Kerr-Mudd, John wrote:
> On Sat, 4 Mar 2023 10:44:44 +0000
> "Kerr-Mudd, John" <admin@nospicedham.127.0.0.1> wrote:
>
>> On Sat, 4 Mar 2023 05:36:03 +0800
>> Johann 'Myrkraverk' Oskarsson <johann@nospicedham.myrkraverk.invalid>
>> wrote:
>>
>
>
> [alphanum hex decode & run program]
>
>>
>> Thanks for testing, I'm running it in a CMD box under Windows XP; the
>> program does a lot of self-modification and relies on SI being 0x0100 at
>> startup.
>>
>> I suspect this is the issue.
>>
>> spacing /cr/lf shouldn't matter once in the hexcode region. (i.e 1st 2
>> lines must be asis).
>
>> Sadly I'm unable to retain startup register values as 'pusha' (0x60) is not
>> an Alphanum, and to push individually makes the distances to the fixups
>> into invalid alphanums. - might be doable with some more thought.
>>
> Bigger, but needs another line; now registers on entering the
> decoded hex payload prog set as DOS would (si set to 0x100, cx to lth of
> payload prog; dx/bp/di restored - I only have room to save 3 original
> register values).
>
> I dont have the space to 'set si' as I'd like at start.
>
> WURVX4uVSPSSVPPaH5BF0f90fD0fH0fO0FF0Fq1FR4d0FQ0FT1Fm5
> q4z0r06666666bOi7cop2VptC28hVsPY65cr5MJ5205235MJ520523uzZuz5
> 5A5D89F981E99B015157B85EF3ABB8A45EABB8595FABB0E9AAB8FE002BC7
> AB58BF000157FFD0
> B409BA0801CD21C348656C6C6F20776F726C642124Z

I'll try this!

Compare with my code which manages to do everything with a single
modified instruction (the backwards branch), everything else is as written.

Line endings starts as CRLF, but any zero, one or two-byte control char
combination is OK.

The primary bootstrap fixes that first branch instruction and jumps
(forward) into thesecodary bootstrap which picks up pairs of bytes from
the input stream and combines them, not as HEX since that requires shift
operations, but with (0 xor byte1) xor byte2 - byte2 - byte2 which was
the first combination I found that was capable of generating all
possible byte values using local mime ascii opcodes.

The secondary bootstrap contains the shortes possible MIME decoder I
could come up with, it is used with a plain standard Base64 payload for
4:3 packing of the actual payload binary.

.model tiny
.code
.286
org 100h
boot1:
; jmp encode_mime
pop dx
push dx
pop cx

org 103h

push cx
dec cx
push cx ; CX = FFFF
inc sp
pop ax ; CX = 00FF

push cx ; POPA into AX (0FF)
push cx ; CX
push dx ; DX

inc cx ; AX = 0100
push cx ; BX

push dx ; SP (ignored)
push dx ; BP = 0000

push dx
pop ax
sub al,32h ; AX = 1CE
sub al,4Eh ; AX = 180
push ax ; SI = 180
push ax ; DI = 180

popa ; Init all regs!

push dx
pop ax
sub ax,5952h

xor [bx+7Ah],ax ; Turn INC BP/INC BP into JMP TOP
org $-1 ; Fixup offset byte value!
db (offset patch_here - 256)

jnz second_line ; Jump to fixup bx!

back_again:
dec sp ; Restore SP (I don't like an odd stack!)

push dx
pop ax
sub al,68h
sub al,67h ; AX = 0030h
push ax ; CX = 0030h (On stack top)

; Patch illegal (non-mime) opcodes
push dx
pop ax
sub al,'0'
sub al,'0'
xor [bx + 1],al
org $-1
db (offset patch1 - 1 - 256)

jnz boot2

org 140h

end_of_line:
; db 13,10 ; End of first line of code!
inc bx
inc bx

second_line:

inc bp
inc bp
patch_here:
; jmp back_again
inc bp ; Patch location might move up!
inc bp

top:
inc si
xor ch,[si] ; CH is zero -> MOV CH,[SI+48]
push cx
pop ax
cmp ax,'+' * 256 + '0'
jb next ; White-space?

cmp ax,'=' * 256 + '0'
je boot3 ; Finished?

xor [di],ch ; [DI] is zero -> MOV [DI],DH
dec dx ; First/second byte in pair?
jnz next ; First, so get another char!

; Generate 8-bit value and increment destination pointer

sub [di],ch ; Subtract twice
sub [di],ch ; *dest++ = (first xor second) - 2*second
inc di

rept 20
inc bp
endm

boot2: ; Might be moved up as well!
inc dx
inc dx ; MOV BX,2

next:
pop cx
push cx ; CX = 0030h
and [di],ch ; MOV byte ptr [DI],0 -> Zero target byte
jz top + 128
patch1 label near

filetail db '0'
filename db "filename.ext=(c)_TMathisen'95"

db '&&&&&&' ; Ascii Filler, skipped by decoder

org 180h
boot3 label near

StartOfBoot2 label byte
nop
nop ; Two filler bytes in case of missing CRLFs

lea dx,[copyrt$]
mov ah,9
int 21h ; Print a copyright msg

cld
mov cx,002h ; No bits saved, shift two bits
xor dx,dx ; Empty buffer
push di ; Save starting decode offset

