Omnimaga
Calculator Community => TI Calculators => ASM => Topic started by: ACagliano on March 23, 2010, 09:14:56 am
-
I am planning on releasing Version 6 of my Antivirus Software for the TI-83+ or compatible. This software can already search through programs for those with virus names and delete them if you choose. But now I would like to add a new feature: intercepting transmitted programs.
I am looking for an assembly subroutine that will be run with Linkman's "Run this program when link activity" feature. Upon being run, the assembly routine copies the NAME of the received program to a buffer, or to a string, or to Ans. I'll do the rest in TI-Basic.
Also, I am wondering if there are any asm programs out there that will take a name from a string and check calc memory for any programs or appvars with that name and return 1 if it exists and 0 if not. This section of my antivirus works already, but it just simply deletes the program, doesn't actually tell you if it is on your calc. I would like it to do that.
Thanks.
-
Mhmm... I didn't knew there were any calc viruses though? O.o (at least, anything that will mess up/do weird stuff on your calc before you even run them, unless you mean all known prank programs/fake programs that doesn't do what they're supposed to do on launch?)
That said such routines would be nice
-
Celtic III anyone?
-
I can't find any linking function in Celtic III. I saw something called DOLINK, which is det(33, but there are no instructions on how it is used and the outputs in the readme.
-
I was talking about AppVars, sorry
-
Hmmm. I'll look through Celtic III. Is it only for AppVars, though?
-
Mhmm... I didn't knew there were any calc viruses though? O.o (at least, anything that will mess up/do weird stuff on your calc before you even run them, unless you mean all known prank programs/fake programs that doesn't do what they're supposed to do on launch?)
That said such routines would be nice
I have researched known calc "viruses". One or two of them are potentially harmful. The others are pranks. All of them are included in my virus definitions file.
-
(Post removed due to community disapproval and lack of a point)
-
Ok. How do you use the linking function of it? Unless its in the readme, in which case I"ll be checking that now.
-
Not sure, never tried.
-
No. There is no linking commands. But there is one I can use for program removal. Which still leaves the silent linking interrupt.
-
I am planning on releasing Version 6 of my Antivirus Software for the TI-83+ or compatible. This software can already search through programs for those with virus names and delete them if you choose. But now I would like to add a new feature: intercepting transmitted programs.
I am looking for an assembly subroutine that will be run with Linkman's "Run this program when link activity" feature. Upon being run, the assembly routine copies the NAME of the received program to a buffer, or to a string, or to Ans. I'll do the rest in TI-Basic.
Also, I am wondering if there are any asm programs out there that will take a name from a string and check calc memory for any programs or appvars with that name and return 1 if it exists and 0 if not. This section of my antivirus works already, but it just simply deletes the program, doesn't actually tell you if it is on your calc. I would like it to do that.
Thanks.
Well a antivirus for calculator is paranoic because currently there aren't any real threat virus (the ones who copy themself to other calcs/pcs to calcs). Normally only sending youself a virus to your calc AND executing the virus will turn things bad. Although there are some link exploits...
Putting apart that a anti-virus of that kind can provide some experience in programming. So go for it.
Other things to note:
Searching for a name is not enough. Anyway a real anti-virus would search in assembly programs for opcodes that unlock the flash writing (and edit the TI-OS passing to control the calc) or install a stay resident custom interrupt (unwanted code may be run). Other thing I can think of is programs installing hooks in the OS to do bad things. TI-BASIC programs can do harm too.
Basically you need to have a good knowledge of assembly and TI-OS to do a good anti-virus for calcs. But as I said, you can use your TI-BASIC anti-virus to train a bit in programming.
Good luck and have fun.
-
Hehe. If only you knew what I knew...
Erh. Nevermind.
Celtic III does not actually support linking. What you see in the readme is a placeholder for whenever I decide to get up and actually do it.
-
Hehe. If only you knew what I knew...
