[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

KOH: disassembly

To: [email protected]
Subject: KOH: disassembly
From: Karl Lui Barrus <[email protected]>
Date: Thu, 2 Sep 93 07:53:13 CDT

-----BEGIN PGP SIGNED MESSAGE-----

About the KOH virus/program:

I've receive two disassemblies of the program (but not the original source
code yet; I haven't had a chance to try to contact the author).

I'm not sure that either person who mailed me the disassembly wants to take
credit for it, publically at least :-) so I'll just thank them here for 
their work, and answer questions in email (although one of the disassemblies
includes an email address).  One person indicated that KOH really isn't a
virus at all, so maybe this can be answered by folks who know more about
such matters than I do!

Apparently the fast encryption method is indeed an XOR; other than that I
haven't had a chance to look over the code.  I am interested in the IDEA
implementation that KOH includes.

So, if you are interested in copies of the disassembly, let me know.  I had
one report that KOH locked up an 8088 PC from a tester (thanks!).

I'd try to post something intelligent about the code but I just haven't
looked at it enough to comment.

-----BEGIN PGP SIGNATURE-----
Version: 2.3a

iQCVAgUBLIV0DYOA7OpLWtYzAQFP0wP+KrWx2hlne9XRdwOi/3uL//6sy7Bus69U
ZvBD7OVUTa9NQEjwlSRlUHEQq/WKnPVZwGhqXLMyIXz6A+DaMTt1NgsQ/RnbHNT0
I9tDUYnSOMA84LRYPP14ZFW+1tWdPtLFI3mOumVr/RyEhz7PJnkKdFVPoCZYWZd9
a9n3yF6YKV0=
=X0M4
-----END PGP SIGNATURE-----
Karl L. Barrus: [email protected]         
keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5  3D F3 93 7E 81 B5 CC 32 

"One man's mnemonic is another man's cryptography" 
  - my compilers prof discussing file naming in public directories

Prev by Date: MISC: cut & choose
Next by Date: MISC: DH key xchange
Prev by thread: MISC: cut & choose
Next by thread: MISC: DH key xchange
Index(es):
- Date
- Thread