; SI -> start of MIME-encoded binary file

top_of_loop:
push cx
push di
skip_white:
lodsb
mov cx,65 ; Mime table length
lea di,[MIME_Table]
repne scasb
jne skip_white
jcxz save_file

mov ax,di
pop di
pop cx
sub ax, offset MIME_Table + 1

and cx,707h ; Mask bits & shift counts
mov dh,dl
xor dl,dl
shl ax,cl
or dx,ax
add cx,602h ; Add 6 to bits count and 2 to shift

cmp ch,8
jb top_of_loop

mov [di],dh ; Save a full byte!
jmp top_of_loop

save_file:
pop ax ; Restore stack!
pop ax

lea dx,[filename] ; Offset to "filename.ext"
mov si,dx
name_end:
lodsb
cmp al,'<'
jne name_end
dec si
mov byte ptr [si],0

mov ah,3Ch ; Create/truncate file!
xor cx,cx
int 21h
jc error

xchg ax,bx ; BX = file handle

pop dx ; retrieve starting position

mov cx,di ; - Final position
sub cx,dx ; = Total length

add cx,'0'
sub cl,[filetail]
sbb ch,0 ; Adjust file length!

mov ah,40h ; Write to file
int 21h
jc error
mov byte ptr [si],'$'
lea dx,[filename] ; Offset to "filename.ext"
mov ah,9
int 21h
jc error

mov ah,3Eh
int 21h
jc error

lea dx,ok_msg$
mov al,0
jmp cont
error:
lea dx,file_err$
mov al,1
cont:
push ax
mov ah,9
int 21h
pop ax
mov ah,4Ch
int 21h

MIME_Table label byte
db 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/='

copyrt$ db 'MAKEMIME (c) Terje Mathisen 1995. Binary to TEXT.COM converter'
db 13,10,'$'
file_err$ db 'File IO error!',13,10,'$'
ok_msg$ db ' created!'
crlf$ db 13,10,'$'

EndOfBoot2 label byte

start$ db '"$'
end$ db '"\',13,10,'$'

lead$ db '"!!$'
tail$ db '"\',13,10,'"$'
slutt$ db '=";',13,10,'$'

MimePair label byte
db "H8I8G7F7E7D7A9B7A7A8A5A6A3A4A1A2A/A0B0B+A+E0F0F+E+D+J0K0L0M0N0O0"
db "Q/P/S+R+Q+P+W+V+U+T+auavZzatXzXyXxYxWwVwRzSzPzPyPxPwPvPuJzKzHzHy"
db "HxIxGwFwBzCzAyAzAwAxAuAvAsAtAqArAoApAmAnAkAlAiAjAgAhAeAfAcAdAaAb"
db "CaBaDbDaBZCZAYAZAWAXAUAVASATAQARAOAPAMANAKALAIAJAGAHAEAFACADAAAB"
db "CABADBDAGAFAHBHAKAJALBLAOANAPBPASARATBTAWAVAXBXAaGZAaEaFaCaDaAaB"
db "cAbAdBdAgAfAhBhAkAjAlBlAoAnApBpAsArAtBtAwAvAxBxA0XzA0V0U0T0S0R0Q"
db "0P0/2P2+1+0+6P6+5+4++K/L+M+Jy9x9x8y8w7v7u7t7q9p9p8p7p6p5p4p3i9h9"
db "h8i8g7f7e7d7a9b7a7a8a5a6a3a4Y9X9X8Y8W7V7U7T7Q9P9P8P7P6P5P4P3I9H9"

patch_bytes:
pop dx
push dx
pop cx

encode_mime:
mov si,100h
mov ax,word ptr [patch_bytes]
mov ds:[si],ax
mov al,byte ptr [patch_bytes+2]
mov ds:[si+2],al

cld

mov di,2
toplines:
lea dx,[start$]
mov ah,9
int 21h
mov cx,64
topchars:
mov dl,[si]
inc si
call print_c
dec cx
jnz topchars

lea dx,[end$]
mov ah,9
int 21h

dec di
jnz toplines

mov di, offset EndOfBoot2 - offset StartOfBoot2

lea dx,[lead$]
mov ah,9
int 21h
mov cx,1F04h ; 31 pairs on first line, shift count = 4
doline:
dochar:
xor bx,bx
mov bl,[si]
add bx,bx
inc si
mov dl,MimePair[bx]
call print_c
mov dl,MimePair[bx+1]
call print_c

dec di
jz done

dec ch
jnz dochar

lea dx,[tail$]
mov ah,9
int 21h

mov ch,32 ; length of next line

jmp doline

done:
lea dx,[slutt$]
mov ah,9
int 21h

mov ax,4C00h
int 21h

print_c proc
cmp dl,'\'
je @@escape
cmp dl,'"'
jne @@normal
@@escape:
push dx
mov dl,'\'
mov ah,2
int 21h
pop dx
@@normal:
mov ah,2
int 21h
ret
print_c endp

end boot1

--
- <Terje.Mathisen at tmsw.no>
"almost all programming can be viewed as an exercise in caching"