DESCRIPTION: Using DEBUG to Lock and Unlock a Hard Drive
SAVE AS: HD_LOCK.TXT
AUTHOR: M. L. Giggleman
When FDISK partitions a hard disk, it stores information in a
64-byte table called the DISK PARTITION TABLE. The table starts
at offset 1BEh from the beginning of the first sector and holds
four 16-byte entries, each corresponding to one partition on
the disk.
The 5th byte of every entry is the SYSTEM INDICATOR BYTE. It
identifies the operating system that owns the corresponding
partition. A value of 0 means an unused partition; any other
value is an operating system identifier. DOS uses 1, 4, and 6
to specify the size of its partitions, where 1 means less than
16MB, 4 denotes 16 to 32MB, and 6 identifies a large (greater
than 32MB) partition. Extended DOS partitions-those containing
logical drives not defined in the master partition table-are
indicated with 5.
Under DOS, a primary partition can hold only one logical drive
(C:). Defining additional logical drives (D:, E:, and so on) on
the same hard disk requires creating an extended DOS partition
and subdividing into the desired drives.
DOS scans the partition table at start up, assigning a drive
letter to each valid partition it owns. Partitions with a
system indicator byte of 0 are not assigned drive letters.
Attempting to access a partition that has no drive letter,
generates an ``Invalid drive specification'' message from DOS.
If the system indicator byte for each partition is 0, DOS will
not recognize the hard disk. This is easy to do with DEBUG
directly. It's easier still with a short utility, LOCK.COM, and
its companion program, UNLOCK.COM, created using DEBUG.
ONLY use LOCK on disks partitioned with FDISK. DO NOT USE with
a third-party disk utility that creates non-standard partition
tables (such as Disk Manager).
Run LOCK.COM only on the PC used to create it. UNLOCK is
created for a particular hard disk; using it on another hard
drive could render it unusable.
If the hard drive is repartitioned, the procedure for creating
UNLOCK.COM must be repeated after the repartitioning is
complete, to ensure the system indicator values that UNLOCK
writes to the partition table reflect the new ones created by
FDISK during the repartition.
Before generating LOCK.COM
(1) Make a bootable system disk and test.
(2) Use MIRROR /PARTN to backup the partition table to the
floppy (DOS 5.0).
(3) Copy UNFORMAT.COM (DOS 5.0) to the diskette. UNFORMAT
/PARTN will restore the partition table from the floppy
disk.
(4) Create UNLOCK.COM and copy to the floppy BEFORE executing
LOCK.COM.
TO CREATE LOCK.COM:
Enter the DEBUG commands below in a text file. To compile,
type:
DEBUG < filename
at the DOS prompt to produce the 49-byte LOCK.COM.
A 0100
MOV AX,0201 ;Read the partition
MOV BX,0200 ;table from the hard
MOV CX,0001 ;disk
MOV DX,0080
INT 13
MOV BYTE PTR [03C2],00 ;Zero out the system
MOV BYTE PTR [03D2],00 ;indicator bytes
MOV BYTE PTR [03E2],00
MOV BYTE PTR [03F2],00
MOV AX,0301 ;Write the revised
MOV BX,0200 ;partition table back
MOV CX,0001 ;to the hard disk
MOV DX,0080
INT 13
RET ;Return to DOS
N LOCK.COM
RCX
31
W
Q
TO CREATE UNLOCK.COM:
UNLOCK.COM begins as LOCK.COM's identical twin. Create by
copying LOCK.COM to UNLOCK.COM. Now start DEBUG, but DON'T load
UNLOCK.COM. Instead type:
A 0100
MOV AX,0201
MOV BX,0200
MOV CX,01
MOV DX,80
INT 13
RET
G=0100 010E
D 03C2 L1
D 03D2 L1
D 03E2 L1
D 03F2 L1
In response to each of the last four commands, DEBUG will
display an 8-digit address in segment:offset format, followed
by a single hexadecimal number. A typical response is
1683:03C0 06
Write down the hexadecimal value output by each command (for
example, 06 in the line above). These are the system indicator
values currently recorded in the hard disk master partition
table.
Type Q to quit DEBUG. Start it again, this time loading
UNLOCK.COM. At the prompt, enter
E 0112 ww
E 0117 xx
E 011C yy
E 0121 zz
W
Q
replacing ww, xx, yy, and zz with the 4 values writen down
earlier. UNLOCK.COM will be patched to restore the original
system indicator values.
USING LOCK:
Lock the hard drive. After the reboot, DOS will not recognize
the hard drive. Test it by rebooting from drive A: and type DIR
C:. DOS should return an "Invalid drive specification" message.
To unlock the hard drive, type UNLOCK and reboot.
Reference: Jeff Prosise, 12/22/92 PC Magazine, Tutor Column
----------------------------------------------------------------
HARDLOCK.DOC
I have been using a software scheme to secure a hard drive that
is almost bulletproof. The first sector on a hard disk is NOT
part of DOS. It is the partition table. DOS is incapable of
reading or writing to this area. Even the Load and Save
commands in DEBUG cannot access the partition table. It is only
accessable through BIOS (Interrupt 13H).
