mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2024-12-21 10:56:10 +00:00
253 lines
9.9 KiB
NASM
253 lines
9.9 KiB
NASM
;---------------------------------------------------------------------------
|
||
;KBM KeyBoard Mouse by Dan Rollins 5-20-85
|
||
;
|
||
; This program intercepts keyboard data and creates a bit pattern determined
|
||
; according to whether or not certain keys are currently being pressed.
|
||
;
|
||
; The bit pattern is stored in the "inter-application communication area"
|
||
; at 0000:04f0. It is interpreted as:
|
||
;
|
||
; 7 6 5 4 3 2 1 0 (bit number)
|
||
; C m P H l d r u (bit name)
|
||
; | | | | | | | |
|
||
; | | | | | | | +- bit 0 (01h) - set = 1 while [up arrow] is pressed
|
||
; | | | | | | +--- bit 1 (02h) - set = 1 while [right arrow] is pressed
|
||
; | | | | | +----- bit 2 (04h) - set = 1 while [down arrow] or [5] is pressed
|
||
; | | | | +------- bit 3 (08h) - set = 1 while [left arrow] is pressed
|
||
; | | | |
|
||
; | | | +--------- bit 4 (10h) - set = 1 while [Home] is pressed
|
||
; | | +----------- bit 5 (20h) - set = 1 while [PgUp] is pressed
|
||
; | +------------- bit 6 (40h) - set = 1 while grey [-] is pressed
|
||
; +--------------- bit 7 (80h) - set = 1 while [CapsLock] is pressed
|
||
;
|
||
; As soon as the key is released, the relevant bit is reset to 0.
|
||
;
|
||
; The byte at 0000:04f1 is the "pass-through/filter" mode flag. When this
|
||
; byte is zero, all keystrokes are passed to the normal keyboard handler.
|
||
; When it's non-zero, the selected keystrokes are filtered (disabled for
|
||
; normal input). BIOS and DOS keyboard calls will not recognize them.
|
||
;
|
||
; The Alt-NumLock keystroke toggles between pass-through and filter modes.
|
||
;
|
||
; This program is installed and remains resident. It is a COM-format
|
||
; file, so it must be converted with EXE2BIN.
|
||
;
|
||
; Copyright (c) Ziff-Davis Publishing Co., 1986. All rights reserved.
|
||
;
|
||
;= equates ===============
|
||
|
||
KB_DATA_PORT equ 60h ;These are listed in the PC and XT
|
||
KB_CTRL_PORT equ 61h ; Technical Reference Manuals
|
||
|
||
KB_FLAG equ 417h ; the BIOS shift-key status (in segment 0)
|
||
ALT_STATE equ 8 ; Bit pattern while the [Alt] key is pressed
|
||
NUMLOCK_KEY equ 69 ; scan-code of the [NumLock] key
|
||
|
||
INT_CTL_PORT equ 20h ; Interrupt controller port (8259 chip)
|
||
EOI equ 20h ; End-Of-Interrupt code sent to 8259
|
||
|
||
RELEASE_BIT equ 80h ;also called the "break" bit: a key was released
|
||
|
||
KEY_BITS equ 04f0H ;the address of the key bit flags (segment 0)
|
||
MODE_FLAG equ 04f1H ;when 0, all keys are passed to normal kbint
|
||
INST_FLAG equ 04f2H ; set to 1234H during installation
|
||
|
||
com_seg segment
|
||
assume cs:com_seg, ds:com_seg
|
||
org 100h ;must have for COM-format program
|
||
kbm proc far
|
||
jmp set_up ;get past data and install interrupt hander
|
||
|
||
;============= program data area ========
|
||
|
||
norm_kbd_int label dword ;type DWORD so it can be used in a FAR jump
|
||
nki_offset dw 0 ; This address is stored in the SET_UP proc
|
||
nki_segment dw 0 ; It's the address of the previous kbint routine
|
||
|
||
;-----------------------------------------------------------------------------
|
||
; KBD_INT
|
||
; 1) read the keyboard
|
||
; 2) set/reset bits in mouse movement byte
|
||
; 3) execute normal keyboard interrupt
|
||
;
|
||
; scan bit key suggested meaning
|
||
; code flag name (defined by user)
|
||
; ---- ---- --------- ----------------------
|
||
kbm_tbl db 72, 1 ; num.pad 8 go up
|
||
db 77, 2 ; num.pad 6 go right
|
||
db 80, 4 ; num.pad 2 go down
|
||
db 75, 8 ; num.pad 4 go left
|
||
|
||
db 76, 4 ; num.pad 5 go down
|
||
db 71, 16 ; Home button 1
|
||
db 73, 32 ; PgUp button 2
|
||
db 74, 64 ; grey minus button 3
|
||
db 58, 128; CapsLock "high-gear shift" for fast motion
|
||
tbl_end label byte
|
||
|
||
;-----------------------------------------------------------------------------
|
||
; KBD_INT
|
||
; This procedure intercepts the ROM-BIOS KB_INT.
