How to lock hard disk with hdlock

After the software is installed, it is likely that it cannot be uninstalled. The solution is to enter fdisk/MBR in pure DOS mode (not in Windows mode.

I started the command with old Mao Tao and did not use the command. It is estimated that the boot partition is not a hard disk, later I thought of the Windows Recovery control platform with the repair MBR command (fixmbr), then I used the Windows installation disk to enter the console, and then it was good.Windows installation CD is still useful...

 

About fdisk/MBR

Microsoft's "fdisk" partition tool not only performs partitioning on hard disks, but also maintains hard disk partitions. in particular, "fdisk/MBR", a parameter that has never been disclosed by Microsoft, can be unconditionally written to the hard disk "MBR" information.

 

Well, I looked for it again and found the source code of hdlock, which was sent by the author:

 

I wrote a hard disk lock some time ago and used it to communicate with you. At the same time, I had a problem.
You can help me think about it.
First of all, let's briefly introduce my program. I wrote it in assembly. The program has two files: hdlock.exe
Hdlock. dat. In this example, hdlock.datis the hard disk lock I wrote for installing the hard disk 0-column 0-1 fan. hdlock.exe implements
(1) Mount hdlock. dat into the hard disk, 0 columns, 0 channels, 1 fan, and set the hard disk Lock password. (2) change the password and (3) uninstall
Hard Disk lock
Here, we will first introduce hdlock. dat, because the hard disk lock itself is limited by space, it must be strictly controlled in 1bdh
Byte, (do you know why ?) Therefore, you cannot use MASM to write the original program first and then compile the program. I basically use DEBUG
The a command is written at one time. I have compiled these components and added some comments to show you how to learn from each other.
.

This section moves the entire hard disk lock from 0000: 7c00 to 0000: 0600 to avoid being overwritten by the code later read.
0f6d: 0100 1E pushds
0f6d: 0101 06 pushes
0f6d: 0102 b90001 movcx, 0100
0f6d: 0105 bf0006 movdi, 0600
0f6d: 0108 b80000 movax, 0000
0f6d: 010b 8ed8 movds, ax
0f6d: 010d 8ec0 moves, ax
0f6d: 010f be007c movsi, 7c00
0f6d: 0112 F2 repnz
0f6d: 0113 A5 movsw
0f6d: 0114 ea1a060000 jmp0000: 061a; Code after long jump to move, that is, execution starts from 011a
0f6d: 0119 90 NOP
0f6d: 011a eb09 jmp0125

This section initializes the screen and displays the string "password"
0f6d: 0125 b80006 movax, 0600
0f6d: 0128 b7f0 movbh, F0
0f6d: 012a b90000 movcx, 0000
0f6d: 012d ba4f18 movdx, 184f
0f6d: 0130 CD10 int10; initialize the screen (the foreground is black, the background is gray, and the characters are blinking)
0f6d: 0132 b21a movdl, 1a
0f6d: 0134 be1c06 movsi, 061c; display characters from 061ch (because the program will be read at 0000: 0600,
; The actual display is the string starting at the current 11ch)
0f6d: 0137 b402 movah, 02
0f6d: 0139 b610 movdh, 10
0f6d: 013b b700 movbh, 00
0f6d: 013d CD10 int10; set the cursor position (1ah column of 10 h rows)
0f6d: 013f 8a04 moval, [Si]
0f6d: 0141 3c00 cmpal, 00
0f6d: 0143 741b jz0160; whether the string is displayed. If yes, it jumps to the place where the password is read from the keyboard.
0f6d: 0145 b409 movah, 09
0f6d: 0147 b90100 movcx, 0001
0f6d: 014a b700 movbh, 00
0f6d: 014c b370 movbl, 70
0f6d: 014e CD10 int10; displays one character
0f6d: 0150 fec2 incdl; move one cursor behind
0f6d: 0152 46 incsi; move one character behind the character pointer
0f6d: 0153 ebe2 jmp0133; continue to display the next character