On boot, the BIOS reads the partition table, and it finds and
reads the boot sector for DOS. To protect a hard disk, simply
destroy the signature area at the end of the partition table.
When the machine is booted, even with a floppy, DOS will not
acknowledge the presence of a hard disk. The ONLY way to regain
access to the disk is to run the HARDUNL program from floppy,
or run FDISK and reformat the hard disk.
This is a key-disk scheme that requires the system to be booted
twice. First to run HARDUNL from a floppy and second using
Ctrl-Alt-Del to boot from the hard disk. If the key-disk is
misplaced or damaged, the HARDUNL program can be keyed in under
DEBUG and run.
Run HARDLOCK to secure the drive; it will take effect at the
next boot. Run HARDUNL from a system floppy to unlock the
drive.
----- HARDLOCK.ASM ----------------------------------------------
include macros.asm
Begincom hardlock
jmp start
msg0 db 'Hardlock Completed Sucessfully',10,13,'$'
msg1 db 'Hardlock Disk I/O error.',10,13,'$'
buffer db 512 dup(?)
start proc near
mov ax,0201h ;read one sector
lea bx,buffer ;set up read address
mov cx,1 ;read the partition table
mov dx,0080h ;On drive C
int 13H ;execute read
jc IO_FAIL ;if carry - issue message
mov byte ptr [bx+511],0 ;make disk unusable
mov ax,0301h ;set up write command
int 13H
lea dx,msg0 ;point to OK message
jnc SENDMSG ;display msg
IO_FAIL: lea dx,msg1 ;point to failure message
SENDMSG: mov ah,9 ;dos display string
int 21h ;send message
int 20h ;terminate program
start endp
endcom hardlock
----- HARDUNL.ASM -----------------------------------------------
include macros.asm
Begincom hardunl
jmp start
msg0 db 'hardunlock Completed Sucessfully',10,13,'$'
msg1 db 'hardunlock Disk I/O error.',10,13,'$'
buffer db 512 dup(?)
start proc near
mov ax,0201h ;read one sector
lea bx,buffer ;set up read address
mov cx,1 ;read the partition table
mov dx,0080h ;On drive C
int 13H ;execute read
jc IO_FAIL ;if carry - issue message
mov byte ptr [bx+511],0AAh ;repair clobbered partition table
mov ax,0301h ;set up write command
int 13H
lea dx,msg0 ;point to OK message
jnc SENDMSG ;display msg
IO_FAIL: lea dx,msg1 ;point to failure message
SENDMSG: mov ah,9 ;dos display string
int 21h ;send message
int 20h ;terminate program
start endp
endcom hardunl
----- PARTITION TABLE -------------------------------------------
Physical Sector: Cyl 0, Side 0, Sector 1
00000000: FA 33 C0 8E D0 BC 00 7C - 8B F4 50 07 50 1F FB FC
00000010: BF 00 06 B9 00 01 F2 A5 - EA 1D 06 00 00 BE BE 07
00000020: B3 04 80 3C 80 74 0E 80 - 3C 00 75 1C 83 C6 10 FE
00000030: CB 75 EF CD 18 8B 14 8B - 4C 02 8B EE 83 C6 10 FE
00000040: CB 74 1A 80 3C 00 74 F4 - BE 8B 06 AC 3C 00 74 0B
00000050: 56 BB 07 00 B4 0E CD 10 - 5E EB F0 EB FE BF 05 00
00000060: BB 00 7C B8 01 02 57 CD - 13 5F 73 0C 33 C0 CD 13
00000070: 4F 75 ED BE A3 06 EB D3 - BE C2 06 BF FE 7D 81 3D
00000080: 55 AA 75 C7 8B F5 EA 00 - 7C 00 00 49 6E 76 61 6C
00000090: 69 64 20 70 61 72 74 69 - 74 69 6F 6E 20 74 61 62
000000A0: 6C 65 00 45 72 72 6F 72 - 20 6C 6F 61 64 69 6E 67
000000B0: 20 6F 70 65 72 61 74 69 - 6E 67 20 73 79 73 74 65
000000C0: 6D 00 4D 69 73 73 69 6E - 67 20 6F 70 65 72 61 74
000000D0: 69 6E 67 20 73 79 73 74 - 65 6D 00 00 A9 A2 6B 1B
000000E0: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
000000F0: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
00000100: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
00000110: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
00000120: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
00000130: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
00000140: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
00000150: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
00000160: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
00000170: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
00000180: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
00000190: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
000001A0: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
000001B0: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 80 01
000001C0: 01 00 06 0F A6 A9 26 00 - 00 00 9A 53 06 00 00 00
000001D0: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
000001E0: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
000001F0: 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 55 AA
Saturday, June 12, 2010
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment