Category : Recently Uploaded Files
Archive : 80XXX_94.ZIP
Filename : HND2NAME.ASM
Output of file : HND2NAME.ASM contained in archive : 80XXX_94.ZIP
;* Hnd2Name by Tom Marshall - 08/16/94
;* Released into the public domain
;*************************************************************************
;* Finds the filename of an open file when given its handle. The two DOS
;* functions are undocumented. I found these while disassembling the
;* "Darth Vader" virus. If you remove the error check after the first
;* function call, replace it with a dummy instruction such as "xor bh,bh".
;* McAfee's virus scanner (and probably others) uses this piece of code to
;* identify the Darth Vader virus. (!) For descriptions of these
;* functions, see "Undocumented DOS" or Ralf Brown's INT list.
;*************************************************************************
MODEL TINY
CODESEG
ORG 0100h
Start: mov bx,3 ;Use StdAux for demo
mov ax,1220h ;Get JFT entry
int 2Fh
jc Error
mov bl,[es:di] ;Get SFT entry
mov ax,1216h
int 2Fh
jc Error
add di,20h ;Index to filename
push es ;Print it out
pop ds
mov dx,di
mov cx,11
mov ah,40h
int 21h
Exit: mov ax,4C00h
int 21h
Error: mov dx,OFFSET Error$
mov ah,9
int 21h
jmp Exit
Error$ DB 'DOS returned an error. '
DB 'Check handle number.',13,10,'$'
END Start
Very nice! Thank you for this wonderful archive. I wonder why I found it only now. Long live the BBS file archives!
This is so awesome! 😀 I’d be cool if you could download an entire archive of this at once, though.
But one thing that puzzles me is the “mtswslnkmcjklsdlsbdmMICROSOFT” string. There is an article about it here. It is definitely worth a read: http://www.os2museum.com/wp/mtswslnk/