0f6d: 011c dB 'passward '00; string used for display

; Read the password from the keyboard
0f6d: 0160 b90400 movcx, 0004
0f6d: 0163 b80000 movax, 0000
0f6d: 0166 8ec0 moves, ax
0f6d: 0168 bf0108 movdi, 0801
0f6d: 016b F3 repz
0f6d: 016c AB stosw; open a buffer with a length of 8 bytes at the beginning of 0000: 0801
; (Marked with H), used to store the password read from the keyboard, (Password
; Up to 8 characters, at least 0 characters)
0f6d: 016d b90900 movcx, 0009; a maximum of 9 keyboard reads (of course, 9th is read again)
0f6d: 0170 bf0108 movdi, 0801; password written at H
0f6d: 0173 b223 movdl, 23

0f6d: 0175 B400 movah, 00
0f6d: 0177 CD16 int16; read keyboard
0f6d: 0179 3c0d cmpal, 0d
0f6d: 017b 7479 jz01f6; press enter to jump to password comparison
0f6d: 017d b402 movah, 02
0f6d: 017f 90 NOP
0f6d: 0180 90 NOP
0f6d: 0181 b610 movdh, 10
0f6d: 0183 b700 movbh, 00
0f6d: 0185 CD10 int10; set the cursor position (of course, behind the "passward" string)
0f6d: 0187 3c08 cmpal, 08
0f6d: 0189 7437 jz01c2
0f6d: 018b 50 pushax
0f6d: 018c b40e movah, 0e
0f6d: 018e b02a moval, 2a
0f6d: 0190 b307 movbl, 07
0f6d: 0192 CD10 int10; display a "*" (it is not terrible to enter a password without echo)
0f6d: 0194 58 popax
0f6d: 0195 0423 addal, 23; password characters plus 23 h (subject to space restrictions, add the program in the system startup
Before the script is executed, here, I simply add the password to 23 h,
If anyone has good and small algorithms, don't forget to tell me)
0f6d: 0197 8805 mov [di], Al
0f6d: 0199 47 incdi
0f6d: 019a 49 deccx
0f6d: 019b 83f900 cmpcx, + 00
0f6d: 019e 740a jz01aa; whether the keyboard has been read for 9th times, jump to the input Overflow
0f60: 01a0 fec2 Inc DL
0f60: 01a2 ebd1 JMP 0175

; This section is used to process keyboard input more than 8 times
0f6d: 01aa b610 movdh, 10
0f6d: 01ac b402 movah, 02
0f6d: 01ae b223 movdl, 23
0f6d: 01b0 b700 movbh, 00
0f6d: 01b2 CD10 int10
0f6d: 01b4 b409 movah, 09
0f6d: 01b6 b000 moval, 00
0f6d: 01b8 b307 movbl, 07
0f6d: 01ba b90900 movcx, 0009
0f6d: 01bd CD10 int10
0f6d: 01bf eb9f jmp0160; read the password again

; This section is used for backspace processing.
0f6d: 01c2 51 pushcx
0f6d: 01c3 b403 movah, 03
0f6d: 01c5 b700 movbh, 00
0f6d: 01c7 CD10 int10; read cursor position
0f6d: 01c9 80fa23 cmpdl, 23
0f6d: 01cc 74a7 jz0175; check whether the cursor has reached the header.
0f6d: 01ce 81ff0008 cmpdi, 0800
0f6d: 01d2 74A1 jz0175; check whether the Password Buffer is in the header; If yes, read the Next Password

0f6d: 01d4 b402 movah, 02
0f6d: 01d6 feca decdl
0f6d: 01d8 CD10 int10
0f6d: 01da b40e movah, 0e
0f6d: 01dc b000 moval, 00
0f6d: 01de b307 movbl, 07
0f6d: 01e0 CD10 int10; move the cursor one bit forward and delete "*"
0f6d: 01e2 b80000 movax, 0000
0f6d: 01e5 8905 mov [di], ax; the current pointer of the password buffer is cleared.
0f6d: 01e7 4f decdi; password buffer pointer minus one
0f6d: 01e8 8905 mov [di], ax; the current pointer of the password buffer is cleared.
0f6d: 01ea 59 popcx
Inc cx; // CX should add 1
0f6d: 01eb eb88 jmp0175; reread the keyboard

