把程序整理了一下,下面是test.asm源代码。用MASM6编译,ml /AT /Fetest.sec test.asm
将test.asm拷到C盘根目录下,在boot.ini加入c:\test.sec="This is a test",启动时选择该项,要求输入密码,这里为bootsector,密码输入正确后即调用BOOTSECT.DOS进入98系统,前提是装了2000,并且c盘为98系统,如果不同则进行相应修改。另外单独做了一个生成密码的工具,将生成的结果修改汇编代码中密码数据,源代码genpass.c如下:
#include <stdio.h>
void main()
{
char szPassword[16];
char c;
int i, sum, length;
for(i = 0, sum = 0; (c = getchar()) != '\n' && i < 16; i++)
szPassword[i] = c, sum += c;
szPassword[i] = 0;
length = i;
sum &= 0xFF;
for(i = 0; i < length; i++)
{
printf("%0Xh, ", szPassword[i] ^ sum);
sum = (sum + 1) & 0xFF;
}
}
org 7A00h
__start:
mov si, 7C00h
mov di, __start
mov cx, 200h
rep movsb ;move code to 0000:7A00
push cs
push showPrompt
retf
showPrompt:
les di,screen
mov cx,9*2
sub di,cx
lea si,prompt
rep movsb
;Clear Password
ClearPass:
les di,screen
mov cx,KEYBUFF_LEN
xor ax,ax
rep stosw
mov si,BUFFER
xor bx,bx
xor dx,dx
mov cx,KEYBUFF_LEN
inputStr:
xor ax,ax
int 16h
cmp ax,1C0Dh
jz pressEnter
mov [si],al
inc si
add dl,al
les di,screen
add di,bx
mov ax,ECHOCHAR
stosw
inc bx
inc bx
loop inputStr
pressEnter:
mov di,offset passwd -1
mov si,BUFFER-1
xor cx,cx
testPasswd:
inc di
inc si
mov cl,[di]
jcxz RightPasswd
xor cl,dl
inc dx
cmp cl,[si]
jz testPasswd
;error password , continue to enter password
jmp ClearPass
RightPasswd:
xor ax,ax
mov es,ax ;restore es
;Read MBR
mov ax,201h
mov cx,1
mov dx,80h
mov bx,BUFFER
int 13h
;Read Partion 1
mov ax,201h
mov cx,[bx+1C0h]
mov dh,[bx+1BFh]
mov dl,80h
int 13h
xor eax,eax
mov al,dh
mov bl,SECTORS_PER_TRACK
mul bl
xor esi,esi
xchg eax,esi
mov al,ch
and ecx,0Fh
add esi,ecx
mul bl
mov bl,NUM_HEADS
mul bx
add esi,eax
shl edx,10h
add esi,edx
dec esi
mov startSector,esi
StoreSomeParam:
mov si,BUFFER
mov al,[si+0Dh]
mov SectorsPerCluster,al
xor eax,eax
mov ax,[si+24h]
xor bx,bx
mov bl,byte ptr [si+10h]
mul bx
mov bx,[si+0Eh]
mov FAT,bx
add ax,bx
mov RootDir,eax
;Search File
;Search for a Cluster
xor eax,eax
mov ax,[si+2Ch]
NextCluster:
push eax
sub eax,2
xor ebx,ebx
mov bl,SectorsPerCluster
mul ebx
add eax,RootDir
;Search for a Sector
xor cx,cx
mov cl,SectorsPerCluster
NextSector:
push eax
push cx
push eax
call ReadSect
;Search for a Directory
mov bx,BUFFER
mov dx,10h
SearchDirectory:
mov cx,11
mov si,bx
lea di,filename
repz cmpsb
jcxz IsItFile
jmp NextDirectory
IsItFile:
mov al,[si]
and al,18h
jz found
NextDirectory:
add bx,20h
dec dx
jnz SearchDirectory
pop cx
pop eax
inc eax
dec cx
jnz NextSector
pop eax
;eax*4/512
mov si,ax
and si,7Fh
shl si,2
push si
shr eax,7
add ax,FAT
push eax
call ReadSect
pop si
cmp dword ptr[si+BUFFER],0FFFFFFFh
jnz NextCluster
jmp $ ;Halt
ReadSect proc
push bp
mov bp,sp
mov eax,[bp+4]
add eax,startSector
xor edx,edx
xor ebx,ebx
mov bl,SECTORS_PER_TRACK
div ebx
inc dx
mov cx,dx
xor dx,dx
mov bl,NUM_HEADS
div ebx
xchg ch,al
shr ax,2
add cl,al
mov dh,dl
mov dl,80h
mov bx,BUFFER
mov ax,201h
int 13h
pop bp
ret 4
ReadSect endp
found:
pop cx
pop eax
pop eax
;Read file bootsect.dos to the memory starting at 0000:7C00
xor eax,eax
mov ax,[si+14h-0Bh]
shl eax,10h
mov ax,[si+1Ah-0Bh]
sub eax,2
xor ebx,ebx
mov bl,SectorsPerCluster
mul ebx
add eax,RootDir
push eax
call ReadSect
;Jmp to the bootsect.dos image
jmp RealStart
filename db 'BOOTSECTDOS'
prompt db 'P',0Ah,'a',0Ah,'s',0Ah,'s',0Ah,'w',0Ah,'o',0Ah,'r',0Ah,'d',0Ah,':',0Ah
passwd db 26h, 2Ah, 29h, 33h, 3Bh, 2Ch, 29h, 3Fh, 23h, 3Fh, 6 dup (0) ;'bootsector'
screen dd 0B8000000h+2*(12*80+39)
startSector dd ?
RootDir dd ?
SectorsPerCluster db ?
FAT dw ?
org __start + 1FEh
db 55h, 0AAh
RealStart:
code ends
end __start