Which is the best way of ensuring that nobody is able to see the contents of your hard disk? How can you fool the user with malicious intentions who attempts to look at your disk contents by using DIR command? Simply. Just manage to fool COMMAND.COM
Out of the three DOS files, IO.SYS, MSDOS.SYS and COMMAND.COM, it is COMMAND.COM that contains the information about DOS internal commands like DIR, COPY, TYPE etc. If you explore COMMAND.COM you will find after a few hundred bytes DOS error messages followed by a list of DOS internal commands. And this is where we intend to modify COMMAND.COM. We would change the name of internal command and save the changes to the disk. For example we can change DIR to YPK, or TYPE to ICIT and so on. Here is a program that does just this.
Out of the three DOS files, IO.SYS, MSDOS.SYS and COMMAND.COM, it is COMMAND.COM that contains the information about DOS internal commands like DIR, COPY, TYPE etc. If you explore COMMAND.COM you will find after a few hundred bytes DOS error messages followed by a list of DOS internal commands. And this is where we intend to modify COMMAND.COM. We would change the name of internal command and save the changes to the disk. For example we can change DIR to YPK, or TYPE to ICIT and so on. Here is a program that does just this.
# include
FILE *fp ;
main( )
{
char original[9], new[9] ;
fp = fopen ( "c:\\command.com", "rb+" ) ;
if ( fp == NULL )
{
puts ( "error opening file" ) ;
exit ( 1 ) ;
}
printf ( "\nWhich command do you wish to change?" ) ;
scanf ( "%s", original ) ;
printf ( "\nTo what?" ) ;
scanf ( "%s", new ) ;
if ( strlen ( original ) != strlen ( new ) )
{
printf ( "Enter an alternative of the same length" ) ;
exit ( 2 ) ;
}
strupr ( original ) ;
strupr ( new ) ;
findandreplace ( original, new ) ;
fclose ( fp ) ;
}
findandreplace ( char *s1, char *s2 )
{
int length, flag = 0 ;
char temp[25] ;
length = strlen ( s1 ) ;
while ( fread ( temp, length, 1, fp ) != 0 )
{
temp[length] = '\0' ;
if ( strcmp ( temp, s1 ) == 0 )
{
fseek ( fp, - ( long ) length, SEEK_CUR ) ;
fwrite ( s2, length, 1, fp ) ;
flag = 1 ;
}
fseek ( fp, - ( long ) ( length - 1 ), SEEK_CUR ) ;
}
if ( flag != 1 )
printf ( "No such DOS command" ) ;
}
The program first opens COMMAND.COM in read/write mode, and then receives the name of the DOS command to change and the new name. The length of the new command must be same as that of the old command. Hence their lengths are verified first and then they are converted to uppercase and passed to the function findandreplace( ).This function reads the first length bytes into an array temp by making a call to fread( ). The contents of the array are then compared on a byte-by-byte basis with the command name to be replaced. If these two match exactly then the command name in the file is overwritten with the new command name using fwrite( ). On reading the file contents the pointer had advanced hence care is taken to shift the pointer back before carrying out the writing. Since a command may occur at several places in COMMAND.COM this searching and replacing is carried out till the end of the file is reached. This ensures that all occurrences of an old command get replaced.
After executing the program reboot the computer such that the modified COMMAND.COM gets loaded from the disk. And now if a hacker visits your system and tries to execute a command like DIR or TYPE he would keep getting the message ‘Bad command or file name’.
That’s yet another fascinating facet of C for you. C is fast. It performs. It has power, portability and punch. We shouldn’t have expected more: or maybe we should...