; This section is used to compare passwords.
0f6d: 01f6 b80000 movax, 0000
0f6d: 01f9 8ec0 moves, ax
0f6d: 01fb 8ed8 movds, ax
0f6d: 01fd beb007 movsi, 07b0
0f6d: 0200 bf0108 movdi, 0801
0f6d: 0203 b90400 movcx, 0004
0f6d: 0206 F3 repz
0f6d: 0207 A7 cmpsw
0f6d: 0208 7404 jz020e; jump to the correct boot system code if the strings are the same
0f6d: 020a eb3c jmp0248; jump to encrypted hard disk Code if the strings are different

Correctly guide the system code
0f6d: 020e b80000 movax, 0000
0f6d: 0211 8ec0 moves, ax
0f6d: 0213 b80102 movax, 0201
0f6d: 0216 b90200 movcx, 0002
0f6d: 0219 ba8000 movdx, 0080
0f6d: 021c bb00f0 movbx, f000
0f6d: 021f CD13 int13
0f6d: 0221 b80103 movax, 0301
0f6d: 0224 b90100 movcx, 0001
0f6d: 0227 ba8000 movdx, 0080
0f6d: 022a CD13 int13; 0-column 0-Channel 2 is the hard disk lock code written by hdboot. exe
; (That is, the code we see now) + correct hard disk score
The partition table is composed of 0 columns, 0 channels, and 1 fan. Then the operating system can
; Read the hard disk normally
0f6d: 022c b80000 movax, 0000
0f6d: 022f 8ec0 moves, ax
0f6d: 0231 b80102 movax, 0201
0f6d: 0234 b90300 movcx, 0003
0f6d: 0237 ba8000 movdx, 0080
0f6d: 023a bb007c movbx, 7c00
0f6d: 023d CD13 int13; 0-column 0-Channel 3 is the backup of the original MBR area written by hdboot. EXE.
; It is read at 0000: 7c00
0f6d: 023f ea007c0000 jmp0000: 7c00; long jump to the original MBR code for execution (not how to guide it later)
) To guide the system correctly.

; Encrypted hard disk code
0f6d: 0248 b80000 movax, 0000
0f6d: 024b 8ec0 moves, ax
0f6d: 024d b80102 movax, 0201
0f6d: 0250 b90400 movcx, 0004
0f6d: 0253 ba8000 movdx, 0080
0f6d: 0256 bb00f0 movbx, f000
0f6d: 0259 CD13 int13
0f6d: 025b b80103 movax, 0301
0f6d: 025e b90100 movcx, 0001
0f6d: 0261 ba8000 movdx, 0080
0f6d: 0264 CD13 int13; 0-column 0-Channel 4 is the hard disk lock code written by hdboot. EXE (that is
Code that you can see now) Add the logic lock of Jiang Ming's principle and write it
The operating system is completely locked after 0-bar, 0-channel, and 1-fan drive (cannot be guided from other disks)
0f6d: 0266 CD19 int19; needless to say, it is equivalent to Hot Start

