ?
o_int08 dd ?
o_int0e dd ?
o_int15 dd ?
info db 'Key disk simular program is in memory !',7,'$'
;------- Initial procedure ------------
begin:
mov cs:psp,es ; save psp
add ax,10H
add word ptr cs:cs_ip[2],ax ; set cs:ip
add word ptr cs:ss_v,ax ; set ss
int 7h ; check SOFT-ICE
jmp short no_softice
nop
nop
jmp exit
no_softice:
smsw dx ; test PE
test dx,1h
jne short prot ;protect mode ?
jmp no_prot
prot:
xor ax,ax
mov ds,ax
mov si,67h*4h
lds di,dword ptr [si]
mov ax,ds
or ax,ax
jnz short emm
jmp no_emm
emm:
mov ax,0de06h ; get FEh page ?
mov cx,0feh
int 67h
or ah,ah ; test FEh page sucess ?
je short test_ok
jmp test_failed
test_ok:
cmp edx,0fe000h ; test unlock program ?
jz short no_unlock
jmp display_warn
test_failed:
no_unlock:
jmp mem_ok
display_warn:
mov ax,cs ; display warn message
mov ds,ax
lea dx,info
mov ah,9h
int 21h
jmp exit
no_emm:
no_prot:
mem_ok:
xor ax,ax ; modify disk para
mov ds,ax
mov si,1eh*4h
lds di,dword ptr [si]
mov byte ptr [di+3],4h
mov ds,ax ; modify int 08h
mov si,8h*4h
les di,dword ptr [si]
mov word ptr cs:[o_int08+2],es
mov word ptr cs:[o_int08],di
cli
mov word ptr [si],offset n_int08
mov word ptr [si+2],cs
sti
mov si,0eh*4h ; modify int 0eh
les di,dword ptr [si]
mov word ptr cs:[o_int0e+2],es
mov word ptr cs:[o_int0e],di
cli
mov word ptr [si],offset n_int0e
mov word ptr [si+2],cs
sti
mov si,15h*4h ; modify int 15h
les di,dword ptr [si]
mov word ptr cs:[o_int15+2],es
mov word ptr cs:[o_int15],di
cli
mov word ptr [si],offset n_int15
mov word ptr [si+2],cs
sti
mov ah,30h
int 21h
cmp al,6h
jna short callr
mov ax,3306h
int 21h
cmp bl,6h
jna short callr
jmp intr
callr:
mov ch,79d ; set read specail disk
mov cl,25d
mov dh,01h
xor dl,dl
mov ax,9000h
mov es,ax
xor bx,bx
mov di,2h
callrl1:
mov si,3h ; set count
callrl2:
mov ax,0201h
pushf ; call F000:EC59 iret return
db 9ah ; read info
dw 0ec59h,0f000h
jnc short continue_callr
mov ax,0000h ; reset drive A:
int 13h
dec si
or si,si ; test count
jnz short callrl2
inc dl
dec di
or di,di
jnz short callrl1
push si
jmp resint
continue_callr:
mov cs:[drive],dl
xor ax,ax ; modify disk para
mov ds,ax
mov si,1eh*4h
lds di,dword ptr [si]
mov byte ptr [di+3],6h
mov si,3h ; set count
mov cl,134d
mov bx,800h
callrl3:
mov ax,0201h
pushf ; call F000:EC59 iret return
db 9ah ; read info
dw 0ec59h,0f000h
cmp ah,10h
je short read_ok
mov ax,0000h ; reset drive A:
pushf ; call F000:EC59 iret return
db 9ah ; reset diskdrive
dw 0ec59h,0f000h
dec si
or si,si ; test count
jnz short callrl3
push si
jmp resint
intr:
mov dh,01h
xor dl,dl
mov ch,79d ; set read specail disk
mov cl,25d
mov ax,9000h
mov es,ax
xor bx,bx
mov di,2h
intrl1:
mov si,3h ; set count
intrl2:
mov ax,0201h
int 13h
jnc short continue_intr
mov ax,0000h ; reset drive A:
int 13h
dec si
or si,si ; test count
jnz short intrl2
inc dl
dec di
or di,di
jnz short intrl1
push si
jmp resint
continue_intr:
mov cs:[drive],dl
xor ax,ax ; modify disk para
mov ds,ax
mov si,1eh*4h
lds di,dword ptr [si]
mov byte ptr [di+3],6h
mov si,3h ; set count
mov cl,134d
mov bx,800h
intrl3:
mov ax,0201h
int 13h
cmp ah,10h
je short read_ok
mov ax,0000h ; reset drive A:
int 13h
dec si
or si,si ; test count
jnz short intrl3
push si
jmp resint
read_ok:
push si
resint:
xor ax,ax
mov ds,ax
mov si,8h*4h
les di,dword ptr cs:[o_int08]
cli
mov word ptr [si],di
mov word ptr [si+2],es
sti
mov si,0eh*4h
les di,dword ptr cs:[o_int0e]
cli
mov word ptr [si],di
mov word ptr [si+2],es
sti
mov si,15h*4h
les di,dword ptr cs:[o_int15]
cli
mov word ptr [si],di
mov word ptr [si+2],es
sti