I remember... (if this is what you are talking about) :P
-
rather than just having a pure anti-virus program, another idea is to have another feature which can flag programs on your calc that can possibly be buggy/have code that doesn't make sense. like a heads-up on programs that might not work
-
Now I'm curious what Iambian knows that we apparently don't know...(with the exception of possibly DJ :P)
-
@meishe
yeah, me too xD
-
*cough* Imbian made Celtic III *cough*
-
I think Iambian was refering to a much older program he made almost 6 years ago. The hex code was in his signature on the old MaxCoderz board (the one before PHPBB) and later on United-TI, but he removed it since it was too dangerous (altough far less much than what BrandonW can do)
-
@SirCmpwn
Ya, I know. I don't see how that can really do much damage as a virus though.
@DJ
What did the program that Iambian do? For that matter...what can BrandonW do? O.O
-
Iambian's deleted the OS. Fixable by resending a new OS. BrandonW, however, deleted the certificate (some ASM stuff). With the certificate gone, it is no longer possible to send anymore calc OS to the calc, I believe, so if you lose your OS, your calc is permanently unuseable. That's unless there's actually a way to put a new certificate on the calc, though. I'm not sure if what I say is really exact but I heard bad things about certificate deletion.
-
Deleted certificate = paperweight
-
I think BrandonW make a program to fix the certificate because he bricked too many of his calcs. I know Bwang has pulled the Hex for deleting OS on some of my friends before :P
*glares at Bwang*
;D I don't let you near my calc anymore bwang!
-
Isn't there some hex to invalidate the OS? Brandon Wilson posted it for a while and then took it down.
-
What do you mean invalidate the OS? And ya, that seems dangerous, I can see why he took it down.
-
Awesome. I want that hex. So, can any one recommend to me a good assembly tutorial? One that is understandable and easy to follow.
-
Learn TI-83+ Assembly in 28 Days
-
Ok. I'm on it now. Though it won't be 28 days with my Star Trek game in the works.
-
I think BrandonW make a program to fix the certificate because he bricked too many of his calcs. I know Bwang has pulled the Hex for deleting OS on some of my friends before :P
*glares at Bwang*
;D I don't let you near my calc anymore bwang!
I will make his forum nick pink
j/k
-
@ DJ: I was actually referring to my not-referred-to-as-much EVILCODE project. For those that don't know, I would want to keep it that way. DJ can spill the beans if he wants, if he remembers it.
Also, IIRC, Brandon's method of fixing the certificate page on a bricked calculator involves using a buffer overflow exploit in the bootcode or something.
-
Mhmm I forgot that one, altough I remember the name x.x
I should maybe check my old IRC logs the next time I turn ON my old computer
-
Darn! BrandonW did remove the OSKill program from his site.
Now I'll never know how to delete the OS on 84+SE's, since I only memorized the hex for the 84+ non-SE. :(
At least I will never be tempted to damage builderboy's calculator :)
EDIT: Never mind, I found a copy of OSKill.txt on my computer.
-
YEs. Right here.
-
Lol, bad Bwang :P
-
Iambian's deleted the OS. Fixable by resending a new OS. BrandonW, however, deleted the certificate (some ASM stuff). With the certificate gone, it is no longer possible to send anymore calc OS to the calc, I believe, so if you lose your OS, your calc is permanently unuseable. That's unless there's actually a way to put a new certificate on the calc, though. I'm not sure if what I say is really exact but I heard bad things about certificate deletion.
I read this way too late, so well, I'll just answer now.
You CAN fix a certificate if you have an OS without too much trickery, and vice versa. It is far harder to fix a calc when both are gone, but I believe Brandon has a supermegafix0r routine on his site, somewhere, but it might only work under certain conditions.
-
Oh right yeah I forgot that x.x. I remember in #ti he talked to me about his prog. Apparently it's not 100% reliable, but in most cases, it should do the job. I think it depends of how badly the certificate is broken.