After reading this, you must have seen some problems. To enable this hard disk lock to be cross-platform, I set it to enter the correct password and then
The correct Partition Table reads 0 columns, 0 columns, and 1 fan. If the correct password is entered, jiangming locks are read into 0 columns, 0 columns, and 1 fan. You can see it clearly, as shown in figure
If the computer owner enters the computer with the correct password last time, and the computer illegal user does not try the password at one time, they will directly use a floppy disk or a CD or
USB disk boot allows unauthorized access to the hard disk. To be honest, this problem has plagued me for a long time and cannot be solved,
After you enter the correct password, you must read the correct partition table into the 0-column, 0-channel, and 1 fan. Then, after the operating system is started, you can add 0-column, 0-channel, and 1 fan.
Partition Table encryption. There are two problems in this way. (1) the hands and feet of starting the operating system must be placed in the self-starting operating system (such as DoS
Autoexec. bat, Win98 "start", etc.), this is obviously not safe, (2) At the same time, it is obviously not "cross-platform", so I only
Can tell the user in the program description, if you leave the computer, deliberately enter a wrong password, then jiangming lock will lock the hard disk, so that the computer
Unauthorized users cannot use a floppy disk, a CD, or USB disk for guidance. (We know that the so-called jiangming lock means that the extended partition points to itself, so that
The Startup Program is in an endless loop, and this damn thing does not know how many hard disks are killed, so we should let him do a good job). If anyone has a better way
To solve this problem, please let me know.
Next we will introduce the hdlcok. EXE file. The following is the complete program source code:

