Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

Know Thy User.


devel / comp.os.msdos.programmer / Re: CM3 revisited

SubjectAuthor
* Re: CM3 revisitedKerr-Mudd, John
`* Re: CM3 revisitedTerje Mathisen
 `* Re: CM3 revisitedKerr-Mudd, John
  +- Re: CM3 revisitedTerje Mathisen
  `* Re: CM3 revisitedKerr-Mudd, John
   +* Re: CM3 revisitedJohann 'Myrkraverk' Oskarsson
   |`* Re: CM3 revisitedKerr-Mudd, John
   | `* Re: CM3 revisitedKerr-Mudd, John
   |  `* Re: CM3 revisitedTerje Mathisen
   |   `* Re: CM3 revisitedKerr-Mudd, John
   |    +- Re: CM3 revisitedTerje Mathisen
   |    `- Re: CM3 revisitedKerr-Mudd, John
   `* Re: CM3 revisitedTerje Mathisen
    `- Re: CM3 revisitedKerr-Mudd, John

1
Re: CM3 revisited

<20230226121725.564c626772b1652446c95951@127.0.0.1>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=9976&group=comp.os.msdos.programmer#9976

  copy link   Newsgroups: alt.lang.asm comp.lang.asm.x86 comp.os.msdos.programmer
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: adm...@nospicedham.127.0.0.1 (Kerr-Mudd, John)
Newsgroups: alt.lang.asm,comp.lang.asm.x86,comp.os.msdos.programmer
Subject: Re: CM3 revisited
Date: Sun, 26 Feb 2023 12:17:25 +0000
Organization: Dis
Lines: 93
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <20230226121725.564c626772b1652446c95951@127.0.0.1>
References: <20230213223101.c420f77d1c7054286f4febc2@127.0.0.1>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Injection-Info: reader01.eternal-september.org; posting-host="6c7a0eb20096353dae243b5bd88b2295";
logging-data="3075697"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+0IP5NFVXTX/kc6LUGznHh3pTrfoj86Ok="
Cancel-Lock: sha1:WTXqLkEKKCjha8CcIeGxkDQu62w=
 by: Kerr-Mudd, John - Sun, 26 Feb 2023 12:17 UTC

On Mon, 13 Feb 2023 22:31:01 +0000
"Kerr-Mudd, John" <admin@127.0.0.1> wrote:

> Many years (decades actually) ago a one time regular here, Laura
> Fairhead, posted a com to ascii program, called CM3. I've gone back to
> looking at the decoder and have failed to find any way of shortening
> it. But I've revamped the "create" program to just output ASCII code
> (dropping the batch surrounds of 'Echo/' and '>>fn.com') from 759
> bytes to 394 and made another that outputs the encoded program to STDOUT
> (rather than immediately executing), that one's a bit shorter at 376.
> As they are just variations on a theme, the same restriction applies:
> max com file input size is c.50k. (one read, one write)
>
> Here they are: (encoded by the 2nd program), so save to file & run to
> recreate - feel free to step through them and run a virus scanner 1st!
> I can post debug dumps if preferred.
>
> 1) Program to convert a DOS COM file to ASCII executable;
>
> to recreate the binary copy and paste to 'prog1.com' or somesuch then run
> prog1 >makeexec.com
>
> usage is makeexec dosprog.com > asciexec.com
>
> 'asciexec' can then be run as if it were 'dosprog'
>
> 6h}aXP5y`P]4nP_XW(F4(F6(F=(FF)FH(FL(Fe(FR0FTs*}`A?+,
> fkOU):G*@Crv,*t$HU[rlf~#IubfRfXf(V#fj}fX4{PY$@fPfZsZsX2YVQH
> .+HWM4LVC4qsv9[T}uqrxB`h3HS(iNkBgUa,2bfa'Yfx0bVQ$W-N*$')=0i
> EsLo$7E1_dORw$Mt`cNhc93c_get+f\YtWI,@;yVnT[jd=`*nGHUS)t/39(
> W`ST7T;)K(?j'?/:u1:e`4r(rTZII0$$o6DI$(bI$$))7$$[v:I)zKNqgwJ
> ID@a~-P;?}fF[dC3:CQwk9bqei2[pHR2[pHR@zd6:96}tJ)9`RMDsTh=N;P
> 4g_c'icT(vo7blJ:}btejaUFXW8@`Voq$W5O$$)HhXt5HK_AQ}-bHn{290K
> (H,HYn9aHn~4@Mgsk(0Ca;@=6,QOBN\6oIsHQRMCN37GUe[2MCN96KPrz4H
> YwfpIVK4]Any3ZAomX0Aq?/y2{,T`=V\.g9cxp`3=Xk[=V\m{HVd-H5U-Go
> 3_dXa:D+d/)9ZVACKYJI3Y~URN+nz?1esSmLi.V=1J`;GHv(uZHtzaJHoAE
> .DJ~}zDd{O*ApK{CE,$sb$$5e?:l]\J=~ddAj}WTL$$$$I#
>
>
> 2) Program to create an ASCII text program which can then be
> run to recreate a DOS binary program.
>
> to recreate the binary copy and paste to 'prog2.com' or somesuch then run
> prog2 >makeASCI.com
>
> usage is makeASCI dosprog.com > asciprog.txt
>
>
> 6h}aXP5y`P]4nP_XW(F4(F6(F=(FF)FH(FL(Fe(FR0FTs*}`A?+,
> fkOU):G*@Crv,*t$HU[rlf~#IubfRfXf(V#fj}fX4{PY$@fPfZsZsX1yDQH
> .+4WM4LVC4qsv9[T}ul-6JMbG_ZniNkBgUa,2bfa'Yfx0bVQzrj?($$f)_i
> EsLo$5KrLdORw$sklui$U[E+_ht`PdRBBfcgBgXFKY1uR6aty5oWwh(29nF
> fIa:r(QJ6h`g-L6$/2`J'pD\:lW:E;Ba5_x'oYoe9D\Q@9@2GS9@2G39@2F
> k9@2Fi9@2FR__9'lei+i\*JkJ'ne+yD'Y6WH1P'm-$a7nHl90uQ*ROVHj{?
> _`{)z*t0rLendO756$rgsRBM[r@8h?iVJpcR-GxxRsM.}w+Irs[zH[Kx5*8
> Xk@BNwxr0FLJzHZk,uKn@gFI:-n}0L.FLKm$bz)9\X_GDBnPNz?L(6oUxkD
> J9uI6m+tx2wVVJ=V\Kp?9N)}2yu.a=V]pBC-?XEG${TN46_yUJT$vg8cv,.
> ;\80s3W1ihCJmI_Hw.RtMd/o1HtC:TCcgXfPB8GDOZmqA:\@R4E*\[Je8?I
> b/}H?V0rL@bc4_`\$)[[d#
>
>
>
> when 'asciprog.txt' is copy and pasted to 'asciprog' and then run it will
> recreate 'dosprog' to STDOUT i.e.
>
> asciprog>dosprog.com
>
>
Seems I failed to xpost this back in mid-Feb.

I have since created a hex executer in a similar vein; it had a bug that's
taken me an embarrassing amount of time to track down. My program
worked fine under GRDB, (after stepping to ensure the fixedup code had
erm been fixedup), but went wrong with larger hex programs if executed
directly.
It turns out I was assuming that CX contains the length of the
executable (text) at start. This seems to not be the case, certainly on my
CMD box under XP - here it (CX) seems to be set to 0x00FF, so short
programs would decode OK, but larger ones truncated.

Does anyone here know if this is a known bug or is it something
peculiar to my setup? Is there any simple way to get the current
program's length (I'd prefer not to have to find my fn, then open and
search to end! ).

Any test report gratefully received in one of these forums; probably
c.o.m.p is best for relevance.

--
Bah, and indeed Humbug.

Re: CM3 revisited

<b67abec1-edbf-1a0d-80b6-dcd85b749cea@tmsw.no>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=9977&group=comp.os.msdos.programmer#9977

  copy link   Newsgroups: alt.lang.asm comp.lang.asm.x86 comp.os.msdos.programmer
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: terje.ma...@nospicedham.tmsw.no (Terje Mathisen)
Newsgroups: alt.lang.asm,comp.lang.asm.x86,comp.os.msdos.programmer
Subject: Re: CM3 revisited
Date: Sun, 26 Feb 2023 20:33:41 +0100
Organization: A noiseless patient Spider
Lines: 111
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <b67abec1-edbf-1a0d-80b6-dcd85b749cea@tmsw.no>
References: <20230213223101.c420f77d1c7054286f4febc2@127.0.0.1>
<20230226121725.564c626772b1652446c95951@127.0.0.1>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Info: reader01.eternal-september.org; posting-host="6c7a0eb20096353dae243b5bd88b2295";
logging-data="3163118"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/Gyu7OEwAg4RggHwWMYemL/E1QvXEAt+w="
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Firefox/91.0 SeaMonkey/2.53.15
Cancel-Lock: sha1:8IMiN7Eh5VF+FbeA0qiaRsZ3VM8=
 by: Terje Mathisen - Sun, 26 Feb 2023 19:33 UTC

Kerr-Mudd, John wrote:
> On Mon, 13 Feb 2023 22:31:01 +0000
> "Kerr-Mudd, John" <admin@127.0.0.1> wrote:
>
>> Many years (decades actually) ago a one time regular here, Laura
>> Fairhead, posted a com to ascii program, called CM3. I've gone back to
>> looking at the decoder and have failed to find any way of shortening
>> it. But I've revamped the "create" program to just output ASCII code
>> (dropping the batch surrounds of 'Echo/' and '>>fn.com') from 759
>> bytes to 394 and made another that outputs the encoded program to STDOUT
>> (rather than immediately executing), that one's a bit shorter at 376.
>> As they are just variations on a theme, the same restriction applies:
>> max com file input size is c.50k. (one read, one write)

I love this stuff!

Now go back and redo this using only those ascii chars that are
guaranteed (by the MIME standard) to never needing to be quoted, i.e.
they will pass transparently over every single known email gateway etc.

