|
| |
Website :
https://www.youtube.com/watch?v=fY0p5rTQSiA
Credits :
Download :
Look for downloads on external sites:
Pokefinder.org
Summary
Submitted by Scan on 8 January 2016
Bit Addict virus by Scan / House Designs
Effective virus size: 249 bytes
Virus size on disk: 1 block (256 bytes)
Virus type: Semi-stealth resident parasitic prepender
Compiler used: 64tass
This is the first thing I've programmed for the C64 since 25 years, probably better optimization is possible.
Also, this virus is a homage to a friend of mine, an amazing virus writer in the DOS era, who passed away in 2011.
Why a virus? Well, I've written a lot of viruses for DOS back in the 90s (as John Tardy and later as Rajaat) and
lately I got interested in coding for the C64 again, so naturally this was the first thing I could think of.
Description:
When an infected file is executed the virus receives control and copies the virus code to the memory in the disk
drive ($0404), so that the aligns with the layout of a sector (1st two bytes are a pointer to next sector, the
2nd two bytes are the loading offset for a program). Then it executes the main infection routine in the disk drive
memory while in the meantime the host is relocated to $0801 (thus programs with no basic stub will crash!) and
executed.
This part is executed from within the disk drive:
When receiving control it will read track 18 sector 1 to $0300 in the 1541 memory. It will then check for PRG
files (file type #$82) and if found it will check if the #$18th byte of the directory entry is set to #$ff (the
infection marker). If the value of the entry is not #$00 it assumes the file already to be infected (avoids geos
files).
If a candidate host is found it will allocate a free sector on the disk, it will change the starting track and
sector of the file in the directory entry to the newly allocated free sector, store the original starting track
and sector in the virus buffer (which is formatted to look like a sector, hence the shift to $0404 in offset)
and then write the virus to the allocated space. The file size in the directory will not be updated, making the
virus semi-stealth (although the head movement is very noticable).
After having tried finding a file to infect it goes into a loop, waiting for another disk to be inserted. If done,
the infection process will be repeated, but instead if a DOS command is executed, the virus gives up control and
passes the call to the 1541 kernal, which never returns from the loop, thus disabling the virus.
Drawbacks:
- .PRG files not loading to $801 will crash
- To deactivate the virus in drive memory, just issue a DOS command
- Will only work with (emulated) 1541 drives
- It will infect only 1 program at a time and only checks the first 8 files
- No error handling for drive actions (ie. write-protect)
Disinfection:
Use a disk editor, find the infected file (#$18th byte of an infected file in the directory is set to #$ff) and change
the starting head/sector to the 2nd (located in the first sector).
Optionally: Unallocate the virus sector in the BAM (not needed for disinfection)
Disclaimer: Use at your own risk. And don't be an asshole and spread it to people that have no idea what's happening. This
is a working Proof of Concept. I have no desire to receive a lot of complaints of people that got accidentally
infected. Read the description well.
Other members of House Designs have no hand in the creation of this product, they are not reliable for any
damages that this virus may (hopefully may not) cause.
References:
C64 ROM listing http://unusedino.de/ec64/technical/misc/c64/romlisting.html
C64 Zeropage documentation https://www.c64-wiki.com/index.php/Zeropage
All_About_Your_1541-Online Help http://unusedino.de/ec64/technical/aay/c1541/
D64 (Electronic form of a physical 1541 disk) http://unusedino.de/ec64/technical/formats/d64.html
A 256 Byte Autostart Fast Loader for the C64 http://www.pagetable.com/?p=568
Making a Virus Scanner http://codebase64.org/doku.php?id=base%3Aviruslist
... and I had to use some sites with basic info about c64 opcodes, because I forgot a lot ;) |
|
|
|
 | Search CSDb |
|
| Navigate | |
|
| Detailed Info | |
|
| Fun Stuff | |
· Goofs
· Hidden Parts
· Trivia
|
|
| Forum | |
|
| Support CSDb | |
|
 |  |
|
