SoylentNews

Another day, another 500 miles, and another round of hacking. I'm dedicating an hour to this on and off over the weekend.

Right now, I've got an accurate int to hex function written in assembler for printing values of registers, an interrupt handler + installation, and some test code. Right now, I ran into a snag with calling the TSR function on int 21h, but I think its due to lack of sleep. Last few days has been very very stressful and I'm only picking at this as I go. I think I'm going to have to add a section to the next article talking about position-dependent vs. position-independent code as it will become important when we go to install into RAM.

Wish some of the documentation though on the specifics of how TSRs work internally survived; a lot say you have to use small memory model even though I have example code of tiny model TSRs.

Work has been going slow on the next installment of my retro-malware article. Right now, I've got an itoa function written in assembly, but real life has been kinda kicking my ass and I'm not making much headway in writing as I would like. As of right now, I know exactly what I need to write and code, but making the code flow.

Bleh. It doesn't help right now I'm travelling cross-country.

I'm absolutely stocked with the response the first bit of original content I've written for SN has gotten over 80 comments (even if a fair number are my own). It's very good motivation to keep going with it, and I've started working on outlining and planning the next section which I think will cover the following.

• The Stack
• SI/DS registers
• Terminate and Stay Resident
• (Maybe) DOS memory layout

I'm targetting ~2000 words in total, not counting the prelude section of the article. This will serve as a prelude to looking at the DOS memory map as a whole as well as get our first taste of how segmentation and relocation work under DOS since we will have to manage CS/DS/SS when we're in TSR mode. I'm currently writing out some demo code but its been fairly slow going since I got tripped up by the fact a pointer is 2 bytes (16-bit), and a lack of free time until this weekend. I'm hoping to have the code half of this cranked out by Friday to write up over the weekend.

I've decided for the time being to continue using NASM. While NASM is not a period specific assembler, its very easy to use, free software and has excellent documentation, and its the only assembler that can target x86_16 from Win64 and Linux64 that actually works. I wouldn't mind using the OpenWatcom assembler except its essentially undocumented. If I was going for period specific, I would need a 16-bit copy of LINK.EXE and MASM. Both are in the Windows DDK but extremely unfriendly to setup, or use Turbo Assembler and code in VirtualBox (pass; I like Notepad++ on Windows).

I've had some hangups on figuring out where to go beyond the basics of TSR programming. Unfortunately, non-IP based stuff appears to have dropped off the face of the internet. LANMAN client on Microsoft's FTP is completely MIA, and I can't find a freeware stack available anywhere that supports anything !TCP/IP. I could write something using Layer 2 protocols, but even then I'm kinda "eh" since that really doesn't go into the history of early networking or stuff. As best I can tell, at least for IPX, the actual Novell NetWare client was TSR, but its essentially non-existent. LANMAN in theory is free on Microsoft's FTP, but no developer documentation that I can find.

One idea I had though was perhaps reviving my ham radio stuff, and plugging the whole thing into AX.25. KA9Q for DOS is open source and implements KISS, and I can emulate another AX.25 host over the serial port (or go full turkey, and plug the other side into an actual radip using Linux as a glorified BNC). That would get me a period specific way of getting the data out of a target system in a targetting attack. (obviously, real NSA would use something beside amauter radio bands, but the concept exists. You could easily hide a micro-radio in a PC case wired up to an ISA slot or something, using the case itself as an antenna).