You end up with 70+ valid byte values, the worst problem is how do you
address ememory when all opcodes that target (POP) BX/SI/DI/BP happens
to use banned byte values. The only way I found to make it work was to
require at least an 80186 which is the first cpu to support POPA. :-)

Terje

>>
>> Here they are: (encoded by the 2nd program), so save to file & run to
>> recreate - feel free to step through them and run a virus scanner 1st!
>> I can post debug dumps if preferred.
>>
>> 1) Program to convert a DOS COM file to ASCII executable;
>>
>> to recreate the binary copy and paste to 'prog1.com' or somesuch then run
>> prog1 >makeexec.com
>>
>> usage is makeexec dosprog.com > asciexec.com
>>
>> 'asciexec' can then be run as if it were 'dosprog'
>>
>> 6h}aXP5y`P]4nP_XW(F4(F6(F=(FF)FH(FL(Fe(FR0FTs*}`A?+,
>> fkOU):G*@Crv,*t$HU[rlf~#IubfRfXf(V#fj}fX4{PY$@fPfZsZsX2YVQH
>> .+HWM4LVC4qsv9[T}uqrxB`h3HS(iNkBgUa,2bfa'Yfx0bVQ$W-N*$')=0i
>> EsLo$7E1_dORw$Mt`cNhc93c_get+f\YtWI,@;yVnT[jd=`*nGHUS)t/39(
>> W`ST7T;)K(?j'?/:u1:e`4r(rTZII0$$o6DI$(bI$$))7$$[v:I)zKNqgwJ
>> ID@a~-P;?}fF[dC3:CQwk9bqei2[pHR2[pHR@zd6:96}tJ)9`RMDsTh=N;P
>> 4g_c'icT(vo7blJ:}btejaUFXW8@`Voq$W5O$$)HhXt5HK_AQ}-bHn{290K
>> (H,HYn9aHn~4@Mgsk(0Ca;@=6,QOBN\6oIsHQRMCN37GUe[2MCN96KPrz4H
>> YwfpIVK4]Any3ZAomX0Aq?/y2{,T`=V\.g9cxp`3=Xk[=V\m{HVd-H5U-Go
>> 3_dXa:D+d/)9ZVACKYJI3Y~URN+nz?1esSmLi.V=1J`;GHv(uZHtzaJHoAE
>> .DJ~}zDd{O*ApK{CE,$sb$$5e?:l]\J=~ddAj}WTL$$$$I#
>>
>>
>> 2) Program to create an ASCII text program which can then be
>> run to recreate a DOS binary program.
>>
>> to recreate the binary copy and paste to 'prog2.com' or somesuch then run
>> prog2 >makeASCI.com
>>
>> usage is makeASCI dosprog.com > asciprog.txt
>>
>>
>> 6h}aXP5y`P]4nP_XW(F4(F6(F=(FF)FH(FL(Fe(FR0FTs*}`A?+,
>> fkOU):G*@Crv,*t$HU[rlf~#IubfRfXf(V#fj}fX4{PY$@fPfZsZsX1yDQH
>> .+4WM4LVC4qsv9[T}ul-6JMbG_ZniNkBgUa,2bfa'Yfx0bVQzrj?($$f)_i
>> EsLo$5KrLdORw$sklui$U[E+_ht`PdRBBfcgBgXFKY1uR6aty5oWwh(29nF
>> fIa:r(QJ6h`g-L6$/2`J'pD\:lW:E;Ba5_x'oYoe9D\Q@9@2GS9@2G39@2F
>> k9@2Fi9@2FR__9'lei+i\*JkJ'ne+yD'Y6WH1P'm-$a7nHl90uQ*ROVHj{?
>> _`{)z*t0rLendO756$rgsRBM[r@8h?iVJpcR-GxxRsM.}w+Irs[zH[Kx5*8
>> Xk@BNwxr0FLJzHZk,uKn@gFI:-n}0L.FLKm$bz)9\X_GDBnPNz?L(6oUxkD
>> J9uI6m+tx2wVVJ=V\Kp?9N)}2yu.a=V]pBC-?XEG${TN46_yUJT$vg8cv,.
>> ;\80s3W1ihCJmI_Hw.RtMd/o1HtC:TCcgXfPB8GDOZmqA:\@R4E*\[Je8?I
>> b/}H?V0rL@bc4_`\$)[[d#
>>
>>
>>
>> when 'asciprog.txt' is copy and pasted to 'asciprog' and then run it will
>> recreate 'dosprog' to STDOUT i.e.
>>
>> asciprog>dosprog.com
>>
>>
> Seems I failed to xpost this back in mid-Feb.
>
>
>
> I have since created a hex executer in a similar vein; it had a bug that's
> taken me an embarrassing amount of time to track down. My program
> worked fine under GRDB, (after stepping to ensure the fixedup code had
> erm been fixedup), but went wrong with larger hex programs if executed
> directly.
> It turns out I was assuming that CX contains the length of the
> executable (text) at start. This seems to not be the case, certainly on my
> CMD box under XP - here it (CX) seems to be set to 0x00FF, so short
> programs would decode OK, but larger ones truncated.
>
> Does anyone here know if this is a known bug or is it something
> peculiar to my setup? Is there any simple way to get the current
> program's length (I'd prefer not to have to find my fn, then open and
> search to end! ).
>
> Any test report gratefully received in one of these forums; probably
> c.o.m.p is best for relevance.
>

--
- <Terje.Mathisen at tmsw.no>
"almost all programming can be viewed as an exercise in caching"

Re: CM3 revisited

<20230226210301.9e2d2f44005524c8ed05ab50@127.0.0.1>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=9978&group=comp.os.msdos.programmer#9978

  copy link   Newsgroups: alt.lang.asm comp.lang.asm.x86 comp.os.msdos.programmer
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: adm...@nospicedham.127.0.0.1 (Kerr-Mudd, John)
Newsgroups: alt.lang.asm,comp.lang.asm.x86,comp.os.msdos.programmer
Subject: Re: CM3 revisited
Date: Sun, 26 Feb 2023 21:03:01 +0000
Organization: Dis
Lines: 55
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <20230226210301.9e2d2f44005524c8ed05ab50@127.0.0.1>
References: <20230213223101.c420f77d1c7054286f4febc2@127.0.0.1>
<20230226121725.564c626772b1652446c95951@127.0.0.1>
<b67abec1-edbf-1a0d-80b6-dcd85b749cea@tmsw.no>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Injection-Info: reader01.eternal-september.org; posting-host="6c7a0eb20096353dae243b5bd88b2295";
logging-data="3183976"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+ieamnEuXNkxEMg00ucfk5193S/L0PRbA="
Cancel-Lock: sha1:7nVRn4b/Qqu7UqMqExdEsxb4hYA=
 by: Kerr-Mudd, John - Sun, 26 Feb 2023 21:03 UTC

On Sun, 26 Feb 2023 20:33:41 +0100
Terje Mathisen <terje.mathisen@nospicedham.tmsw.no> wrote:

> Kerr-Mudd, John wrote:
> > On Mon, 13 Feb 2023 22:31:01 +0000
> > "Kerr-Mudd, John" <admin@127.0.0.1> wrote:
> >
> >> Many years (decades actually) ago a one time regular here, Laura
> >> Fairhead, posted a com to ascii program, called CM3. I've gone back to
> >> looking at the decoder and have failed to find any way of shortening
> >> it. But I've revamped the "create" program to just output ASCII code
> >> (dropping the batch surrounds of 'Echo/' and '>>fn.com') from 759
> >> bytes to 394 and made another that outputs the encoded program to STDOUT
> >> (rather than immediately executing), that one's a bit shorter at 376.
> >> As they are just variations on a theme, the same restriction applies:
> >> max com file input size is c.50k. (one read, one write)
>
> I love this stuff!
>
Hope you found it works OK your end.

> Now go back and redo this using only those ascii chars that are
> guaranteed (by the MIME standard) to never needing to be quoted, i.e.
> they will pass transparently over every single known email gateway etc.
>
> You end up with 70+ valid byte values, the worst problem is how do you

Laura used 5:4 encoding which requires 85 ASCII codes.
> address ememory when all opcodes that target (POP) BX/SI/DI/BP happens
> to use banned byte values. The only way I found to make it work was to
> require at least an 80186 which is the first cpu to support POPA. :-)
Well quite; I think that's the only way. So I'd say it can't be done. I
refuse your challenge!

>
[]
> >>
> >> 1) Program to convert a DOS COM file to ASCII executable;
> >>
[]
> >>
> >> 2) Program to create an ASCII text program which can then be
> >> run to recreate a DOS binary program.
> >>
[]
3)
> > I have since created a hex executer in a similar vein
(Doesn't work under XP, but works with std dos .COM startup values)

--
Bah, and indeed Humbug.

Re: CM3 revisited

<tthu86$381b2$1@dont-email.me>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=9979&group=comp.os.msdos.programmer#9979

  copy link   Newsgroups: alt.lang.asm comp.lang.asm.x86 comp.os.msdos.programmer
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: terje.ma...@nospicedham.tmsw.no (Terje Mathisen)
Newsgroups: alt.lang.asm,comp.lang.asm.x86,comp.os.msdos.programmer
Subject: Re: CM3 revisited
Date: Mon, 27 Feb 2023 10:47:49 +0100
Organization: A noiseless patient Spider
Lines: 82
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <tthu86$381b2$1@dont-email.me>
References: <20230213223101.c420f77d1c7054286f4febc2@127.0.0.1>
<20230226121725.564c626772b1652446c95951@127.0.0.1>
<b67abec1-edbf-1a0d-80b6-dcd85b749cea@tmsw.no>
<20230226210301.9e2d2f44005524c8ed05ab50@127.0.0.1>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Info: reader01.eternal-september.org; posting-host="951846e4d9385293da75e8ffd7385caf";
logging-data="3411906"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/caqt4Ou2S+fpEOwkMIDJX+ccFDZruxCg="
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Firefox/91.0 SeaMonkey/2.53.15
Cancel-Lock: sha1:gJ73y7+A7V1muV2WwB1BuHgnk64=
 by: Terje Mathisen - Mon, 27 Feb 2023 09:47 UTC

Kerr-Mudd, John wrote:
> On Sun, 26 Feb 2023 20:33:41 +0100
> Terje Mathisen <terje.mathisen@nospicedham.tmsw.no> wrote:
>>
>> I love this stuff!
>>
> Hope you found it works OK your end.
>
>> Now go back and redo this using only those ascii chars that are
>> guaranteed (by the MIME standard) to never needing to be quoted, i.e.
>> they will pass transparently over every single known email gateway etc.
>>
>> You end up with 70+ valid byte values, the worst problem is how do you
>
> Laura used 5:4 encoding which requires 85 ASCII codes.

Here's my own version of this:

next_block:
xor ax,ax
xor bp,bp
mov bl,5 ; 5 input chars/4-byte output block!
next_char:
inc si
xchg ax,bp ; Mul old value by 85
mul di
xchg ax,bp
mul di
mov cx,256-21h
add cl,[si]
add ax,cx ; and add in the current char (-21h)
adc bp,dx
dec bl
jnz next_char

push bp ; Save this block (reverse order!)
push ax
sub bh,5 ; More blocks?
ja next_block

I have used lots of different encodings for these, prior to that MIME
version. As an example, base 91 gives you 6.5+ bits so 16:13 expansion.

The key here was to find an encoding order which made the decoder as
simple as possible, basically just adding bits at the bottom and
extracting bytes as soon as I had enough bits/entropy.
....
Something like

acc = acc*91 + curr;
half_bits += 13;
if half_bits >= 16 {
*dst++ = acc & 255;
acc >>= 8;
half_bits &= 15;
}
I think I started the half_bits register at -16 so that I could branch
when the adding of 13 would overflow, but I'd have to look at my old
code to verify. :-)

>
>> address ememory when all opcodes that target (POP) BX/SI/DI/BP happens
>> to use banned byte values. The only way I found to make it work was to
>> require at least an 80186 which is the first cpu to support POPA. :-)
>
> Well quite; I think that's the only way. So I'd say it can't be done. I
> refuse your challenge!