; Hard disk lock Installer
Data Segment
D1 dB 0cdh, 0bfh, 0d1h, 0e5h, 0eah, 0cdh
D2 dB 'you had not install the hdlock, do you install? (Y/n) ', 0dh, 0ah,' $'
D3 dB 'hdlock. dat ', 00 h
D4 dB 'can not find file (hdlock. dat) ', 0dh, 0ah,' $'
D5 dB 'Password', 00 h
D6 dB 1eh, 06 h, 0b9h, 00 h, 01 H, 0bfh, 00 h, 06 h, 0b8h, 00 h, 00 h, 8eh, 0d8h, 8eh, 0c0h, 0beh; logical lock
DB 00 h, 7ch, 0f2h, 0a5h, 0eah, 1ah, 06 h, 00 h, 00 h, 90 h, 0ebh, 09 h, 50 h, 41 h, 53 H, 53 H
DB 57 H, 4fh, 52 h, 44 h, 00 h, 0b8h, 00 h, 06 h, 0b7h, 0f0h, 0b9h, 00 h, 00 h, 0bah, 4fh, 18 h
DB 0cdh, 10 h, 0b2h, 01ah, 0beh, 1ch, 06 h, 0b4h, 02 h, 0b6h, 10 h, 0b7h, 00 h, 0cdh, 10 h, 8ah
DB 04 H, 3ch, 00 h, 74 h, 1bh, 0b4h, 09 h, 0b9h, 01 H, 00 h, 0b7h, 00 h, 0b3h, 70 h, 0cdh, 10 h
DB 0feh, 0c2h, 46 h, 0ebh, 0e2h, 0cdh, 20 h, 4fh, 3DH, 33 H, 0cdh, 20 h, 33 H, 33 H, 33 H
DB 0b9h, 04 H, 00 h, 0b8h, 00 h, 00 h, 8eh, 0c0h, 0bfh, 01 H, 08 h, 0f3h, 0abh, 0b9h, 09 h, 00 h
DB 0bfh, 01 H, 08 h, 0b2h, 23 h, 0b4h, 00 h, 0cdh, 16 h, 3ch, 0dh, 74 h, 79 H, 0b4h, 02 h, 90 h
DB 90 h, 0b6h, 10 h, 0b7h, 00 h, 0cdh, 10 h, 3ch, 08 h, 74 h, 37 h, 50 h, 0b4h, 0eh, 0b0h, 2ah
DB 0b3h, 07 h, 0cdh, 10 h, 58 h, 04 H, 23 h, 88 h, 05 h, 47 h, 49 H, 83 H, 0f9h, 00 H, 74 h, 0ah
DB 0feh, 0c2h, 0ebh, 0d1h, 24 h, 67 h, 00 h, 77 H, 69 H, 6eh, 0b6h, 10 h, 0b4h, 02 h, 0b2h, 23 h
DB 0b7h, 00 h, 0cdh, 10 h, 0b4h, 09 h, 0b0h, 00 h, 0b3h, 07 h, 0b9h, 09 h, 00 h, 0cdh, 10 h, 0ebh
DB 9fh, 51 H, 51 H, 0b4h, 03 h, 0b7h, 00 h, 0cdh, 10 h, 80 h, 0fah, 23 h, 74 h, 0a7h, 81 h, 0ffh
DB 00 h, 08 h, 74 h, 0a1h, 0b4h, 02 h, 0feh, 0cah, 0cdh, 10 h, 0b4h, 0eh, 0b0h, 00 h, 0b3h, 07 h
DB 0cdh, 10 h, 0b8h, 00 h, 00 h, 89 h, 05 h, 4fh, 89 h, 05 h, 59 h, 0ebh, 88 h, 07 h, 43 H, 04 H
DB 0e8h, 86 H, 0cdh, 20 h, 44 h, 44 h, 0b8h, 00 h, 00 h, 8eh, 0c0h, 8eh, 0d8h, 0beh, 0b0h, 07 h
DB 0bfh, 01 H, 08 h, 0b9h, 04 H, 00 h, 0f3h, 0a7h, 74 h, 04 H, 0ebh, 3ch, 55 h, 55 h, 0b8h, 00 h
DB 00 h, 8eh, 0c0h, 0b8h, 01 H, 02 h, 0b9h, 02 h, 00 h, 0bah, 80 h, 00 h, 0bbh, 00 h, 0f0h, 0cdh
DB 13 H, 0b8h, 01 H, 03 h, 0b9h, 01 H, 00 h, 0bah, 80 h, 00 h, 0cdh, 13 H, 0b8h, 00 H, 00 h, 8eh
DB 0c0h, 0b8h, 01 H, 02 h, 0b9h, 03 h, 00 h, 0bah, 80 h, 00 h, 0bbh, 00 h, 7ch, 0cdh, 13 H, 0eah
DB 00 h, 7ch, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 0b8h, 00 h, 00 h, 8eh, 0c0h, 0b8h, 01 H, 02 h
DB 0b9h, 04 H, 00 h, 0bah, 80 h, 00 h, 0bbh, 00 h, 0f0h, 0cdh, 13 H, 0b8h, 01 H, 03 h, 0b9h, 01 H
DB 00 h, 0bah, 80 h, 00 h, 0cdh, 13 H, 0cdh, 19 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 H, 00 h, 00 h
DB 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 H, 00 h, 00 h, 00 h
DB 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 H, 00 h, 00 h, 00 h
DB 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 H, 00 h, 00 h, 00 h
DB 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 H, 00 h, 00 h, 00 h
DB 64 h, 64 h, 64 h, 64 h, 64 h, 64 h, 64 h, 64 h, 00 h, 00 h, 00 h, 00 h, 00 H, 00 h, 00 h, 00 h
DB 01 H, 00 h, 05 h, 0feh, 7fh, 05 h, 3fh, 00 h, 00 h, 00 h, 47 h, 39 h, 40 h, 00 H, 00 h, 00 h
