Scribd
Upload
55 views6 pages

Hex to Binary ASM Conversion Code

Scrip

Uploaded by

slametmundianto7
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
55 views6 pages

Hex to Binary ASM Conversion Code

Scrip

Uploaded by

slametmundianto7
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd

-a 0100

0AE4:0100 ;-----------------------------------------------

0AE4:0100 ; Hex to Binary 16-bit ASM in debug.com syntax.

0AE4:0100 ; v0.2

0AE4:0100 ;

0AE4:0100 ; Joshua J. Drake <jduck [at] metasploit.com>

0AE4:0100 ;

0AE4:0100 ; References:

0AE4:0100 ; http://kipirvine.com/asm/debug/Debug_Tutorial.pdf

0AE4:0100 ; http://jakash3.wordpress.com/2010/02/20/file-operations-in-assembly-
language/

0AE4:0100 ;-----------------------------------------------

0AE4:0100 ;

0AE4:0100 jmp 197 ;jmp main (jmp)

0AE4:0103 ;

0AE4:0103 ;exit_program:

0AE4:0103 ; close read file

0AE4:0103 mov bx,[1bd] ;read_handle=1bd

0AE4:0107 call 131 ;call close_file

0AE4:010A ; close write file

0AE4:010A mov bx,[1cc] ;write_handle=1cc

0AE4:010E call 131 ;call close_file

0AE4:0111 mov ax,4c00 ;Exit function (AL=Errorlevel to return)

0AE4:0114 int 21 ;Do it

0AE4:0116 ;

0AE4:0116 ;open_for_reading:

0AE4:0116 mov ah,3d ;Open file function

0AE4:0118 mov al,00 ;Read-Only file access

0AE4:011A mov dx,1bf ;read_filename=1bf

0AE4:011D int 21 ;Do it


0AE4:011F mov [1bd],ax ;read_handle=1bd

0AE4:0122 ret

0AE4:0123 ;

0AE4:0123 ;open_for_writing:

0AE4:0123 mov ah,3c ;Open file function

0AE4:0125 mov cx,4 ;Archive file attribute

0AE4:0128 mov dx,1ce ;write_filename=1ce

0AE4:012B int 21 ;Do it

0AE4:012D mov [1cc],ax ;write_handle=1cc

0AE4:0130 ret

0AE4:0131 ;

0AE4:0131 ;close_file:

0AE4:0131 mov ax,3e00 ;Close file function

0AE4:0134 int 21

0AE4:0136 ret

0AE4:0137 ;

0AE4:0137 ; read(*phR,0x200,0x100)

0AE4:0137 ;read_data:

0AE4:0137 mov bx,[1bd] ;read_handle=1bd

0AE4:013B mov ax,3f00 ;Read from file function

0AE4:013E mov cx,100 ;Read the first 256 bytes of file

0AE4:0141 mov dx,0200 ;Address of buffer to store bytes read

0AE4:0144 int 21 ;Do it

0AE4:0146 cmp ax,2 ;must have at least 2 bytes to continue

0AE4:0149 ja 151 ;ja have_enough (jmp)

0AE4:014B call 178 ;call write_data

0AE4:014E call 103 ;call exit_program

0AE4:0151 ;have_enough:

0AE4:0151 ret

0AE4:0152 ;
0AE4:0152 ;convert_to_nibble: (al)

0AE4:0152 mov ah,0 ;no error

0AE4:0154 or al,20 ;lowercase the byte

0AE4:0156 sub al,30 ;is it in the 0-9 range?

0AE4:0158 cmp al,9

0AE4:015A jbe 164 ;jbe convert_success (jmp)

0AE4:015C sub al,31 ;if not, is it in the 0x61-0x66 range?