|
||
; It sets and resets bits of a kbd flag as the user presses and releases keys.
|
||
; When the byte at 0000:04F1 is 0, the keystroke is passed on to the
|
||
; original keyboard handler.
|
||
|
||
kbd_int proc far
|
||
sti
|
||
cld
|
||
push ax
|
||
push si
|
||
push ds
|
||
|
||
in al,KB_DATA_PORT ;read scan-code from keyboard into AL
|
||
mov ah,al ;save original byte in AH
|
||
and al,7fh ;mask off "release bit" for comparisons
|
||
|
||
mov si,offset kbm_tbl
|
||
k_20:
|
||
cmp si,offset tbl_end ;at end of table?
|
||
ja k_25 ; yes, key not found. Exit to normal kbint
|
||
cmp al,byte ptr cs:[si] ; is this the key?
|
||
je k_30 ; yes, process the keystroke
|
||
inc si ; no, point past the scan code
|
||
inc si ; point past the bit-mask
|
||
jmp k_20 ; and loop back for the next entry
|
||
|
||
k_25:
|
||
;------- check for mode-toggle by user
|
||
cmp ah,NUMLOCK_KEY ;is this a press of [NumLock]?
|
||
jne k_27 ; no, go
|
||
sub si,si ; yes, look to BIOS data area
|
||
mov ds,si
|
||
test byte ptr ds:[KB_FLAG],ALT_STATE ; is [Alt] pressed?
|
||
jz k_27 ; no, pass the key on
|
||
|
||
xor byte ptr ds:[MODE_FLAG],1 ; yes, toggle the mode and
|
||
jmp short k_exit ; exit w/o processing
|
||
|
||
;------- the keystroke is to be processed by the normal keyboard interrupt
|
||
k_27:
|
||
pop ds
|
||
pop si
|
||
pop ax
|
||
jmp cs:[norm_kbd_int] ;continue at normal keyboard handler
|
||
|
||
k_30:
|
||
;------- process the scan code into a bit-pattern
|
||
mov al,cs:[si+1] ;get bit-flag mask
|
||
|
||
sub si,si
|
||
mov ds,si ;point to segment of KEY_BITS
|
||
|
||
test ah,RELEASE_BIT ;is this key being released?
|
||
jz k_40 ; no, go
|
||
|
||
;------- process key release
|
||
not al ;flip-flop mask bits
|
||
and byte ptr ds:[KEY_BITS],al ;mask off released key bit
|
||
jmp k_50
|
||
k_40:
|
||
;------- process key press
|
||
or byte ptr ds:[KEY_BITS],al ;set the bit for pressed key
|
||
|
||
;------- determine whether key should be passed on to normal keyboard handler
|
||
k_50:
|
||
cmp byte ptr ds:[MODE_FLAG],0 ;should key be processed further?