DB 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 H, 00 h, 00 h, 00 h
DB 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 H, 00 h, 00 h, 00 h
DB 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 h, 00 H, 00 h, 55 h, 0aah
D7 dB 'you have been installed hdlock, do you remove? (Y/n) ', 0dh,' $'
D8 dB 'password error $'
D9 dB 0dh, 0ah
DB 0dh, 0ah
Db' ############ ', 0dh, 0ah
Db' ############ ', 0dh, 0ah
Db' ############ ', 0dh, 0ah
Db' ############ ', 0dh, 0ah
Db' ############# ', 0dh, 0ah
DB 0dh, 0ah
DB '---------- # Hard Disk lock # ------------', 0dh, 0ah
DB 'by: The man like Wind', 0dh, 0ah
DB 'e-mail: tyhhyf@hotmail.com ', 0dh, 0ah
DB 'oss: 100', 0dh, 0ah
D10 dB 'enter anykey to enter the password. $'
D11 dB 'enter anykey to enter the password again. $'
D12 dB 'error: Two password is not alike! $'
D13 dB 'the hdlock had been installed, please remember you password !!! $'
D14 dB 'the hdlock had been removed. $'
Data ends
Code segment
Assume Cs: code, DS: data, ES: Data
Start:
MoV ax, Data
MoV ds, ax
MoV es, ax
MoV dx, offset D9
MoV ah, 09 h
Int 21 h
MoV ah, 00 h
Int 16 h
; Determine whether the hard disk lock program has been installed
Next:
MoV ax, 0201 h; read one sector
MoV CX, 0001 H
MoV dx, 0080 H
MoV BX, 0f000h
INT 13 H
MoV ax, 0201 H
MoV CX, 0001 H
MoV dx, 0080 H
MoV BX, 0e000h
INT 13 H
MoV Si, 0f1a0h
MoV Di, offset d1
MoV CX, 0003 H
Repe cmpsw
Jnz install
JMP del
Install:
MoV dx, offset D2
MoV ah, 09 h
Int 21 h
Enter:
Int 16 h
Or Al, 20 h
CMP Al, 'y'; is Y?
Je install1
CMP Al, 'n'
Je exit
JMP enter
Exit:
MoV ah, 4ch
Int 21 h
Install1:
MoV ah, 3DH
MoV dx, offset D3
MoV Al, 00 h
Int 21 h
JB aerror
PUSH AX
MoV ah, 3fh
MoV dx, 0f000h
MoV CX, 01beh
Pop BX
Int 21 h
MoV ah, 09 h
MoV dx, offset D10
Int 21 h
MoV ah, 00 h
Int 16 h
Call near PTR pwenter
MoV Si, 0f1b0h
MoV Di, 0f3b0h
MoV CX, 0004 H
Repnz movsw
MoV ah, 06 h
MoV Al, 00 h
MoV BH, 07 h
MoV CX, 0000 h
MoV dx, 184fh
Int 10 h
MoV DH, 03 h
MoV DL, 00 h
MoV BH, 00 h
MoV ah, 02 h
Int 10 h
MoV ah, 09 h
MoV dx, offset D11
Int 21 h
MoV ah, 00 h
Int 16 h
Call near PTR pwenter
MoV Si, 0f1b0h
MoV Di, 0f3b0h
MoV CX, 0008 H
Repe cmpsb
Jnz exit4
JMP write
Aerror:
MoV ah, 09 h
MoV dx, offset D4
Int 21 h
JMP exit
Exit4:
MoV DH, 03 h
MoV DL, 00 h
MoV BH, 00 h
MoV ah, 02 h
Int 10 h
MoV ah, 06 h
MoV Al, 00 h
MoV BH, 07 h
MoV CX, 0000 h
MoV dx, 184fh
Int 10 h
MoV ah, 09 h
MoV dx, offset D12
Int 21 h
MoV ah, 4ch
Int 21 h
Write:
MoV ax, 0301 H
MoV CX, 0003 H
MoV dx, 0080 H
MoV BX, 0e000h
INT 13 H
MoV BX, offset D6
Add Bx, 1b0h
MoV CX, 4 h
MoV Si, 0f1b0h
MoV Di, BX
Repnz movsw
MoV ax, 0301 H
MoV CX, 0004 H
MoV dx, 0080 H
MoV BX, offset D6
INT 13 H
MoV ax, 0301 H
MoV CX, 0002 H
MoV BX, 0f000h
MoV dx, 0080 H
INT 13 H
MoV ax, 0301 H
MoV CX, 0001 H
MoV BX, 0f000h
MoV dx, 0080 H
INT 13 H
MoV ah, 06 h
MoV Al, 00 h
MoV BH, 07 h
MoV CX, 0000 h
MoV dx, 184fh
Int 10 h
MoV DH, 03 h
MoV DL, 00 h
MoV BH, 00 h
MoV ah, 02 h
Int 10 h
MoV ah, 09 h
MoV dx, offset D13
Int 21 h
JMP exit

