Zest
November 16th, 2006, 01:42
Hi,
I asked for help in some Assembly Coding forums but they didn't help as they believed that my work was illegal.
I didn't know if someone tries to change his program his action is considered illegal.
I want to use interrupt 21h function al=1h and ah=4Bh
Here is the first and second program.
http://rapidshare.com/files/3490689/Load.rar
In fact,I want to change one byte of the second program.(For example the string which is used in V.EXE to show DOS version) And at last I want to run the second program while it's changed already by the First program.
So what should I do after loading the second program by putting 1 in AL.
How can I access to the elements of the second program.
(For example data segment and code segment.)
Also let me know how to run the second program after changing some of its parts.
Please explain it well or just show me a snippet of code.
So I can understand this concept in coding.
Unfortunately,It doesn't work.
I have some questions to be able to understand the concept.
When the second program is loaded,where is it located?
Is it right after the stack segment of the first program?
If it's so,I should be able to search in the memory for the bytes I want.
But I need an algo to search in memory.
ss of the parent program is the last segment wihch I should use and add sp to it to get the last address in the memory.
After this address normally the first segment of the child program should be loaded.
How can I code an algo to search in this area?
Also what is the last address in the memory?
I mean how far shall I do search in memory to find the desired bytes.
Is there any way to use SCASB instruction to find the place in memory?
In fact,let me know what should be put in ES: DI and AL and CX to be able to use SCAS instruction.
I want to change this part in this program:
So I should find the first part in RAM and then try to replace it with the second part.
The First problem is coding this algo.
The Second problem is about the way I can use interrupt 21h function al=1h and ah=4Bh
I hope someone can help.
Thanks in advance.
Best Regards,
Zest.
I asked for help in some Assembly Coding forums but they didn't help as they believed that my work was illegal.
I didn't know if someone tries to change his program his action is considered illegal.
I want to use interrupt 21h function al=1h and ah=4Bh
Here is the first and second program.
http://rapidshare.com/files/3490689/Load.rar
In fact,I want to change one byte of the second program.(For example the string which is used in V.EXE to show DOS version) And at last I want to run the second program while it's changed already by the First program.
So what should I do after loading the second program by putting 1 in AL.
How can I access to the elements of the second program.
(For example data segment and code segment.)
Also let me know how to run the second program after changing some of its parts.
Please explain it well or just show me a snippet of code.
So I can understand this concept in coding.
Code:
**********
TITLE A PROGRAM TO PATCH ANOTHER ONE
PAGE 60,133
stseg SEGMENT STACK
BYTE 4*1024 DUP (?)
stseg ENDS
dtseg SEGMENT PUBLIC 'DATA'
PathName BYTE "C:\v.exe",0
ParamBlock LABEL WORD
WORD 0
DWORD CmdLine
DWORD DfltFCB,DfltFCB
LoadSSSP DWORD ?
LoadCSIP DWORD ?
CmdLine BYTE 5,'v.exe',0dh
Dummy BYTE 20 DUP (?)
dtseg ENDS
cdseg SEGMENT PUBLIC 'CODE'
main PROC FAR
ASSUME cs:cdseg,ds:dtseg,ss:stseg,es:dtseg
mov ax,SEG dtseg
mov ds,ax
mov bx,100 ;Deallocating 100 paragraphs of unused memory
mov ah,4ah
int 21h
mov ah,4Bh ;trying to load the second program
mov al,1
mov dx,SEG PathName
mov ds,dx
lea dx,PathName
mov bx,SEG ParamBlock
mov es,bx
lea bx,ParamBlock
int 21h
;Now the second program is loaded but not executed.
;it's time to change the data in the second one.
;But i don't know how to get access to data and code section
;of the second program.
;***********************
;I used these instructions and these ones didn't work at all.
; mov es,WORD PTR cs:[LoadCSIP] ;Trying to change the twentieth Byte in
; mov si,20h ;the second program
; mov BYTE PTR es:[si],'$'
; mov ss,WORD PTR cs:[LoadSSSP] ;Trying to go to the second program and
; mov sp,WORD PTR cs:[LoadSSSP]+2 ;executing it
; jmp DWORD PTR cs:[LoadCSIP]
;*********************
mov ah,4ch
int 21h
main ENDP
cdseg ENDS
PUBLIC main
END main
******************
Unfortunately,It doesn't work.
I have some questions to be able to understand the concept.
When the second program is loaded,where is it located?
Is it right after the stack segment of the first program?
If it's so,I should be able to search in the memory for the bytes I want.
But I need an algo to search in memory.
ss of the parent program is the last segment wihch I should use and add sp to it to get the last address in the memory.
After this address normally the first segment of the child program should be loaded.
How can I code an algo to search in this area?
Also what is the last address in the memory?
I mean how far shall I do search in memory to find the desired bytes.
Is there any way to use SCASB instruction to find the place in memory?
In fact,let me know what should be put in ES: DI and AL and CX to be able to use SCAS instruction.
I want to change this part in this program:
Code:
mov dl,'.'
mov ah, 02h
int 21h
to
mov dl,'*'
mov ah, 02h
int 21h
So I should find the first part in RAM and then try to replace it with the second part.
The First problem is coding this algo.
The Second problem is about the way I can use interrupt 21h function al=1h and ah=4Bh
I hope someone can help.
Thanks in advance.
Best Regards,
Zest.