amok.nfo: ▄▄▄▄ █▄ ▀ ▀░█████░▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▓███▀ ▀ ▒██████   Fine Cracking Art   ████ ▄ ▄▄░███████▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▒█████▄▄▄▄▄▄▄ ▒██▒ ████░ ▄███▒ ░███░ ▒███░ ░████████░ █████░ ████ ██ ████▓ ░████ █████▓ ██████ ███ █████░ █████ ████ ▒██ ▒████ █████ ░█████ ████▓ ████ ░████ █████ ▓█▓ ██ ████░ ████░ ████░ ░████ ████ ████▓ █████▓████░ ▓███████████ ████ ░████ ░█████ █████ ▒████ █████░░████ ██░ ▓████ ████ ▓████▓ ▓████░ █████ ░███░ █████ ░████ ██ ▓████▒ ████ ▓█████ █████ ██████ ███ █████ █████ ███░ ▓█████ ████▓ ▓████ ░█████ ▓█████▄▄██░ █████▒ ████░ ▀████░ ▓████████████░ ██████▄ ░████░ ▒██████[SW]░█████░ ████░ ▀ [ p r e s e n t s ] ▀ ▀█████▓ 2 0 0 0 █ ████▀ ─ ────────────┬──────────────────────────────────────────────────────────────┐ │ │ │ │ Title │ [Windows 2000 NTFS boot code ] │ │ │ │ ├──────────────┼──────────────────────────────────────────────────────────────┤ │ │ │ │ Filename │ [am-w2000bsntfs_bl.zip ] │ │ │ │ ├──────────────┼───────────────────────────────────────┬──────────────────────┤ │ │ │ │ │ Author │ [bl!tz ] Release Date │ [2000/1 1/02 ] │ │ Packager │ [bl!tz ] Release Type │ [Sources ] │ │ Context │ [Coding/ASM ] Release Size │ [01 Disk(s ) ] │ │ Difficulty │ [Quite Advanced ] Language │ [eng ] │ │ Format │ [TXT (DOS) ] Operating Sys │ [Various ] │ │ │ │ │ ├──────────────┴──────┬────────────────────────────────┴──────────────────────┤ │ Release Information │ │ ├─────────────────────┘ │ │ │ │ This is the second boot strap disassembled by me. │ │ │ ├─────────┬─────────────────────────────────────┬─────────────────┬───────────┤ │ Members │ │ Trials & Guests │ │ ├─────────┘ ├─────────────────┘ │ │ │ │ │ . Gaston...............gaston-amok@gmx.net │ . annelie...........Gues t │ │ . seaw0lf.............euterschaf@graswiese │ . JaxieChan......... Guest │ │ . Tola.........................tola@gmx.at │ . iONiZER...........Gues t │ │ . dUngHiLL2k............dunghill2k@gmx.net │ . Melborn...........Tria l │ │ . Norritt.............norritt-amok@gmx.net │ │ │ . Pinky & The Brain.........p_and_b@gmx.at │ │ │ . The Visios..............thevisios@gmx.de │ │ │ . Mathew Accent......mathew.accent@gmx.net │ │ │ . Just A Pixel........just_a_pixel@gmx.net │ │ │ . bl!tz.......................jmmr@gmx.net │ │ │ . ubique.daemon......ubique.daemon@gmx.net │ │ │ │ │ ├───────────┬───────────────────────────────────┴─────────────────────────────┤ │ Greetings │ │ ├───────────┘ │ │ │ │ hello Micro$oft ;-) │ │ │ ├───────────────┬─────────────────────────────────────────────────────────────┤ │ Contacting Us │ │ ├───────────────┘ │ │ │ │ . Via world wide web @ h ttp://www.amok.am - we recommend you to read │ │ the 'Infos' section at least the first time when visiting our site. │ │ │ │ . Any questions referring to this release? Just drop it's creator some │ │ nice lines using a clearly understandable subject. The e-mail addies │ │ should be listed above but you can also grab them at our site. │ │ │ │ . Do you want to join us? Are you interested in one or more of the │ │ following positions? If so just drop an e-mail to glead@gmx.net: │ │ │ │ * experienced coder (asm/c/c++/whatever (except vb-only)) │ │ * experienced cracker (at least nine months of experience) │ │ * experienced writer (documents/tutorial/articles) │ │ * shareware supplier (shareware pre-releases 4 our crackers) │ │ │ │ * other abilities that could be useful and/or supportive │ │ │ │ . We offer our members a complete easy-to-use release system that │ │ is currently used for automating the following tasks: │ │ │ │ * creation of .nfo and .diz (with preview) │ │ * creation of the final .zip package │ │ * comfortable internet update of the datafiles │ │ * group-internal