0AE4:015E cmp al,5

0AE4:0160 ja 165 ;ja convert_error (jmp)

0AE4:0162 add al,a ;yep, converted -> add 10 and return it

0AE4:0164 ;convert_success:

0AE4:0164 ret

0AE4:0165 ;convert_error:

0AE4:0165 mov ah,ff ;return error

0AE4:0167 ret

0AE4:0168 ;

0AE4:0168 ;get_one_byte:

0AE4:0168 cmp bp,0 ;see if we have bytes left

0AE4:016B jne 175 ;jne return_byte (jmp)

0AE4:016D call 137 ;call read_data

0AE4:0170 mov bp,ax ;store bytes read in bp

0AE4:0172 mov si,200 ;reset src ptr

0AE4:0175 ;return_byte:

0AE4:0175 lodsb

0AE4:0176 dec bp

0AE4:0177 ret

0AE4:0178 ;

0AE4:0178 ; write(*phW,0x300,di-0x300)

0AE4:0178 ;write_data:
0AE4:0178 mov cx,di ;load dst ptr

0AE4:017A sub cx,300 ;convert to count

0AE4:017E mov bx,[1cc] ;write_handle=1cc

0AE4:0182 mov ax,4000 ;Write to File function

0AE4:0185 mov dx,0300 ;Points to data to write

0AE4:0188 int 21 ;Do it

0AE4:018A ret

0AE4:018B ;

0AE4:018B ;get_nibble_or_die_trying:

0AE4:018B call 168 ;call get_one_byte

0AE4:018E call 152 ;call convert_to_nibble

0AE4:0191 cmp ah,0 ;check for error

0AE4:0194 jne 18b ;jne get_nibble_or_die_trying (jmp)

0AE4:0196 ret

0AE4:0197 ;

0AE4:0197 ;

0AE4:0197 ;================================================================

0AE4:0197 ;

0AE4:0197 ;------

0AE4:0197 ;main:

0AE4:0197 ;------

0AE4:0197 ;

0AE4:0197 call 116 ;call open_for_reading

0AE4:019A call 123 ;call open_for_writing

0AE4:019D ;

0AE4:019D ;-----------------------------------------------

0AE4:019D ; loop, processing bytes, refilling when needed

0AE4:019D ;-----------------------------------------------

0AE4:019D ;

0AE4:019D ; init pre-loop


0AE4:019D mov bp,0 ;bytes left

0AE4:01A0 ;outer_loop:

0AE4:01A0 mov di,300 ;write buf

0AE4:01A3 ;inner_loop:

0AE4:01A3 ;

0AE4:01A3 ; load the first byte (high nibble)

0AE4:01A3 call 18b ;call get_nibble_or_die_trying

0AE4:01A6 ;

0AE4:01A6 ; save the nibble in ah -> stack

0AE4:01A6 mov cx,1000

0AE4:01A9 mul cx

0AE4:01AB push ax

0AE4:01AC ;

0AE4:01AC ; load the second byte (low nibble)

0AE4:01AC call 18b ;call get_nibble_or_die_trying

0AE4:01AF ;

0AE4:01AF ; combine the nibbles and save the result

0AE4:01AF pop dx

0AE4:01B0 or al,dh

0AE4:01B2 stosb

0AE4:01B3 ;

0AE4:01B3 ; if we're not done, process the next byte

0AE4:01B3 cmp bp, 0

0AE4:01B6 jne 1a3 ;jne inner_loop (jmp)

0AE4:01B8 ;

0AE4:01B8 ;

0AE4:01B8 ; flush output and try for more

0AE4:01B8 call 178 ;call write_data

0AE4:01BB jmp 1a0 ;jmp outer_loop (jmp)


0AE4:01BD ;

0AE4:01BD ; declare global data

0AE4:01BD ;read_handle:

0AE4:01BD db 00,00

0AE4:01BF ;read_filename:

0AE4:01BF db "testfile.dat",00

0AE4:01CC ;write_handle:

0AE4:01CC db 00,00

0AE4:01CE ;write_filename:

0AE4:01CE db "testfile.out",00

0AE4:01DB ;

0AE4:01DB ; remainder is buffer space

0AE4:01DB

-r cx

CX 0000
:0400

-n h2b.com

-w

Writing 00400 bytes


-q

You might also like