Many years later I saw a totally different way to do it, using a
custom-made compiler to generate code that filled an entire 64KB
segment, relying on address wraparound to get back to the top,
effectively having to interleave the various loops without accidentally
landing on a previously used code address. :-)

Terje

--
- <Terje.Mathisen at tmsw.no>
"almost all programming can be viewed as an exercise in caching"

Re: CM3 revisited

<20230303195645.c470d02832c65157560817a5@127.0.0.1>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=9980&group=comp.os.msdos.programmer#9980

  copy link   Newsgroups: alt.lang.asm comp.lang.asm.x86 comp.os.msdos.programmer
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: adm...@nospicedham.127.0.0.1 (Kerr-Mudd, John)
Newsgroups: alt.lang.asm,comp.lang.asm.x86,comp.os.msdos.programmer
Subject: Re: CM3 revisited
Date: Fri, 3 Mar 2023 19:56:45 +0000
Organization: Dis
Lines: 50
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <20230303195645.c470d02832c65157560817a5@127.0.0.1>
References: <20230213223101.c420f77d1c7054286f4febc2@127.0.0.1>
<20230226121725.564c626772b1652446c95951@127.0.0.1>
<b67abec1-edbf-1a0d-80b6-dcd85b749cea@tmsw.no>
<20230226210301.9e2d2f44005524c8ed05ab50@127.0.0.1>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Injection-Info: reader01.eternal-september.org; posting-host="71b2918c62f7faf680c258ed3b66735c";
logging-data="770462"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+Am8Ro8JLezzGLq3+SSmOyquTAWqxj60k="
Cancel-Lock: sha1:bi2AYX1Aw6MMuIx1eM4MTJivwU4=
 by: Kerr-Mudd, John - Fri, 3 Mar 2023 19:56 UTC

On Sun, 26 Feb 2023 21:03:01 +0000
"Kerr-Mudd, John" <admin@nospicedham.127.0.0.1> wrote:

> On Sun, 26 Feb 2023 20:33:41 +0100
> Terje Mathisen <terje.mathisen@nospicedham.tmsw.no> wrote:
>
..
>
> > Now go back and redo this using only those ascii chars that are
> > guaranteed (by the MIME standard) to never needing to be quoted, i.e.
> > they will pass transparently over every single known email gateway etc.
> >
>
> > address ememory when all opcodes that target (POP) BX/SI/DI/BP happens
> > to use banned byte values. The only way I found to make it work was to
> > require at least an 80186 which is the first cpu to support POPA. :-)
>
> Well quite; I think that's the only way. So I'd say it can't be done. I
> refuse your challenge!
>
> >
> []
> > >>
> > >> 1) Program to convert a DOS COM file to ASCII executable;
> > >>
> []
> > >>
> > >> 2) Program to create an ASCII text program which can then be
> > >> run to recreate a DOS binary program.
> > >>
> []
> 3)
> > > I have since created a hex executer in a similar vein
> (Doesn't work under XP, but works with std dos .COM startup values)
>

Update: Now in pure ASCII!

PVSh7ZSSVVX4uPPaH5BF0f90fD0fH0fO0FF0Fq1FR4d0FQ0FT1Fm5
q4z0r06666666bOi7cop2VGtC28hVsPY65cr5MJ5205235MJ520523uzZuz5
5789F981E99301B85EF3ABB8A458ABB0E9AAB8FE002BC7AB58BF0001FFD0

B409BA0801CD21C348656C6C6F20776F726C642124Z

(Last line is the payload, you can probably read it yourself - it's "Hello
World""
--
Bah, and indeed Humbug.

Re: CM3 revisited

<fLtML.2955781$JNZ4.580608@fx12.ams4>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=9981&group=comp.os.msdos.programmer#9981

  copy link   Newsgroups: alt.lang.asm comp.lang.asm.x86 comp.os.msdos.programmer
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: joh...@nospicedham.myrkraverk.invalid (Johann 'Myrkraverk' Oskarsson)
Newsgroups: alt.lang.asm,comp.lang.asm.x86,comp.os.msdos.programmer
Subject: Re: CM3 revisited
Date: Sat, 4 Mar 2023 05:36:03 +0800
Organization: Easynews - www.easynews.com
Lines: 60
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <fLtML.2955781$JNZ4.580608@fx12.ams4>
References: <20230213223101.c420f77d1c7054286f4febc2@127.0.0.1>
<20230226121725.564c626772b1652446c95951@127.0.0.1>
<b67abec1-edbf-1a0d-80b6-dcd85b749cea@tmsw.no>
<20230226210301.9e2d2f44005524c8ed05ab50@127.0.0.1>
<20230303195645.c470d02832c65157560817a5@127.0.0.1>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Info: reader01.eternal-september.org; posting-host="71b2918c62f7faf680c258ed3b66735c";
logging-data="787065"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18NlYFwyoLDcgsFVpINXFkjlm9Q6b4dfc8="
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101
Thunderbird/102.8.0
Cancel-Lock: sha1:A2TzmEquAgsC2P6g3/gfeEII8q0=
 by: Johann 'Myrkrav - Fri, 3 Mar 2023 21:36 UTC

On 3/4/2023 3:56 AM, Kerr-Mudd, John wrote:
> On Sun, 26 Feb 2023 21:03:01 +0000
> "Kerr-Mudd, John" <admin@nospicedham.127.0.0.1> wrote:
>
>> On Sun, 26 Feb 2023 20:33:41 +0100
>> Terje Mathisen <terje.mathisen@nospicedham.tmsw.no> wrote:
>>
> .
>>
>>> Now go back and redo this using only those ascii chars that are
>>> guaranteed (by the MIME standard) to never needing to be quoted, i.e.
>>> they will pass transparently over every single known email gateway etc.
>>>
>>
>>> address ememory when all opcodes that target (POP) BX/SI/DI/BP happens
>>> to use banned byte values. The only way I found to make it work was to
>>> require at least an 80186 which is the first cpu to support POPA. :-)
>>
>> Well quite; I think that's the only way. So I'd say it can't be done. I
>> refuse your challenge!
>>
>>>
>> []
>>>>>
>>>>> 1) Program to convert a DOS COM file to ASCII executable;
>>>>>
>> []
>>>>>
>>>>> 2) Program to create an ASCII text program which can then be
>>>>> run to recreate a DOS binary program.
>>>>>
>> []
>> 3)
>>>> I have since created a hex executer in a similar vein
>> (Doesn't work under XP, but works with std dos .COM startup values)
>>
>
> Update: Now in pure ASCII!
>
> PVSh7ZSSVVX4uPPaH5BF0f90fD0fH0fO0FF0Fq1FR4d0FQ0FT1Fm5
> q4z0r06666666bOi7cop2VGtC28hVsPY65cr5MJ5205235MJ520523uzZuz5
> 5789F981E99301B85EF3ABB8A458ABB0E9AAB8FE002BC7AB58BF0001FFD0
>
> B409BA0801CD21C348656C6C6F20776F726C642124Z
>
>
> (Last line is the payload, you can probably read it yourself - it's "Hello
> World""

Maybe I'm missing some context, but how exactly am I supposed to test
this? I went as far as pasting this into a .com file, and analyze in
IDA Free, but I see no INT 0x21 calls, neither with nor without line breaks.

I even tried to run it in DOSBox-X, but that just hung, so I guess
something is broken or missing? Or I did something wrong.

--
Johann | email: invalid -> com | www.myrkraverk.com/blog/
I'm not from the Internet, I just work there. | twitter: @myrkraverk

Re: CM3 revisited

<tttpci$o0mi$1@dont-email.me>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=9982&group=comp.os.msdos.programmer#9982

  copy link   Newsgroups: alt.lang.asm comp.lang.asm.x86 comp.os.msdos.programmer
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: terje.ma...@nospicedham.tmsw.no (Terje Mathisen)
Newsgroups: alt.lang.asm,comp.lang.asm.x86,comp.os.msdos.programmer
Subject: Re: CM3 revisited
Date: Fri, 3 Mar 2023 22:38:25 +0100
Organization: A noiseless patient Spider
Lines: 65
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <tttpci$o0mi$1@dont-email.me>
References: <20230213223101.c420f77d1c7054286f4febc2@127.0.0.1>
<20230226121725.564c626772b1652446c95951@127.0.0.1>
<b67abec1-edbf-1a0d-80b6-dcd85b749cea@tmsw.no>
<20230226210301.9e2d2f44005524c8ed05ab50@127.0.0.1>
<20230303195645.c470d02832c65157560817a5@127.0.0.1>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Info: reader01.eternal-september.org; posting-host="71b2918c62f7faf680c258ed3b66735c";
logging-data="789846"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/k+Ggg485HYIO/uoIKoGTJ4b+dWPWXTxY="
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Firefox/91.0 SeaMonkey/2.53.15
Cancel-Lock: sha1:hoj44OA7N/MG2/Ba6V6xNwX+KUk=
 by: Terje Mathisen - Fri, 3 Mar 2023 21:38 UTC

I removed the extra blank line and tried to disassemble/run/single-step
this using symdeb under dosbox: When it came to a couple of funky
opcodes, ending with a single 63h byte, it just hung. :-(

Up to that point I had seen a lot of self-modifications to parts of the
PSP, but no obvious attempt to generate a backwards jump inside the main
body?

