Bootlevel

Saturday, September 6, 2008

Binary Programing


In this blog I am going to teach u how to write Assembly x86 code. (Execute it by) Booting it from a USB drive or floppy drive and run it!...


1. Custom Master Boot code.
2. The Boot Signature.
3. Windows Xp Master Boot Code.
4. Tools to write into the boot sector.
5. Hello World Boot code.
6. Bios Settings.
7. Assembly translation


Custom Master Boot code

The first 512 bytes of memory in any secondary storage device is the The Master boot code. My aim is to let u write directly into the master boot record.


The Boot Signature (55AAh)


The value 55AA in hex at last Memory location of the boot sector ie. 01FE(value 55) and 01FF(value AA) in Absolute Sector 0(Cylinder 0, Head 0, Sector 1) Represents the boot signature.. All bootable boot enabled devices must have a boot signature.


Windows Xp Master Boot Code


Absolute Sector 0 (Cylinder 0, Head 0, Sector 1)

0 1 2 3 4 5 6 7 8 9 A B C D E F
0000 33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C 3.....|.P.P....|
0010 BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04 ...PW...........
0020 38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5 8n.|.u..........
0030 83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B ...It.8,t.......
0040 F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88 ..<.t...........
0050 4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B N..F.s*.F..~..t.
0060 80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83 .~..t....u..F...
0070 46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB F...V...!.s.....
0080 BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0 ..>.}U.t..~..t..
00A0 00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC .....r#..$?.....
00B0 43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56 C..........B..9V
00C0 0A 77 23 72 05 39 46 08 73 1C B8 01 02 BB 00 7C .w#r.9F.s......|
00D0 8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A .N..V...sQOtN2..
00E0 56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD V......V.`..U.A.
00F0 13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60 .r6..U.u0...t+a`
0100 6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A j.j..v..v.j.h.|j
0110 01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B .j..B....aas.Ot.
0120 32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 49 6E 76 61 2..V.....a..Inva
0130 6C 69 64 20 70 61 72 74 69 74 69 6F 6E 20 74 61 lid partition ta
0140 62 6C 65 00 45 72 72 6F 72 20 6C 6F 61 64 69 6E ble.Error loadin
0150 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 g operating syst
0160 65 6D 00 4D 69 73 73 69 6E 67 20 6F 70 65 72 61 em.Missing opera
0170 74 69 6E 67 20 73 79 73 74 65 6D 00 00 00 00 00 ting system.....
0180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01B0 00 00 00 00 00 2C 44 63 B5 EB 31 E0 00 00 80 01 .....,Dc..1.....
01C0 01 00 07 FE BF 82 3F 00 00 00 84 9E 9D 00 00 00 ......?.........
01D0 81 83 05 FE FF FF C3 9E 9D 00 FE F2 0A 04 00 00 ................
01E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............U.


Tools to write into the boot sector.

The trick here is to write into the physical disk and not just Partitioned/Formatted drives.
To write into the boot sector I Recommend Hexworkshop .Its a hex editor with total access to all writable drives (cd writing not supported for obvious reasons).Especial recommend for USB boot sector writing.

Hello World Boot code.

Open hexworkshop. Next from Disk Menu(in the main menu)Click Open Drive. Important In the open'd Dialog box choose the "Physical Disk" from the select menu. One of the displayed disks will be ur USB Disk Choose and click Ok. Warning! hex Workshop Can Destroy Data on ur Hard disk or usb and even cause windows to stop booting if not used correctly.

The code:

Absolute Sector 0 (Cylinder 0, Head 0, Sector 1)
0 1 2 3 4 5 6 7 8 9 A B C D E F
00000000 31 C0 8E D0 66 BC 00 7C FB 66 B8 C0 07 8E D8 90 1...f..|.f......
00000010 B4 00 B0 00 CD 10 B0 00 B4 05 CD 10 B5 00 B1 07 ................
00000020 B4 01 CD 10 B6 09 B2 09 B7 00 B4 02 CD 10 8C D8 ................
00000030 8E C0 B4 13 B0 00 B7 00 B3 0F B9 0C 00 B6 09 B2 ................
00000040 09 BD 50 00 CD 10 B7 00 B4 08 CD 10 EB FE CD 19 ..P.............
00000050 68 65 6C 6C 6F 20 77 6F 72 6C 64 21 90 90 90 90 hello world!....
00000060 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
00000070 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
00000080 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
000000A0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
000000B0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
000000C0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
000000D0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
000000E0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
000000F0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
00000100 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
00000110 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
00000120 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
00000130 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
00000140 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
00000150 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
00000160 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
00000170 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
00000180 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
00000190 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
000001A0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
000001B0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
000001C0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
000001D0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
000001E0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................
000001F0 90 90 90 90 90 90 90 90 90 90 90 90 90 90 55 AA ..............U.

Easy TO copy version:
31 C0 8E D0 66 BC 00 7C FB 66 B8 C0 07 8E D8 90
B4 00 B0 00 CD 10 B0 00 B4 05 CD 10 B5 00 B1 07
B4 01 CD 10 B6 09 B2 09 B7 00 B4 02 CD 10 8C D8
8E C0 B4 13 B0 00 B7 00 B3 0F B9 0C 00 B6 09 B2
09 BD 50 00 CD 10 B7 00 B4 08 CD 10 EB FE CD 19
68 65 6C 6C 6F 20 77 6F 72 6C 64 21 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 90 90 90 90 90 90 90 90 90 55 AA


Bios Settings.

boot the computer by setting the first boot device as the usb flash drive.to do this u need to hit del key before windows loads up. go to the boot menu set the first boot device as the device in which u have ur bootsector code. save and exit bios setup. Don't exit without saving if u want the settings to be saved.Warning! can cause windows to stop booting if not done correctly.Maybe even fry ur chip if u mess around too much.


Assembly translation



cli
xor ax,ax
mov ss,ax
mov esp,66FB7C00h
mov ax,07C0h
mov ds,ax
nop
mov ah,00h
mov al,00h
int 10h
mov al,00h
mov ah,05h
int 10h
mov ch,00h
mov cl,07h
mov ah,01h
int 10h
mov dh,09h
mov dl,09h
mov bh,00h
mov ah,02h
int 10h
mov ax,ds
mov es,ax
mov ah,13h
mov al,00h
mov bh,00h
mov bl,0Fh
mov cx,000ch
mov dh,09h
mov dl,09h
mov bp,offset txt ; error prone cause it can point to 150
                  ; insted of 50 might have to correct that

int 10h
mov bh,00h
mov ah,08h
int 10h
loop:
jmp short loop
int 19h
txt:
db 'hello world!'





Nbasm is a Good tool to Tanslate each of these code line to get its x86 binary equilvalant.