dupechecking │ │ │ │ . You'll have to check out our site's 'Join us' section in or der to │ │ get some more information about joining AmoK. │ │ │ ├───────────┬─────────────────────────────────────────────────────────────────┤ │ Newsflash │ │ ├───────────┘ │ │ │ │ no Microsoft code. no no AAAAHH 8-0 │ │ │ ├─────────────────────┬───────────────────────────────────────────────────────┤ │ Quote Of The Moment │ │ ├─────────────────────┘ │ │ │ │ 'Well I'm a doctor, not a mechanic.' │ │ │ └───────────────────────────────────────────────────────────────────── ───── ─ Peace On Earth! .o( NFO & header by seaw0lf )o. file_id.diz: -======================================- .o$$ o$ o$ .o$ $o.$ $ .o$$o. $$ $$ $$ $$ $$,o,$$ $$ $$ $$$" $$.o$$$ $$ $ $$ $$ $$ $$ $$ 2 $$ . $$ $$ . $$ $$ $$ $$ $$ 0 $$ ::: $$ $$ : $$ `4$$P' $$ : $$ 0 - $$ -==- `4 -============- P'-=- $$ 0=- | [2000/11/02] .fine cracking art. P'. | -======================================- Windows 2000 NTFS boot code disassembled by bl!tz -=================================roy==- bsntfs.asm: ; Windows 2000 German NTFS bootcode disassembled using IDA ; I inserted information from RBIL on the BIOS funtions used in this ; boot strap. I also don't know, if it works, as there where no "test ; object". So please tell me. ; Contact me via JMMR@GMX.NET ; Assemble: ; TASM bsntfs.asm /m5 ; Link: ; TLINK bsntfs.obj,bsntfs.exe ; Convert to binary (using EXE2BIN R1.0 from Digital Research): ; EXE2BIN bsntfs.exe bsntfs.bin ; bl!tz - 2000/11/2 IDEAL P586 segment Code use16 assume cs:Code, ds:Code Start: jmp short RealStart nop ; ─────────────────────────────────────────────────────────────────────────── ;The following figures are taken from a 7.65 GB partition aNtfs db 'NTFS ' dw 200h db 8 RetryCount db 0 db 0 AlwaysZero dd 0 ExtSupported db 0 dw 0F8h db 0 SectorsPerTrack dw 63 Heads dw 255 HiddenSectors dd 3B5272h MaxSectors dd 0 BootDrive db 80h db 0, 80h, 0, 26h, 0E3h, 0F4h, 5 dup(0), 4, 7 dup(0 ;), 32h db 4Eh, 0Fh, 5 dup(0), 0F6h, 3 dup(0), 1, 3 dup(0), &# 48;DDh db 78h, 73h, 0B4h, 0A4h, 73h, 0B4h, 22h, 4 dup(0) ; ─────────────────────────────────────────────────────────────────────────── RealStart: cli ; Microsoft programmers... mov ss,XX disables interrupts, too!!! xor ax, ax mov ss, ax mov sp, 7C00h sti mov ax, 7C0h mov ds, ax call CalcMaxSectors mov ax, 0D00h mov es, ax xor bx, bx mov [RetryCount], 10h call ReadNtldr push 0D00h push 26Ah retf ; Jump to NTLDR - why no jmp far 0D00h:26Ah? ; ███████████████ S U B R O U T I N E ███████████████████████████████████████ proc CalcMaxSectors near mov dl, [BootDrive] mov ah, 8 int 13h ; INT 13 - DISK - GET DRIVE PARAMETERS (PC,XT286,CONV,PS,ESDI ,SCSI) ; AH = 08h ; DL = drive (bit 7 set for hard disk) ; ES:DI = 0000h:0000h to guard against BIO S bugs ; Return: CF set on error ; AH = status (07h) (see #00234) ; CF clear if successful ; AH = 00h ; AL = 00h on at least some BIOSes ; BL = drive type (AT/PS2 floppies only) (see #00242) ; CH = low eight bits of maximum cylinder number ; CL = maximum sector number (bits 5-0) ; high two bits of maximum cylinder number (bits 7-6) ; DH = maximum head number ; DL = number of drives ; ES:DI -> drive parameter table (floppies only) ; jnb NoError mov cx, 0FFFFh mov dh, cl NoError: movzx eax, dh inc ax ; eax = max heads + 1 movzx edx, cl and dl, 3Fh ; edx = max sector number mul dx ; edx:eax = heads*sectors xchg cl, ch shr ch, 6 inc cx movzx ecx, cx ; ecx = max cylinder number mul ecx ; edx:eax = (heads*sectors)*cylinders mov [MaxSectors], eax retn endp CalcMaxSectors ; ███████████████ S U B R O U T I N E ███████████████████████████████████████ proc TestForBIOSExtensions near mov ah, 41h mov bx, 55AAh mov dl, [BootDrive] int 13h ; INT 13 - IBM/MS INT 13 Extensions - INSTALLATION C HECK ; AH = 41h ; BX = 55AAh ; DL = drive (80h-FFh) ; Return: CF set on error (extensions not supported) ; AH = 01h (invalid function) ; CF clear if successful ; BX = AA55h if installed ; AH = major version of extensions ; 01h = 1.x ; 20h = 2.0 / EDD-1.0 ; 21h = 2.1 / EDD-1.1 ; 30h = EDD-3.0 ; AL = internal use ; CX = API subset support bitmap (see #00271) ; DH = extension version (v2.0+ ??? -- not present in 1.