DEL:
MoV dx, offset D7
MoV ah, 09 h
Int 21 h
Enter2:
MoV ah, 00 h
Int 16 h
Or Al, 20 h
CMP Al, 'y'
Je unlade
CMP Al, 'n'
Je exit1
JMP enter2
Exit1:
MoV ah, 4ch
Int 21 h
Unlade:
Call near PTR pwenter
MoV Si, 0f1b0h
MoV Di, 0e1b0h
MoV CX, 8 h
Repe cmpsb
Jnz exit2
MoV ax, 0201 H
MoV CX, 0003 H
MoV BX, 0f000h
MoV dx, 0080 H
INT 13 H
MoV ax, 0301 H
MoV CX, 0001 H
MoV BX, 0f000h
MoV dx, 0080 H
INT 13 H
MoV DH, 03 h
MoV DL, 00 h
MoV BH, 00 h
MoV ah, 02 h
Int 10 h
MoV ah, 06 h
MoV Al, 00 h
MoV BH, 07 h
MoV CX, 0000 h
MoV dx, 184fh
Int 10 h
MoV ah, 09 h
MoV dx, offset D14
Int 21 h
JMP exit
Exit2:
MoV ah, 09 h
MoV dx, offset D8
Int 21 h
MoV ah, 4ch
Int 21 h
The subroutine is used to read the password from the keyboard.
Pwenter proc near
PUSH AX
Push BX
Push CX
Push DX
MoV ax, 0600 H
MoV BH, 0f0h
MoV CX, 0000 h
MoV dx, 184fh
Int 10 h
MoV DL, 1ah
MoV Si, offset D5
Display:
MoV ah, 02 h
MoV DH, 10 h
MoV BH, 00 h
Int 10 h
MoV Al, [Si]
CMP Al, 00 h
Je getpw
MoV ah, 09 h
MoV CX, 01 H
MoV BH, 00 h
MoV BL, 70 h
Int 10 h
INC DL
INC Si
JMP display
Getpw:
MoV CX, 0004 H
MoV ah, 0000 h
MoV Di, 0f1b0h
Repz stosw
MoV CX, 0009 H
MoV Di, 0f1b0h
MoV DL, 23 h
Readkey:
MoV ah, 00 h
Int 16 h
CMP Al, 0dh
Je OK
CMP Al, 20 h
Je readkey
CMP Al, 00 h
Je readkey
CMP Al, 09 h
Je readkey
CMP Al, 1bh
Je aesc
Push CX
MoV ah, 02 h
MoV DH, 10 h
MoV BH, 00 h
Int 10 h
Pop CX
CMP Al, 08 h
Je backspace
PUSH AX
MoV ah, 0eh
MoV Al, 2ah
MoV BL, 07 h
Int 10 h
Pop ax
Add Al, 23 h
MoV [di], Al
INC di
Dec CX
Cmp cx, 00 h
Je Overflow
INC DL
JMP readkey
OK:
Pop ax
Pop BX
Pop CX
Pop DX
RET
Aesc:
MoV ah, 4ch
Int 21 h
Overflow:
MoV DH, 10 h
MoV ah, 02 h
MoV DL, 23 h
MoV BH, 00 h
Int 10 h
MoV ah, 09 h
MoV Al, 00 h
MoV BL, 07 h
MoV CX, 0009 H
Int 10 h
JMP getpw
Backspace:
Push CX
MoV ah, 03 h
MoV BH, 00 h
Int 10 h
Pop CX
Cmp dl, 23 h
Je readkey
CMP Di, 0f1afh;
Je readkey
Push CX
MoV ah, 02 h
Dec DL
Int 10 h
Pop CX
Push CX
MoV ah, 0eh
MoV Al, 00 h
MoV BL, 07 h
Int 10 h
Pop CX
MoV ax, 0000 h
MoV [di], ax
Dec di
MoV [di], ax
Cmp cx, 09 h
Je ajump
INC CX
JMP ajump
Ajump:
JMP readkey
Pwenter endp
Code ends
End start

This program is used to write the hdlock. dat file to the MBR. If you are interested, try it.