|
||
je k_27 ; yes, continue at normal kb int
|
||
|
||
;------- the keystroke is to be ignored by the rest of the system.
|
||
;------- wrap up this keyboard interrupt.
|
||
|
||
k_exit:
|
||
in al,KB_CTRL_PORT ;get current value of keyboard control lines
|
||
mov ah,al ; save it
|
||
or al,80h ;set the "enable kbd" bit
|
||
out KB_CTRL_PORT,al ; and write it out the control port
|
||
xchg ah,al ;fetch the original control port value
|
||
out KB_CTRL_PORT,al ; and write it back
|
||
|
||
pop ds
|
||
pop si
|
||
|
||
cli
|
||
mov al,EOI ;send End-Of-Interrupt signal
|
||
out INT_CTL_PORT,al ; to the 8259 Interrupt Controller
|
||
pop ax
|
||
iret ;exit to interrupted program
|
||
kbd_int endp
|
||
|
||
LAST_BYTE equ offset $+1 ;This is the address passed to INT 27H
|
||
;Notice that the code of the SET_UP
|
||
; procedure is not preserved in memory
|
||
|
||
;-----------------------------------------------------------------------------
|
||
; SET_UP
|
||
; This routine is executed only once, when the program is installed.
|
||
|
||
inst_msg db 'KBM KeyBoard Mouse driver',0dh,0ah
|
||
db 'Copyright (c) 1986 Ziff-Davis Publishing Co.,',0dh,0ah,'$'
|
||
|
||
err_msg1 db 07,'Already installed',0dh,0ah,'$'
|
||
err_msg2 db 'Wrong DOS version.',0dh,0ah,'$'
|
||
|
||
set_up proc near
|
||
|
||
;------- make sure this is DOS 2.0 or later
|
||
mov ah,30h
|
||
int 21h
|
||
cmp al,2
|
||
jae su_10
|
||
mov dx,offset err_msg2
|
||
jmp msg_exit
|
||
su_10:
|
||
|
||
;------- see if KBM has already been installed
|
||
mov ax,0
|
||
mov es,ax
|
||
cmp es:[INST_FLAG],1234H ;already installed?
|
||
jne su_20 ; no, continue
|
||
mov dx,offset err_msg1 ; yes, exit with message
|
||
jmp msg_exit
|
||
su_20:
|
||
mov word ptr es:[INST_FLAG],1234h ; flag says KBM is installed
|
||
|
||
;------- save the old kbint vector and set up the new one
|
||
mov al,9
|
||
mov ah,35h ;DOS GET_VECTOR service
|
||
int 21h ; for interrupt 9 (KBINT)
|
||
|
||
mov al,9 ;get address of the current kb int handler
|
||
mov ah,35h ;DOS GET_VECTOR service
|
||
int 21h
|
||
mov nki_segment,es ;save old address
|
||
mov nki_offset,bx
|
||
|
||
mov dx,offset kbd_int ;set INT 9 to local keyboard interceptor
|
||
mov al,9 ;set vector for INT 9 to DS:DX
|
||
mov ah,25h ;DOS SET_VECTOR service
|
||
int 21h
|
||
|
||
mov ax,0
|
||
mov es,ax ;initialize variables:
|
||
mov byte ptr es:[MODE_FLAG],0 ; process all keystrokes
|
||
mov byte ptr es:[KEY_BITS],0 ; no keys are pressed
|
||
|
||
;------- display message to indicate install`tion complete
|
||
mov dx,offset inst_msg
|
||
mov ah,9
|
||
int 21h
|
||
|
||
;------- exit to DOS, leaving the interrupt handler resident
|
||
mov dx,LAST_BYTE
|
||
int 27h
|
||
|
||
msg_exit:
|
||
mov ah,9
|
||
int 21h
|
||
int 20h
|
||
set_up endp
|
||
kbm endp
|
||
com_seg ends
|
||
end kbm
|
||
|
||
|