& #120;) ; jb NoExtensions cmp bx, 0AA55h jnz NoExtensions test cl, 1 ; extended disk access functions (AH=42h-44h,47h,48h) sup ported? jz NoExtensions inc [ExtSupported] NoExtensions: ret endp TestForBIOSExtensions ; ███████████████ S U B R O U T I N E ███████████████████████████████████████ proc ReadNtldr near pushad push ds push es TryAgain: mov eax, [AlwaysZero] add eax, [HiddenSectors] cmp eax, [MaxSectors] jb TryOldWay push ds push large 0 push eax ; starting absolute block number ((Cylinder*NumHeads + Selected Head) * SectorPerTrack + ; SelectedSector - 1 ; push es ; transfer buffer: es:bx push bx push large 10010h ; 1 sector to read cmp [ExtSupported], 0 jnz SkipTest call TestForBIOSExtensions cmp [ExtSupported], 0 jz ReadError SkipTest: ; CODE XREF: ReadNtldr+29j mov ah, 42h mov dl, [BootDrive] push ss pop ds mov si, sp int 13h ; INT 13 - IBM/MS INT 13 Extensions - EXTENDED READ ; AH = 42h ; DL = drive number ; DS:SI -> disk address packet (see #00272) ; Return: CF clear if successful ; AH = 00h ; CF set on error ; AH = error code (see #00234) ; disk address packet's block count field set to number of blocks ; successfully transferred ; pop eax pop bx pop es pop eax pop eax pop ds jmp short CheckError ; ─────────────────────────────────────────────────────────────────────────── TryOldWay: xor edx, edx movzx ecx, [SectorsPerTrack] div ecx inc dl mov cl, dl mov edx, eax shr edx, 10h div [Heads] xchg dl, dh mov dl, [BootDrive] mov ch, al shl ah, 6 or cl, ah mov ax, 201h int 13h ; DISK - READ SECTORS INTO MEMORY ; AL = number of sectors to read, CH = track, CL = sector ; DH = head, DL = drive, ES:BX -> buffer to fill ; Return: CF set on error, AH = status, AL = number of sectors read CheckError: jb ReadError mov ax, es add ax, 20h mov es, ax inc [AlwaysZero] dec [word RetryCount] jnz TryAgain pop es pop ds popad ret ; ─────────────────────────────────────────────────────────────────────────── ReadError: mov al, [ofFehlerbeimLesen] call WriteString mov al, [ofNeustart] call WriteString sti InfWait: jmp short InfWait endp ReadNtldr ; ███████████████ S U B R O U T I N E ███████████████████████████████████████ proc WriteString near mov ah, 1 mov si, ax WriteLoop: lodsb cmp al, 0 jz WriteDone mov ah, 0Eh mov bx, 7 int 10h ; - VIDEO - WRITE CHARACTER AND ADVANCE CURSOR (TTY WRITE) ; AL = character, BH = display page (alpha modes) ; BL = foreground color (graphics modes) jmp short WriteLoop ; ─────────────────────────────────────────────────────────────────────────── WriteDone: ret endp WriteString ; ─────────────────────────────────────────────────────────────────────────── aFehlerBeimLesen db 0Dh,0Ah,'Fehler beim Lesen des Datentr„ge rs',0 aNtldrFehlt db 0Dh,0Ah,'NTLDR fehlt',0 aNtldrKomprimiert db 0Dh,0Ah,'NTLDR komprimiert',0 aNeustartMit db 0Dh,0Ah,'Neustart mit Strg+Alt+Entf', 0Dh,0Ah,0 db 0Ah db 0Eh dup(0) ofFehlerbeimLesen db low offset aFehlerBeimLesen ofNtldrFehlt db low offset aNtldrFehlt ofNtldrKomprimiert db low offset aNtldrKomprimiert ofNeustart db low offset aNeustartMit org 1FEh dw 0AA55h ends Code end Start

Looking for real sex? Find someone now on the largest sex personals network. FREE signup! Post a FREE erotic ad w/5 photos, flirt in chatrooms, view explicit live Webcams, meet for REAL sex! 30,000 new photos every day! Find SEX now!