GMS@PSUVM.BITNET (03/25/88)
I've posted a UUENCODed copy of my shareware SKYPLOT planetarium simulator to COMP.BINARIES.IBM.PC. If you want to use it you should receive the 8 files, eliminate the header junk, concatenate them (in the proper order), and UUDECODE them. The result will be a binary file in PKXARC format containing the program. Now you must download the file to your PC. It is SELF-DEARCING! just issue the name of the file as a command and it will de-arc itself. have fun and let me hear any comments. Please feel free to distribute it to others, post it on BBS's, etc... gerry santoro GMS @ PSUVM (bitnet) . . . !PSUVAX1!PSUVM.BITNET!GMS (uucp) | -(*)- |
frotz@drivax.UUCP (Frotz) (03/30/88)
In article <37175GMS@PSUVM> GMS@PSUVM.BITNET writes: >The result will be a binary file in PKXARC format containing the program. >Now you must download the file to your PC. It is SELF-DEARCING! ... >have fun and let me hear any comments. People! People! Let's be aware of the latest (and scariest) viruses and what they do to people's minds. This looks like a very nice package and I want to risk it, but I will have to wait until I find an isolated machine. (Or run it under FlexOS/386 with the DOS Application Environment in protected mode;-) Just remember: "Not everyone can be protected like this." Frotz ============================================================= Digital Research, Incorporated amdahl!drivax!frotz 70 Garden Court, B28 (408) 649-3896 Monterey, California 93940 Ask for John Fa'atuai =============================================================
jcmorris@mitre-bedford.ARPA (Joseph C. Morris) (03/31/88)
In article <3288@drivax.UUCP> frotz@drivax.UUCP (Frotz) writes: > [SKYPLOT] looks like a very >nice package and I want to risk it, but I will have to wait until I >find an isolated machine. The SKY.EXE file was constructed by creating a normal PKXARC archive, then prepending the PKSFX.PGM code which provides the self-unpacking function. The easiest way to test this is to use an intellegent file- compare utility like SUPERC to match the suspect file against a known good copy of PKSFX.PGM. If the delta report says that the first mismatch is at decimal 9758 (the current size of PKXFX.PGM), you should be safe. I did this, and got the expected (and safe) report that it matched. Of course, this assumes that you got PKSFX.PGM from a trusted source. An alternative way would be to have a program which strips off the known number of bytes in PKSFX.PGM (9758) from the suspect file and writes out the remainder to disk. This remainder is a standard ARC file which can be investigated with PKXARC -t etc. Finally, I could have (but didn't) tried the thing safely by turning off the expansion chassis which houses both of my hard disks and rebooting. A less drastic measure which I used to use was to modify the drive controller card to add a switch which disabled the on-board PROM. The card could still be accessed by using raw IN/OUT instructions, but none of the BIOS interrupts would be recognized. Modifying one of the original IBM HD controller cards to do this was trivial, but the newer cards aren't as easy.