Terje

Kerr-Mudd, John wrote:
> On Sun, 26 Feb 2023 21:03:01 +0000
> "Kerr-Mudd, John" <admin@nospicedham.127.0.0.1> wrote:
>
>> On Sun, 26 Feb 2023 20:33:41 +0100
>> Terje Mathisen <terje.mathisen@nospicedham.tmsw.no> wrote:
>>
> .
>>
>>> Now go back and redo this using only those ascii chars that are
>>> guaranteed (by the MIME standard) to never needing to be quoted, i.e.
>>> they will pass transparently over every single known email gateway etc.
>>>
>>
>>> address ememory when all opcodes that target (POP) BX/SI/DI/BP happens
>>> to use banned byte values. The only way I found to make it work was to
>>> require at least an 80186 which is the first cpu to support POPA. :-)
>>
>> Well quite; I think that's the only way. So I'd say it can't be done. I
>> refuse your challenge!
>>
>>>
>> []
>>>>>
>>>>> 1) Program to convert a DOS COM file to ASCII executable;
>>>>>
>> []
>>>>>
>>>>> 2) Program to create an ASCII text program which can then be
>>>>> run to recreate a DOS binary program.
>>>>>
>> []
>> 3)
>>>> I have since created a hex executer in a similar vein
>> (Doesn't work under XP, but works with std dos .COM startup values)
>>
>
> Update: Now in pure ASCII!
>
> PVSh7ZSSVVX4uPPaH5BF0f90fD0fH0fO0FF0Fq1FR4d0FQ0FT1Fm5
> q4z0r06666666bOi7cop2VGtC28hVsPY65cr5MJ5205235MJ520523uzZuz5
> 5789F981E99301B85EF3ABB8A458ABB0E9AAB8FE002BC7AB58BF0001FFD0
>
> B409BA0801CD21C348656C6C6F20776F726C642124Z
>
>
> (Last line is the payload, you can probably read it yourself - it's "Hello
> World""
>

--
- <Terje.Mathisen at tmsw.no>
"almost all programming can be viewed as an exercise in caching"

Re: CM3 revisited

<20230304104444.04070956ac1d3eb0dede9ce8@127.0.0.1>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=9983&group=comp.os.msdos.programmer#9983

  copy link   Newsgroups: alt.lang.asm comp.lang.asm.x86 comp.os.msdos.programmer
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: adm...@nospicedham.127.0.0.1 (Kerr-Mudd, John)
Newsgroups: alt.lang.asm,comp.lang.asm.x86,comp.os.msdos.programmer
Subject: Re: CM3 revisited
Date: Sat, 4 Mar 2023 10:44:44 +0000
Organization: Dis
Lines: 61
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <20230304104444.04070956ac1d3eb0dede9ce8@127.0.0.1>
References: <20230213223101.c420f77d1c7054286f4febc2@127.0.0.1>
<20230226121725.564c626772b1652446c95951@127.0.0.1>
<b67abec1-edbf-1a0d-80b6-dcd85b749cea@tmsw.no>
<20230226210301.9e2d2f44005524c8ed05ab50@127.0.0.1>
<20230303195645.c470d02832c65157560817a5@127.0.0.1>
<fLtML.2955781$JNZ4.580608@fx12.ams4>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Injection-Info: reader01.eternal-september.org; posting-host="1928271c0fa82366df76c6d16fdb6990";
logging-data="1018332"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/auLUbNcN5KhIndzZ1wdxg1PHzjY4e+1M="
Cancel-Lock: sha1:cE10lmNXe9kpdSv/MwijZsaF174=
 by: Kerr-Mudd, John - Sat, 4 Mar 2023 10:44 UTC

On Sat, 4 Mar 2023 05:36:03 +0800
Johann 'Myrkraverk' Oskarsson <johann@nospicedham.myrkraverk.invalid>
wrote:

> On 3/4/2023 3:56 AM, Kerr-Mudd, John wrote:
> > On Sun, 26 Feb 2023 21:03:01 +0000
> > "Kerr-Mudd, John" <admin@nospicedham.127.0.0.1> wrote:
> >
> >> On Sun, 26 Feb 2023 20:33:41 +0100
> >> Terje Mathisen <terje.mathisen@nospicedham.tmsw.no> wrote:
> >>
> > .
> >>
> >>> Now go back and redo this using only those ascii chars that are
> >>> guaranteed (by the MIME standard) to never needing to be quoted, i.e.
> >>> they will pass transparently over every single known email gateway etc.
[]
> >>>> I have since created a hex executer in a similar vein
[]
> >
> > Update: Now in pure ASCII!
I meant 'Alphanum'.
> >
> > PVSh7ZSSVVX4uPPaH5BF0f90fD0fH0fO0FF0Fq1FR4d0FQ0FT1Fm5
> > q4z0r06666666bOi7cop2VGtC28hVsPY65cr5MJ5205235MJ520523uzZuz5
> > 5789F981E99301B85EF3ABB8A458ABB0E9AAB8FE002BC7AB58BF0001FFD0
> >
> > B409 BA0801 CD21 C3 48656C6C6F20776F726C642124 Z
> > mov ah,9;mov dx,108;int 21;ret; db 'Hello World!'$ EndofHexMarker
> >
> > (Last line is the payload, you can probably read it yourself - it's "Hello
> > World""
>
> Maybe I'm missing some context, but how exactly am I supposed to test
> this? I went as far as pasting this into a .com file, and analyze in
> IDA Free, but I see no INT 0x21 calls, neither with nor without line breaks.
>
> I even tried to run it in DOSBox-X, but that just hung, so I guess
> something is broken or missing? Or I did something wrong.
>

Thanks for testing, I'm running it in a CMD box under Windows XP; the
program does a lot of self-modification and relies on SI being 0x0100 at
startup.

I suspect this is the issue.

spacing /cr/lf shouldn't matter once in the hexcode region. (i.e 1st 2
lines must be asis).

I admit I did post as soon as I had it working once, so not a lot of
testing done!

Sadly I'm unable to retain startup register values as 'pusha' (0x60) is not
an Alphanum, and to push individually makes the distances to the fixups
into invalid alphanums. - might be doable with some more thought.

--
Bah, and indeed Humbug.

Re: CM3 revisited

<20230304104630.a5eab9650e360a071143d3fb@127.0.0.1>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=9984&group=comp.os.msdos.programmer#9984

  copy link   Newsgroups: alt.lang.asm comp.lang.asm.x86 comp.os.msdos.programmer
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: adm...@nospicedham.127.0.0.1 (Kerr-Mudd, John)
Newsgroups: alt.lang.asm,comp.lang.asm.x86,comp.os.msdos.programmer
Subject: Re: CM3 revisited
Date: Sat, 4 Mar 2023 10:46:30 +0000
Organization: Dis
Lines: 17
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <20230304104630.a5eab9650e360a071143d3fb@127.0.0.1>
References: <20230213223101.c420f77d1c7054286f4febc2@127.0.0.1>
<20230226121725.564c626772b1652446c95951@127.0.0.1>
<b67abec1-edbf-1a0d-80b6-dcd85b749cea@tmsw.no>
<20230226210301.9e2d2f44005524c8ed05ab50@127.0.0.1>
<20230303195645.c470d02832c65157560817a5@127.0.0.1>
<tttpci$o0mi$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Injection-Info: reader01.eternal-september.org; posting-host="1928271c0fa82366df76c6d16fdb6990";
logging-data="1018348"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18RXPZZbxjxvUTY03xup5xz6t015gM5Ni4="
Cancel-Lock: sha1:F9Cp82F6hlTJSaajncstnya1vdE=
 by: Kerr-Mudd, John - Sat, 4 Mar 2023 10:46 UTC

On Fri, 3 Mar 2023 22:38:25 +0100
Terje Mathisen <terje.mathisen@nospicedham.tmsw.no> wrote:

> I removed the extra blank line and tried to disassemble/run/single-step
> this using symdeb under dosbox: When it came to a couple of funky
> opcodes, ending with a single 63h byte, it just hung. :-(
>
> Up to that point I had seen a lot of self-modifications to parts of the
> PSP, but no obvious attempt to generate a backwards jump inside the main
> body?
>
requires SI=0x100 to fixup in place.

--
Bah, and indeed Humbug.

Re: CM3 revisited

<20230304170649.4e8dfc99b78ae087a8298181@127.0.0.1>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=9985&group=comp.os.msdos.programmer#9985

  copy link   Newsgroups: alt.lang.asm comp.lang.asm.x86 comp.os.msdos.programmer
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: adm...@nospicedham.127.0.0.1 (Kerr-Mudd, John)
Newsgroups: alt.lang.asm,comp.lang.asm.x86,comp.os.msdos.programmer
Subject: Re: CM3 revisited
Date: Sat, 4 Mar 2023 17:06:49 +0000
Organization: Dis
Lines: 44
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <20230304170649.4e8dfc99b78ae087a8298181@127.0.0.1>
References: <20230213223101.c420f77d1c7054286f4febc2@127.0.0.1>
<20230226121725.564c626772b1652446c95951@127.0.0.1>
<b67abec1-edbf-1a0d-80b6-dcd85b749cea@tmsw.no>
<20230226210301.9e2d2f44005524c8ed05ab50@127.0.0.1>
<20230303195645.c470d02832c65157560817a5@127.0.0.1>
<fLtML.2955781$JNZ4.580608@fx12.ams4>
<20230304104444.04070956ac1d3eb0dede9ce8@127.0.0.1>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Injection-Info: reader01.eternal-september.org; posting-host="1928271c0fa82366df76c6d16fdb6990";
logging-data="1087574"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18B9unOCMPzQPuuNEnGxLT+BlboT4UFZH0="
Cancel-Lock: sha1:59oK9o2GOU4LGHCQDdhB+cdAuBQ=
 by: Kerr-Mudd, John - Sat, 4 Mar 2023 17:06 UTC

On Sat, 4 Mar 2023 10:44:44 +0000
"Kerr-Mudd, John" <admin@nospicedham.127.0.0.1> wrote:

> On Sat, 4 Mar 2023 05:36:03 +0800
> Johann 'Myrkraverk' Oskarsson <johann@nospicedham.myrkraverk.invalid>
> wrote:
>

[alphanum hex decode & run program]

>
> Thanks for testing, I'm running it in a CMD box under Windows XP; the
> program does a lot of self-modification and relies on SI being 0x0100 at
> startup.
>
> I suspect this is the issue.
>
> spacing /cr/lf shouldn't matter once in the hexcode region. (i.e 1st 2
> lines must be asis).

> Sadly I'm unable to retain startup register values as 'pusha' (0x60) is not
> an Alphanum, and to push individually makes the distances to the fixups
> into invalid alphanums. - might be doable with some more thought.
>
Bigger, but needs another line; now registers on entering the
decoded hex payload prog set as DOS would (si set to 0x100, cx to lth of
payload prog; dx/bp/di restored - I only have room to save 3 original
register values).

I dont have the space to 'set si' as I'd like at start.

WURVX4uVSPSSVPPaH5BF0f90fD0fH0fO0FF0Fq1FR4d0FQ0FT1Fm5
q4z0r06666666bOi7cop2VptC28hVsPY65cr5MJ5205235MJ520523uzZuz5
5A5D89F981E99B015157B85EF3ABB8A45EABB8595FABB0E9AAB8FE002BC7
AB58BF000157FFD0
B409BA0801CD21C348656C6C6F20776F726C642124Z

--
Bah, and indeed Humbug.

Re: CM3 revisited

<tu26e4$1bli6$1@dont-email.me>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=9986&group=comp.os.msdos.programmer#9986

  copy link   Newsgroups: alt.lang.asm comp.lang.asm.x86 comp.os.msdos.programmer
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: terje.ma...@nospicedham.tmsw.no (Terje Mathisen)
Newsgroups: alt.lang.asm,comp.lang.asm.x86,comp.os.msdos.programmer
Subject: Re: CM3 revisited
Date: Sun, 5 Mar 2023 14:45:40 +0100
Organization: A noiseless patient Spider
Lines: 411
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <tu26e4$1bli6$1@dont-email.me>
References: <20230213223101.c420f77d1c7054286f4febc2@127.0.0.1>
<20230226121725.564c626772b1652446c95951@127.0.0.1>
<b67abec1-edbf-1a0d-80b6-dcd85b749cea@tmsw.no>
<20230226210301.9e2d2f44005524c8ed05ab50@127.0.0.1>
<20230303195645.c470d02832c65157560817a5@127.0.0.1>
<fLtML.2955781$JNZ4.580608@fx12.ams4>
<20230304104444.04070956ac1d3eb0dede9ce8@127.0.0.1>
<20230304170649.4e8dfc99b78ae087a8298181@127.0.0.1>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Info: reader01.eternal-september.org; posting-host="f83eaf296121e64e454a3b6dbc9f2559";
logging-data="1434138"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/BoWB/Gx/Hv+9E/jQzPK6Whi1hq+eNhhI="
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Firefox/91.0 SeaMonkey/2.53.15
Cancel-Lock: sha1:EMgEk1DJaJL/SGvYQvKk69FMQY4=
 by: Terje Mathisen - Sun, 5 Mar 2023 13:45 UTC

Kerr-Mudd, John wrote:
> On Sat, 4 Mar 2023 10:44:44 +0000
> "Kerr-Mudd, John" <admin@nospicedham.127.0.0.1> wrote:
>
>> On Sat, 4 Mar 2023 05:36:03 +0800
>> Johann 'Myrkraverk' Oskarsson <johann@nospicedham.myrkraverk.invalid>
>> wrote:
>>
>
>
> [alphanum hex decode & run program]
>
>>
>> Thanks for testing, I'm running it in a CMD box under Windows XP; the
>> program does a lot of self-modification and relies on SI being 0x0100 at
>> startup.
>>
>> I suspect this is the issue.
>>
>> spacing /cr/lf shouldn't matter once in the hexcode region. (i.e 1st 2
>> lines must be asis).
>
>> Sadly I'm unable to retain startup register values as 'pusha' (0x60) is not
>> an Alphanum, and to push individually makes the distances to the fixups
>> into invalid alphanums. - might be doable with some more thought.
>>
> Bigger, but needs another line; now registers on entering the
> decoded hex payload prog set as DOS would (si set to 0x100, cx to lth of
> payload prog; dx/bp/di restored - I only have room to save 3 original
> register values).
>
> I dont have the space to 'set si' as I'd like at start.
>
> WURVX4uVSPSSVPPaH5BF0f90fD0fH0fO0FF0Fq1FR4d0FQ0FT1Fm5
> q4z0r06666666bOi7cop2VptC28hVsPY65cr5MJ5205235MJ520523uzZuz5
> 5A5D89F981E99B015157B85EF3ABB8A45EABB8595FABB0E9AAB8FE002BC7
> AB58BF000157FFD0
> B409BA0801CD21C348656C6C6F20776F726C642124Z

I'll try this!

Compare with my code which manages to do everything with a single
modified instruction (the backwards branch), everything else is as written.

Line endings starts as CRLF, but any zero, one or two-byte control char
combination is OK.

The primary bootstrap fixes that first branch instruction and jumps
(forward) into thesecodary bootstrap which picks up pairs of bytes from
the input stream and combines them, not as HEX since that requires shift
operations, but with (0 xor byte1) xor byte2 - byte2 - byte2 which was
the first combination I found that was capable of generating all
possible byte values using local mime ascii opcodes.

The secondary bootstrap contains the shortes possible MIME decoder I
could come up with, it is used with a plain standard Base64 payload for
4:3 packing of the actual payload binary.

.model tiny
.code
.286
org 100h
boot1:
; jmp encode_mime
pop dx
push dx
pop cx

org 103h

push cx
dec cx
push cx ; CX = FFFF
inc sp
pop ax ; CX = 00FF

push cx ; POPA into AX (0FF)
push cx ; CX
push dx ; DX

inc cx ; AX = 0100
push cx ; BX

push dx ; SP (ignored)
push dx ; BP = 0000

push dx
pop ax
sub al,32h ; AX = 1CE
sub al,4Eh ; AX = 180
push ax ; SI = 180
push ax ; DI = 180

popa ; Init all regs!

push dx
pop ax
sub ax,5952h

xor [bx+7Ah],ax ; Turn INC BP/INC BP into JMP TOP
org $-1 ; Fixup offset byte value!
db (offset patch_here - 256)

jnz second_line ; Jump to fixup bx!

back_again:
dec sp ; Restore SP (I don't like an odd stack!)

push dx
pop ax
sub al,68h
sub al,67h ; AX = 0030h
push ax ; CX = 0030h (On stack top)

; Patch illegal (non-mime) opcodes
push dx
pop ax
sub al,'0'
sub al,'0'
xor [bx + 1],al
org $-1
db (offset patch1 - 1 - 256)

jnz boot2

org 140h

end_of_line:
; db 13,10 ; End of first line of code!
inc bx
inc bx

second_line:

inc bp
inc bp
patch_here:
; jmp back_again
inc bp ; Patch location might move up!
inc bp

top:
inc si
xor ch,[si] ; CH is zero -> MOV CH,[SI+48]
push cx
pop ax
cmp ax,'+' * 256 + '0'
jb next ; White-space?

cmp ax,'=' * 256 + '0'
je boot3 ; Finished?

xor [di],ch ; [DI] is zero -> MOV [DI],DH
dec dx ; First/second byte in pair?
jnz next ; First, so get another char!

; Generate 8-bit value and increment destination pointer

sub [di],ch ; Subtract twice
sub [di],ch ; *dest++ = (first xor second) - 2*second
inc di

rept 20
inc bp
endm

boot2: ; Might be moved up as well!
inc dx
inc dx ; MOV BX,2

next:
pop cx
push cx ; CX = 0030h
and [di],ch ; MOV byte ptr [DI],0 -> Zero target byte
jz top + 128
patch1 label near

filetail db '0'
filename db "filename.ext=(c)_TMathisen'95"

db '&&&&&&' ; Ascii Filler, skipped by decoder

org 180h
boot3 label near

StartOfBoot2 label byte
nop
nop ; Two filler bytes in case of missing CRLFs

lea dx,[copyrt$]
mov ah,9
int 21h ; Print a copyright msg

cld
mov cx,002h ; No bits saved, shift two bits
xor dx,dx ; Empty buffer
push di ; Save starting decode offset

; SI -> start of MIME-encoded binary file

top_of_loop:
push cx
push di
skip_white:
lodsb
mov cx,65 ; Mime table length
lea di,[MIME_Table]
repne scasb
jne skip_white
jcxz save_file

mov ax,di
pop di
pop cx
sub ax, offset MIME_Table + 1

and cx,707h ; Mask bits & shift counts
mov dh,dl
xor dl,dl
shl ax,cl
or dx,ax
add cx,602h ; Add 6 to bits count and 2 to shift

cmp ch,8
jb top_of_loop

mov [di],dh ; Save a full byte!
jmp top_of_loop

save_file:
pop ax ; Restore stack!
pop ax

lea dx,[filename] ; Offset to "filename.ext"
mov si,dx
name_end:
lodsb
cmp al,'<'
jne name_end
dec si
mov byte ptr [si],0

mov ah,3Ch ; Create/truncate file!
xor cx,cx
int 21h
jc error

xchg ax,bx ; BX = file handle

pop dx ; retrieve starting position

mov cx,di ; - Final position
sub cx,dx ; = Total length

add cx,'0'
sub cl,[filetail]
sbb ch,0 ; Adjust file length!

mov ah,40h ; Write to file
int 21h
jc error
mov byte ptr [si],'$'
lea dx,[filename] ; Offset to "filename.ext"
mov ah,9
int 21h
jc error

mov ah,3Eh
int 21h
jc error

lea dx,ok_msg$
mov al,0
jmp cont
error:
lea dx,file_err$
mov al,1
cont:
push ax
mov ah,9
int 21h
pop ax
mov ah,4Ch
int 21h

MIME_Table label byte
db 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/='

copyrt$ db 'MAKEMIME (c) Terje Mathisen 1995. Binary to TEXT.COM converter'
db 13,10,'$'
file_err$ db 'File IO error!',13,10,'$'
ok_msg$ db ' created!'
crlf$ db 13,10,'$'

EndOfBoot2 label byte

start$ db '"$'
end$ db '"\',13,10,'$'

lead$ db '"!!$'
tail$ db '"\',13,10,'"$'
slutt$ db '=";',13,10,'$'


Click here to read the complete article
Re: CM3 revisited

<20230305162919.b203262c5e932c3b367ab3cd@127.0.0.1>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=9987&group=comp.os.msdos.programmer#9987

  copy link   Newsgroups: alt.lang.asm comp.lang.asm.x86 comp.os.msdos.programmer
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: adm...@nospicedham.127.0.0.1 (Kerr-Mudd, John)
Newsgroups: alt.lang.asm,comp.lang.asm.x86,comp.os.msdos.programmer
Subject: Re: CM3 revisited
Date: Sun, 5 Mar 2023 16:29:19 +0000
Organization: Dis
Lines: 467
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <20230305162919.b203262c5e932c3b367ab3cd@127.0.0.1>
References: <20230213223101.c420f77d1c7054286f4febc2@127.0.0.1>
<20230226121725.564c626772b1652446c95951@127.0.0.1>
<b67abec1-edbf-1a0d-80b6-dcd85b749cea@tmsw.no>
<20230226210301.9e2d2f44005524c8ed05ab50@127.0.0.1>
<20230303195645.c470d02832c65157560817a5@127.0.0.1>
<fLtML.2955781$JNZ4.580608@fx12.ams4>
<20230304104444.04070956ac1d3eb0dede9ce8@127.0.0.1>
<20230304170649.4e8dfc99b78ae087a8298181@127.0.0.1>
<tu26e4$1bli6$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Injection-Info: reader01.eternal-september.org; posting-host="f83eaf296121e64e454a3b6dbc9f2559";
logging-data="1472996"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/g7IP5Nbm8JNP7LHGU71+SafTi5t4+hCM="
Cancel-Lock: sha1:o4+KbY+Ahe234H+nDvQsqZXJGt0=
 by: Kerr-Mudd, John - Sun, 5 Mar 2023 16:29 UTC

On Sun, 5 Mar 2023 14:45:40 +0100
Terje Mathisen <terje.mathisen@nospicedham.tmsw.no> wrote:

> Kerr-Mudd, John wrote:
> > On Sat, 4 Mar 2023 10:44:44 +0000
> > "Kerr-Mudd, John" <admin@nospicedham.127.0.0.1> wrote:
> >
> >> On Sat, 4 Mar 2023 05:36:03 +0800
> >> Johann 'Myrkraverk' Oskarsson <johann@nospicedham.myrkraverk.invalid>
> >> wrote:
> >>
> >
> >
> > [alphanum hex decode & run program]
> >
> >>
> >> Thanks for testing, I'm running it in a CMD box under Windows XP; the
> >> program does a lot of self-modification and relies on SI being 0x0100 at
> >> startup.
> >>
> >> I suspect this is the issue.
> >>
> >> spacing /cr/lf shouldn't matter once in the hexcode region. (i.e 1st 2
> >> lines must be asis).
> >
> >> Sadly I'm unable to retain startup register values as 'pusha' (0x60) is not
> >> an Alphanum, and to push individually makes the distances to the fixups
> >> into invalid alphanums. - might be doable with some more thought.
> >>
> > Bigger, but needs another line; now registers on entering the
> > decoded hex payload prog set as DOS would (si set to 0x100, cx to lth of
> > payload prog; dx/bp/di restored - I only have room to save 3 original
> > register values).
> >
> > I dont have the space to 'set si' as I'd like at start.
> >
NB this means the following requires/assumes si=0x100 at start.

> > WURVX4uVSPSSVPPaH5BF0f90fD0fH0fO0FF0Fq1FR4d0FQ0FT1Fm5
> > q4z0r06666666bOi7cop2VptC28hVsPY65cr5MJ5205235MJ520523uzZuz5
> > 5A5D89F981E99B015157B85EF3ABB8A45EABB8595FABB0E9AAB8FE002BC7
> > AB58BF000157FFD0
> > B409BA0801CD21C348656C6C6F20776F726C642124Z
>
> I'll try this!

under a debugger, note that you'll need to set si to 0x100 if not the
default, and you'll need to step through the decode loop a few times to
ensure the first bytes of hex are decoded, not fall through to execute the
cr[lf] that's there beforehand! the central
65cr5MJ5205235MJ520523
is just filler, dont worry about tracking the value of ax, it's not used.

>
> Compare with my code which manages to do everything with a single
> modified instruction (the backwards branch), everything else is as written.
>
Well done, all those fixups I do (maxed out at 9) are hard to keep from
straying out of alphanum locations, hence the early 6666666 pad.

> Line endings starts as CRLF, but any zero, one or two-byte control char
> combination is OK.
>
> The primary bootstrap fixes that first branch instruction and jumps
> (forward) into thesecodary bootstrap which picks up pairs of bytes from
> the input stream and combines them, not as HEX since that requires shift
> operations, but with (0 xor byte1) xor byte2 - byte2 - byte2 which was
> the first combination I found that was capable of generating all
> possible byte values using local mime ascii opcodes.

I did my own version of that back 5 years ago; inspired by your revelation
then; but I possibly didn't publish it, abandoning after seeing my effort
was lots bigger than Laura's CM3.

My double byte table had all alphanum combinations except for 4,
which was annoying. Luckily my code didn't use them.

This time around I decided to disallow all non-alphanum, so can't use
'sub' as you do here.

I'd like a short way to get 0x100 in si, but it takes 7 bytes
- this is too much as space is very limited on line 1.

Thanks for posting your source, I think

> The secondary bootstrap contains the shortes possible MIME decoder I
> could come up with, it is used with a plain standard Base64 payload for
> 4:3 packing of the actual payload binary.
>
> .model tiny
> .code
> .286
> org 100h
> boot1:
> ; jmp encode_mime
> pop dx
;; set dx=0
> push dx
> pop cx
;; set cx=0
>
> org 103h

;?

>
> push cx
> dec cx
> push cx ; CX = FFFF
> inc sp
> pop ax ; CX = 00FF
>
> push cx ; POPA into AX (0FF)
> push cx ; CX
> push dx ; DX
>
> inc cx ; AX = 0100
??CX=0100
> push cx ; BX
>
> push dx ; SP (ignored)
> push dx ; BP = 0000
>
> push dx
;; cx pshurely?

> pop ax
I dont see this - dx was 0?

> sub al,32h ; AX = 1CE
> sub al,4Eh ; AX = 180
> push ax ; SI = 180
> push ax ; DI = 180
>
> popa ; Init all regs!
>
> push dx
> pop ax
> sub ax,5952h
>
> xor [bx+7Ah],ax ; Turn INC BP/INC BP into JMP TOP
> org $-1 ; Fixup offset byte value!
> db (offset patch_here - 256)
>
> jnz second_line ; Jump to fixup bx!
>
> back_again:
> dec sp ; Restore SP (I don't like an odd stack!)
>
> push dx
> pop ax
> sub al,68h
> sub al,67h ; AX = 0030h
> push ax ; CX = 0030h (On stack top)
>
> ; Patch illegal (non-mime) opcodes
> push dx
> pop ax
> sub al,'0'
> sub al,'0'
> xor [bx + 1],al
> org $-1
> db (offset patch1 - 1 - 256)
>
> jnz boot2
>
> org 140h
>
> end_of_line:
> ; db 13,10 ; End of first line of code!
> inc bx
> inc bx
>
> second_line:
>
> inc bp
> inc bp
> patch_here:
> ; jmp back_again
> inc bp ; Patch location might move up!
> inc bp
>

I like that you've considered changes to eol ; I've not done that this
time.

> top:
> inc si
> xor ch,[si] ; CH is zero -> MOV CH,[SI+48]
; I can only use dh
> push cx
> pop ax
> cmp ax,'+' * 256 + '0'
> jb next ; White-space?
>
> cmp ax,'=' * 256 + '0'
> je boot3 ; Finished?
>
> xor [di],ch ; [DI] is zero -> MOV [DI],DH
> dec dx ; First/second byte in pair?
> jnz next ; First, so get another char!
>
> ; Generate 8-bit value and increment destination pointer
>
> sub [di],ch ; Subtract twice
> sub [di],ch ; *dest++ = (first xor second) - 2*second
> inc di
>
> rept 20
> inc bp
> endm
>
> boot2: ; Might be moved up as well!
> inc dx
> inc dx ; MOV BX,2
>
doh so much simpler than my byte toggle!

> next:
> pop cx
> push cx ; CX = 0030h
> and [di],ch ; MOV byte ptr [DI],0 -> Zero target byte
> jz top + 128
> patch1 label near
>
> filetail db '0'
> filename db "filename.ext=(c)_TMathisen'95"
>
> db '&&&&&&' ; Ascii Filler, skipped by decoder
>
> org 180h
> boot3 label near
>
> StartOfBoot2 label byte
> nop
> nop ; Two filler bytes in case of missing CRLFs
>
> lea dx,[copyrt$]
> mov ah,9
> int 21h ; Print a copyright msg
>
> cld
> mov cx,002h ; No bits saved, shift two bits
> xor dx,dx ; Empty buffer
> push di ; Save starting decode offset
>
> ; SI -> start of MIME-encoded binary file
>
> top_of_loop:
> push cx
> push di
> skip_white:
> lodsb
> mov cx,65 ; Mime table length
> lea di,[MIME_Table]
> repne scasb
> jne skip_white
> jcxz save_file
>
> mov ax,di
> pop di
> pop cx
> sub ax, offset MIME_Table + 1
>
> and cx,707h ; Mask bits & shift counts
> mov dh,dl
> xor dl,dl
> shl ax,cl
> or dx,ax
> add cx,602h ; Add 6 to bits count and 2 to shift
>
> cmp ch,8
> jb top_of_loop
>
> mov [di],dh ; Save a full byte!
> jmp top_of_loop
>
> save_file:
> pop ax ; Restore stack!
> pop ax
>
> lea dx,[filename] ; Offset to "filename.ext"
> mov si,dx
> name_end:
> lodsb
> cmp al,'<'
> jne name_end
> dec si
> mov byte ptr [si],0
>
> mov ah,3Ch ; Create/truncate file!
> xor cx,cx
> int 21h
> jc error
>
> xchg ax,bx ; BX = file handle
>
> pop dx ; retrieve starting position
>
> mov cx,di ; - Final position
> sub cx,dx ; = Total length
>
> add cx,'0'
> sub cl,[filetail]
> sbb ch,0 ; Adjust file length!
>
> mov ah,40h ; Write to file
> int 21h
> jc error
> mov byte ptr [si],'$'
> lea dx,[filename] ; Offset to "filename.ext"
> mov ah,9
> int 21h
> jc error
>
> mov ah,3Eh
> int 21h
> jc error
>
> lea dx,ok_msg$
> mov al,0
> jmp cont
> error:
> lea dx,file_err$
> mov al,1
> cont:
> push ax
> mov ah,9
> int 21h
> pop ax
> mov ah,4Ch
> int 21h
>
> MIME_Table label byte
> db 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/='
>
> copyrt$ db 'MAKEMIME (c) Terje Mathisen 1995. Binary to TEXT.COM converter'
> db 13,10,'$'
> file_err$ db 'File IO error!',13,10,'$'
> ok_msg$ db ' created!'
> crlf$ db 13,10,'$'
>
> EndOfBoot2 label byte
>
> start$ db '"$'
> end$ db '"\',13,10,'$'
>
> lead$ db '"!!$'
> tail$ db '"\',13,10,'"$'
> slutt$ db '=";',13,10,'$'
>
> MimePair label byte
> db "H8I8G7F7E7D7A9B7A7A8A5A6A3A4A1A2A/A0B0B+A+E0F0F+E+D+J0K0L0M0N0O0"
> db "Q/P/S+R+Q+P+W+V+U+T+auavZzatXzXyXxYxWwVwRzSzPzPyPxPwPvPuJzKzHzHy"
> db "HxIxGwFwBzCzAyAzAwAxAuAvAsAtAqArAoApAmAnAkAlAiAjAgAhAeAfAcAdAaAb"
> db "CaBaDbDaBZCZAYAZAWAXAUAVASATAQARAOAPAMANAKALAIAJAGAHAEAFACADAAAB"
> db "CABADBDAGAFAHBHAKAJALBLAOANAPBPASARATBTAWAVAXBXAaGZAaEaFaCaDaAaB"
> db "cAbAdBdAgAfAhBhAkAjAlBlAoAnApBpAsArAtBtAwAvAxBxA0XzA0V0U0T0S0R0Q"
> db "0P0/2P2+1+0+6P6+5+4++K/L+M+Jy9x9x8y8w7v7u7t7q9p9p8p7p6p5p4p3i9h9"
> db "h8i8g7f7e7d7a9b7a7a8a5a6a3a4Y9X9X8Y8W7V7U7T7Q9P9P8P7P6P5P4P3I9H9"
>
> patch_bytes:
> pop dx
> push dx
> pop cx
>
> encode_mime:
> mov si,100h
> mov ax,word ptr [patch_bytes]
> mov ds:[si],ax
> mov al,byte ptr [patch_bytes+2]
> mov ds:[si+2],al
>
> cld
>
> mov di,2
> toplines:
> lea dx,[start$]
> mov ah,9
> int 21h
> mov cx,64
> topchars:
> mov dl,[si]
> inc si
> call print_c
> dec cx
> jnz topchars
>
> lea dx,[end$]
> mov ah,9
> int 21h
>
> dec di
> jnz toplines
>
> mov di, offset EndOfBoot2 - offset StartOfBoot2
>
> lea dx,[lead$]
> mov ah,9
> int 21h
> mov cx,1F04h ; 31 pairs on first line, shift count = 4
> doline:
> dochar:
> xor bx,bx
> mov bl,[si]
> add bx,bx
> inc si
> mov dl,MimePair[bx]
> call print_c
> mov dl,MimePair[bx+1]
> call print_c
>
> dec di
> jz done
>
> dec ch
> jnz dochar
>
> lea dx,[tail$]
> mov ah,9
> int 21h
>
> mov ch,32 ; length of next line
>
> jmp doline
>
> done:
> lea dx,[slutt$]
> mov ah,9
> int 21h
>
> mov ax,4C00h
> int 21h
>
> print_c proc
> cmp dl,'\'
> je @@escape
> cmp dl,'"'
> jne @@normal
> @@escape:
> push dx
> mov dl,'\'
> mov ah,2
> int 21h
> pop dx
> @@normal:
> mov ah,2
> int 21h
> ret
> print_c endp
>
> end boot1
>
>
>
> --
> - <Terje.Mathisen at tmsw.no>
> "almost all programming can be viewed as an exercise in caching"
>


Click here to read the complete article
Re: CM3 revisited

<tu4fkm$1ln6s$1@dont-email.me>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=9988&group=comp.os.msdos.programmer#9988

  copy link   Newsgroups: alt.lang.asm comp.lang.asm.x86 comp.os.msdos.programmer
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: terje.ma...@nospicedham.tmsw.no (Terje Mathisen)
Newsgroups: alt.lang.asm,comp.lang.asm.x86,comp.os.msdos.programmer
Subject: Re: CM3 revisited
Date: Mon, 6 Mar 2023 11:35:01 +0100
Organization: A noiseless patient Spider
Lines: 476
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <tu4fkm$1ln6s$1@dont-email.me>
References: <20230213223101.c420f77d1c7054286f4febc2@127.0.0.1>
<20230226121725.564c626772b1652446c95951@127.0.0.1>
<b67abec1-edbf-1a0d-80b6-dcd85b749cea@tmsw.no>
<20230226210301.9e2d2f44005524c8ed05ab50@127.0.0.1>
<20230303195645.c470d02832c65157560817a5@127.0.0.1>
<fLtML.2955781$JNZ4.580608@fx12.ams4>
<20230304104444.04070956ac1d3eb0dede9ce8@127.0.0.1>
<20230304170649.4e8dfc99b78ae087a8298181@127.0.0.1>
<tu26e4$1bli6$1@dont-email.me>
<20230305162919.b203262c5e932c3b367ab3cd@127.0.0.1>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Info: reader01.eternal-september.org; posting-host="103c563fa24592e116ed7179a38cefb1";
logging-data="1761928"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18HT37SYy06ANaJKalW+eIJXzaVC1LlJlg="
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Firefox/91.0 SeaMonkey/2.53.15
Cancel-Lock: sha1:cmAH7Yn66d36f1hI0QHZgdRcP9c=
 by: Terje Mathisen - Mon, 6 Mar 2023 10:35 UTC

Nice if you to actually read the code, I did notice that the comments
had several errors, probably leftovers from previous attempts. :-)

Terje

Kerr-Mudd, John wrote:
> On Sun, 5 Mar 2023 14:45:40 +0100
> Terje Mathisen <terje.mathisen@nospicedham.tmsw.no> wrote:
>
>> Kerr-Mudd, John wrote:
>>> On Sat, 4 Mar 2023 10:44:44 +0000
>>> "Kerr-Mudd, John" <admin@nospicedham.127.0.0.1> wrote:
>>>
>>>> On Sat, 4 Mar 2023 05:36:03 +0800
>>>> Johann 'Myrkraverk' Oskarsson <johann@nospicedham.myrkraverk.invalid>
>>>> wrote:
>>>>
>>>
>>>
>>> [alphanum hex decode & run program]
>>>
>>>>
>>>> Thanks for testing, I'm running it in a CMD box under Windows XP; the
>>>> program does a lot of self-modification and relies on SI being 0x0100 at
>>>> startup.
>>>>
>>>> I suspect this is the issue.
>>>>
>>>> spacing /cr/lf shouldn't matter once in the hexcode region. (i.e 1st 2
>>>> lines must be asis).
>>>
>>>> Sadly I'm unable to retain startup register values as 'pusha' (0x60) is not
>>>> an Alphanum, and to push individually makes the distances to the fixups
>>>> into invalid alphanums. - might be doable with some more thought.
>>>>
>>> Bigger, but needs another line; now registers on entering the
>>> decoded hex payload prog set as DOS would (si set to 0x100, cx to lth of
>>> payload prog; dx/bp/di restored - I only have room to save 3 original
>>> register values).
>>>
>>> I dont have the space to 'set si' as I'd like at start.
>>>
> NB this means the following requires/assumes si=0x100 at start.
>
>>> WURVX4uVSPSSVPPaH5BF0f90fD0fH0fO0FF0Fq1FR4d0FQ0FT1Fm5
>>> q4z0r06666666bOi7cop2VptC28hVsPY65cr5MJ5205235MJ520523uzZuz5
>>> 5A5D89F981E99B015157B85EF3ABB8A45EABB8595FABB0E9AAB8FE002BC7
>>> AB58BF000157FFD0
>>> B409BA0801CD21C348656C6C6F20776F726C642124Z
>>
>> I'll try this!
>
> under a debugger, note that you'll need to set si to 0x100 if not the
> default, and you'll need to step through the decode loop a few times to
> ensure the first bytes of hex are decoded, not fall through to execute the
> cr[lf] that's there beforehand! the central
> 65cr5MJ5205235MJ520523
> is just filler, dont worry about tracking the value of ax, it's not used.
>
>>
>> Compare with my code which manages to do everything with a single
>> modified instruction (the backwards branch), everything else is as written.
>>
> Well done, all those fixups I do (maxed out at 9) are hard to keep from
> straying out of alphanum locations, hence the early 6666666 pad.
>
>> Line endings starts as CRLF, but any zero, one or two-byte control char
>> combination is OK.
>>
>> The primary bootstrap fixes that first branch instruction and jumps
>> (forward) into thesecodary bootstrap which picks up pairs of bytes from
>> the input stream and combines them, not as HEX since that requires shift
>> operations, but with (0 xor byte1) xor byte2 - byte2 - byte2 which was
>> the first combination I found that was capable of generating all
>> possible byte values using local mime ascii opcodes.
>
> I did my own version of that back 5 years ago; inspired by your revelation
> then; but I possibly didn't publish it, abandoning after seeing my effort
> was lots bigger than Laura's CM3.
>
> My double byte table had all alphanum combinations except for 4,
> which was annoying. Luckily my code didn't use them.
>
>
> This time around I decided to disallow all non-alphanum, so can't use
> 'sub' as you do here.
>
> I'd like a short way to get 0x100 in si, but it takes 7 bytes
> - this is too much as space is very limited on line 1.
>
>
> Thanks for posting your source, I think
>
>> The secondary bootstrap contains the shortes possible MIME decoder I
>> could come up with, it is used with a plain standard Base64 payload for
>> 4:3 packing of the actual payload binary.
>>
>> .model tiny
>> .code
>> .286
>> org 100h
>> boot1:
>> ; jmp encode_mime
>> pop dx
> ;; set dx=0
>> push dx
>> pop cx
> ;; set cx=0
>>
>> org 103h
>
> ;?
>
>>
>> push cx
>> dec cx
>> push cx ; CX = FFFF
>> inc sp
>> pop ax ; CX = 00FF
>>
>> push cx ; POPA into AX (0FF)
>> push cx ; CX
>> push dx ; DX
>>
>> inc cx ; AX = 0100
> ??CX=0100
>> push cx ; BX
>>
>> push dx ; SP (ignored)
>> push dx ; BP = 0000
>>
>> push dx
> ;; cx pshurely?
>
>> pop ax
> I dont see this - dx was 0?
>
>> sub al,32h ; AX = 1CE
>> sub al,4Eh ; AX = 180
>> push ax ; SI = 180
>> push ax ; DI = 180
>>
>> popa ; Init all regs!
>>
>> push dx
>> pop ax
>> sub ax,5952h
>>
>> xor [bx+7Ah],ax ; Turn INC BP/INC BP into JMP TOP
>> org $-1 ; Fixup offset byte value!
>> db (offset patch_here - 256)
>>
>> jnz second_line ; Jump to fixup bx!
>>
>> back_again:
>> dec sp ; Restore SP (I don't like an odd stack!)
>>
>> push dx
>> pop ax
>> sub al,68h
>> sub al,67h ; AX = 0030h
>> push ax ; CX = 0030h (On stack top)
>>
>> ; Patch illegal (non-mime) opcodes
>> push dx
>> pop ax
>> sub al,'0'
>> sub al,'0'
>> xor [bx + 1],al
>> org $-1
>> db (offset patch1 - 1 - 256)
>>
>> jnz boot2
>>
>> org 140h
>>
>> end_of_line:
>> ; db 13,10 ; End of first line of code!
>> inc bx
>> inc bx
>>
>> second_line:
>>
>> inc bp
>> inc bp
>> patch_here:
>> ; jmp back_again
>> inc bp ; Patch location might move up!
>> inc bp
>>
>
> I like that you've considered changes to eol ; I've not done that this
> time.
>
>> top:
>> inc si
>> xor ch,[si] ; CH is zero -> MOV CH,[SI+48]
> ; I can only use dh
>> push cx
>> pop ax
>> cmp ax,'+' * 256 + '0'
>> jb next ; White-space?
>>
>> cmp ax,'=' * 256 + '0'
>> je boot3 ; Finished?
>>
>> xor [di],ch ; [DI] is zero -> MOV [DI],DH
>> dec dx ; First/second byte in pair?
>> jnz next ; First, so get another char!
>>
>> ; Generate 8-bit value and increment destination pointer
>>
>> sub [di],ch ; Subtract twice
>> sub [di],ch ; *dest++ = (first xor second) - 2*second
>> inc di
>>
>> rept 20
>> inc bp
>> endm
>>
>> boot2: ; Might be moved up as well!
>> inc dx
>> inc dx ; MOV BX,2
>>
> doh so much simpler than my byte toggle!
>
>> next:
>> pop cx
>> push cx ; CX = 0030h
>> and [di],ch ; MOV byte ptr [DI],0 -> Zero target byte
>> jz top + 128
>> patch1 label near
>>
>> filetail db '0'
>> filename db "filename.ext=(c)_TMathisen'95"
>>
>> db '&&&&&&' ; Ascii Filler, skipped by decoder
>>
>> org 180h
>> boot3 label near
>>
>> StartOfBoot2 label byte
>> nop
>> nop ; Two filler bytes in case of missing CRLFs
>>
>> lea dx,[copyrt$]
>> mov ah,9
>> int 21h ; Print a copyright msg
>>
>> cld
>> mov cx,002h ; No bits saved, shift two bits
>> xor dx,dx ; Empty buffer
>> push di ; Save starting decode offset
>>
>> ; SI -> start of MIME-encoded binary file
>>
>> top_of_loop:
>> push cx
>> push di
>> skip_white:
>> lodsb
>> mov cx,65 ; Mime table length
>> lea di,[MIME_Table]
>> repne scasb
>> jne skip_white
>> jcxz save_file
>>
>> mov ax,di
>> pop di
>> pop cx
>> sub ax, offset MIME_Table + 1
>>
>> and cx,707h ; Mask bits & shift counts
>> mov dh,dl
>> xor dl,dl
>> shl ax,cl
>> or dx,ax
>> add cx,602h ; Add 6 to bits count and 2 to shift
>>
>> cmp ch,8
>> jb top_of_loop
>>
>> mov [di],dh ; Save a full byte!
>> jmp top_of_loop
>>
>> save_file:
>> pop ax ; Restore stack!
>> pop ax
>>
>> lea dx,[filename] ; Offset to "filename.ext"
>> mov si,dx
>> name_end:
>> lodsb
>> cmp al,'<'
>> jne name_end
>> dec si
>> mov byte ptr [si],0
>>
>> mov ah,3Ch ; Create/truncate file!
>> xor cx,cx
>> int 21h
>> jc error
>>
>> xchg ax,bx ; BX = file handle
>>
>> pop dx ; retrieve starting position
>>
>> mov cx,di ; - Final position
>> sub cx,dx ; = Total length
>>
>> add cx,'0'
>> sub cl,[filetail]
>> sbb ch,0 ; Adjust file length!
>>
>> mov ah,40h ; Write to file
>> int 21h
>> jc error
>> mov byte ptr [si],'$'
>> lea dx,[filename] ; Offset to "filename.ext"
>> mov ah,9
>> int 21h
>> jc error
>>
>> mov ah,3Eh
>> int 21h
>> jc error
>>
>> lea dx,ok_msg$
>> mov al,0
>> jmp cont
>> error:
>> lea dx,file_err$
>> mov al,1
>> cont:
>> push ax
>> mov ah,9
>> int 21h
>> pop ax
>> mov ah,4Ch
>> int 21h
>>
>> MIME_Table label byte
>> db 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/='
>>
>> copyrt$ db 'MAKEMIME (c) Terje Mathisen 1995. Binary to TEXT.COM converter'
>> db 13,10,'$'
>> file_err$ db 'File IO error!',13,10,'$'
>> ok_msg$ db ' created!'
>> crlf$ db 13,10,'$'
>>
>> EndOfBoot2 label byte
>>
>> start$ db '"$'
>> end$ db '"\',13,10,'$'
>>
>> lead$ db '"!!$'
>> tail$ db '"\',13,10,'"$'
>> slutt$ db '=";',13,10,'$'
>>
>> MimePair label byte
>> db "H8I8G7F7E7D7A9B7A7A8A5A6A3A4A1A2A/A0B0B+A+E0F0F+E+D+J0K0L0M0N0O0"
>> db "Q/P/S+R+Q+P+W+V+U+T+auavZzatXzXyXxYxWwVwRzSzPzPyPxPwPvPuJzKzHzHy"
>> db "HxIxGwFwBzCzAyAzAwAxAuAvAsAtAqArAoApAmAnAkAlAiAjAgAhAeAfAcAdAaAb"
>> db "CaBaDbDaBZCZAYAZAWAXAUAVASATAQARAOAPAMANAKALAIAJAGAHAEAFACADAAAB"
>> db "CABADBDAGAFAHBHAKAJALBLAOANAPBPASARATBTAWAVAXBXAaGZAaEaFaCaDaAaB"
>> db "cAbAdBdAgAfAhBhAkAjAlBlAoAnApBpAsArAtBtAwAvAxBxA0XzA0V0U0T0S0R0Q"
>> db "0P0/2P2+1+0+6P6+5+4++K/L+M+Jy9x9x8y8w7v7u7t7q9p9p8p7p6p5p4p3i9h9"
>> db "h8i8g7f7e7d7a9b7a7a8a5a6a3a4Y9X9X8Y8W7V7U7T7Q9P9P8P7P6P5P4P3I9H9"
>>
>> patch_bytes:
>> pop dx
>> push dx
>> pop cx
>>
>> encode_mime:
>> mov si,100h
>> mov ax,word ptr [patch_bytes]
>> mov ds:[si],ax
>> mov al,byte ptr [patch_bytes+2]
>> mov ds:[si+2],al
>>
>> cld
>>
>> mov di,2
>> toplines:
>> lea dx,[start$]
>> mov ah,9
>> int 21h
>> mov cx,64
>> topchars:
>> mov dl,[si]
>> inc si
>> call print_c
>> dec cx
>> jnz topchars
>>
>> lea dx,[end$]
>> mov ah,9
>> int 21h
>>
>> dec di
>> jnz toplines
>>
>> mov di, offset EndOfBoot2 - offset StartOfBoot2
>>
>> lea dx,[lead$]
>> mov ah,9
>> int 21h
>> mov cx,1F04h ; 31 pairs on first line, shift count = 4
>> doline:
>> dochar:
>> xor bx,bx
>> mov bl,[si]
>> add bx,bx
>> inc si
>> mov dl,MimePair[bx]
>> call print_c
>> mov dl,MimePair[bx+1]
>> call print_c
>>
>> dec di
>> jz done
>>
>> dec ch
>> jnz dochar
>>
>> lea dx,[tail$]
>> mov ah,9
>> int 21h
>>
>> mov ch,32 ; length of next line
>>
>> jmp doline
>>
>> done:
>> lea dx,[slutt$]
>> mov ah,9
>> int 21h
>>
>> mov ax,4C00h
>> int 21h
>>
>> print_c proc
>> cmp dl,'\'
>> je @@escape
>> cmp dl,'"'
>> jne @@normal
>> @@escape:
>> push dx
>> mov dl,'\'
>> mov ah,2
>> int 21h
>> pop dx
>> @@normal:
>> mov ah,2
>> int 21h
>> ret
>> print_c endp
>>
>> end boot1
>>
>>
>>
>> --
>> - <Terje.Mathisen at tmsw.no>
>> "almost all programming can be viewed as an exercise in caching"
>>
>
> If you've got the room for LUT, sure!
>


Click here to read the complete article
Re: CM3 revisited

<20230311204458.a3e94310acb2aa2b018abaef@127.0.0.1>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=9989&group=comp.os.msdos.programmer#9989

  copy link   Newsgroups: alt.lang.asm comp.lang.asm.x86 comp.os.msdos.programmer
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: adm...@nospicedham.127.0.0.1 (Kerr-Mudd, John)
Newsgroups: alt.lang.asm,comp.lang.asm.x86,comp.os.msdos.programmer
Subject: Re: CM3 revisited
Date: Sat, 11 Mar 2023 20:44:58 +0000
Organization: Dis
Lines: 72
Approved: fbkotler@myfairpoint.net - comp.lang.asm.x86 moderation team.
Message-ID: <20230311204458.a3e94310acb2aa2b018abaef@127.0.0.1>
References: <20230213223101.c420f77d1c7054286f4febc2@127.0.0.1>
<20230226121725.564c626772b1652446c95951@127.0.0.1>
<b67abec1-edbf-1a0d-80b6-dcd85b749cea@tmsw.no>
<20230226210301.9e2d2f44005524c8ed05ab50@127.0.0.1>
<20230303195645.c470d02832c65157560817a5@127.0.0.1>
<fLtML.2955781$JNZ4.580608@fx12.ams4>
<20230304104444.04070956ac1d3eb0dede9ce8@127.0.0.1>
<20230304170649.4e8dfc99b78ae087a8298181@127.0.0.1>
<tu26e4$1bli6$1@dont-email.me>
<20230305162919.b203262c5e932c3b367ab3cd@127.0.0.1>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Injection-Info: dont-email.me; posting-host="76823b633c18ea6a48ce2dc1826cc12a";
logging-data="2822212"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+9fv3y4ZBMn/kbdstzLQiE8BtMp4S2WmQ="
Cancel-Lock: sha1:Rv7igOALPzWsbjfd75eX6XbNGrU=
 by: Kerr-Mudd, John - Sat, 11 Mar 2023 20:44 UTC

On Sun, 5 Mar 2023 16:29:19 +0000
"Kerr-Mudd, John" <admin@nospicedham.127.0.0.1> wrote:

> On Sun, 5 Mar 2023 14:45:40 +0100
> Terje Mathisen <terje.mathisen@nospicedham.tmsw.no> wrote:
>
> > Kerr-Mudd, John wrote:
> > > On Sat, 4 Mar 2023 10:44:44 +0000
> > > "Kerr-Mudd, John" <admin@nospicedham.127.0.0.1> wrote:
> > >
> > >> On Sat, 4 Mar 2023 05:36:03 +0800
> > >> Johann 'Myrkraverk' Oskarsson <johann@nospicedham.myrkraverk.invalid>
> > >> wrote:
> > >>
> > >
> > >
> > > [alphanum hex decode & run program]
> > >
> > >>
> > >> Thanks for testing, I'm running it in a CMD box under Windows XP; the
> > >> program does a lot of self-modification and relies on SI being 0x0100 at
> > >> startup.
> > >>
> > >> I suspect this is the issue.
> > >>
> > >> spacing /cr/lf shouldn't matter once in the hexcode region. (i.e 1st 2
> > >> lines must be asis).
> > >
> > >> Sadly I'm unable to retain startup register values as 'pusha' (0x60) is not
> > >> an Alphanum, and to push individually makes the distances to the fixups
> > >> into invalid alphanums. - might be doable with some more thought.
> > >>
> > > Bigger, but needs another line; now registers on entering the
> > > decoded hex payload prog set as DOS would (si set to 0x100, cx to lth of
> > > payload prog; dx/bp/di restored - I only have room to save 3 original
> > > register values).
> > >
> > > I dont have the space to 'set si' as I'd like at start.
> > >
> NB this means the following requires/assumes si=0x100 at start.
>
> > > WURVX4uVSPSSVPPaH5BF0f90fD0fH0fO0FF0Fq1FR4d0FQ0FT1Fm5
> > > q4z0r06666666bOi7cop2VptC28hVsPY65cr5MJ5205235MJ520523uzZuz5
> > > 5A5D89F981E99B015157B85EF3ABB8A45EABB8595FABB0E9AAB8FE002BC7
> > > AB58BF000157FFD0
> > > B409BA0801CD21C348656C6C6F20776F726C642124Z
> >
> > I'll try this!
>
> under a debugger, note that you'll need to set si to 0x100 if not the
> default, and you'll need to step through the decode loop a few times to
> ensure the first bytes of hex are decoded, not fall through to execute the
> cr[lf] that's there beforehand! the central
> 65cr5MJ5205235MJ520523
> is just filler, dont worry about tracking the value of ax, it's not used.
>
[]
> I'd like a short way to get 0x100 in si, but it takes 7 bytes
> - this is too much as space is very limited on line 1.

OK; I've managed to get rid of 2 FUs, allowing me to set si to 0x100 at
start -

hMJX5MKWPURPSSSSP4vPPaH5gF0f60fA0F80Fu1FM1Fm1Fq5
66q7bOL72N9666uX0F4SX3F41F4MV0F4SZ2505SZ2v405GPSX3F41F4X0F54z0rczZuX5A
5D89F981E99A0157B85EF3ABB8A459ABB85E5FABB0E9AAB8FE002BC7AB585F5751FFD0
B409BA0801CD21C348656C6C6F20776F726C642124Z

--
Bah, and indeed Humbug.


devel / comp.os.msdos.programmer / Re: CM3 revisited

1
server_pubkey.txt

rocksolid light 0.9.81
clearnet tor