Programming Forums > Application Development > Assembly

Christian_Rosenkreuz_777 · Mar 9th, 2005, 4:17 PM

I was wondering what your thoughts are on Computer Viruses. Contrary to popular belief, most virus-writers aren't technopaths. But what do you think of their future? I'm pretty adept at writing DOS viruses, but Windows NT is a new jungle, and who uses DOS programs these days? It seems the only succesful viruses are Macro viruses, which any Visual BASIC programmer can write (their written with the Microsoft Word/Excel scripting language, thus they spread through documents). It seems the only delivery system is a Trojan Horse. I do some programs in C, so I suppose you could write a game or whatever, and add in some assembler instructions enbedded in the C code. The source code virus is also underrated, but you need someone on the inside to deliver them. What do you guys think about this touchy subject? Have you written any viruses? If so, what kind?

Mad_guy · Mar 9th, 2005, 4:48 PM

Personally, most of the Virii you see these days are lame or are written by sluts who use others' exploits.

MyDoom for example, is just a lameass DoS attack mailer worm, while worms like Code Red who exploit really cool vulnerabilities, In CRs case, Buffer Overflows, while cool, sluttly use exploits already discovered.

As for NT systems, there are tons of them still. It's different, but still essentially the same for most things depending on what the worm or virus is doing.

People these days like the graphical interface, that's why there's now Malware.

The days of original Viruses and worms that were not only original but coded by people who knew what they were doing are gone. These days it's just 90% stupid-ass Visual BASIC keyloggers and fucking retarded DoS worms, not even to mention the fuckers who use the exploits of others to drive their virus and are what make it work.

Cipher · Mar 9th, 2005, 5:52 PM

I just got keylogged by Havok who used Blazing Tools Perfect Keylogger, he sent it to me hidden as something else, very crafty, perfect?, no. It has to be activated via clicking the exe.

Mad_guy · Mar 9th, 2005, 6:15 PM

Quote:

Originally Posted by Cipher

I just got keylogged by Havok who used Blazing Tools Perfect Keylogger, he sent it to me hidden as something else, very crafty, perfect?, no. It has to be activated via clicking the exe.

Lame. If you're going to keylog someone, make your own damn logger.

Infinite Recursion · Mar 9th, 2005, 10:26 PM

Cipher... why would you execute a file from someone who you are "at words with"?

Xero · Mar 10th, 2005, 12:05 AM

Quote:

Originally Posted by Infinite Recursion

Cipher... why would you execute a file from someone who you are "at words with"?

I'm guess Havok is probably his friend since they're neighbors. Its probably all just a childs game where you hate your friend one day and like him the next.

Either that, or Cipher's one of those guys who clicks everything he sees, just to find out whats inside. Curiousity gets us all.

Cipher · Mar 10th, 2005, 3:08 PM

No this was before we got into a fight. I used to be his friend. We are neighbors. He sent me it and I delted it later. He decived me. Then we got into the fight and now I definitly won't accept anything from him ever again.

Christian_Rosenkreuz_777 · Mar 10th, 2005, 4:20 PM

I know kids who nuke the school with Macro Viruses, but they're mostly lamers and wanna-be-hackers. I do have an idea, just in case we have another republican president (as it would target gov computers speciffically). With the new Windows operating systems coming out, and 64-bit computers coming probably within the decade, computers will be extraordinarilly fast, and will probably have massive storage capacity. The sad truth is, most computer users only use like 10 Gbytes if that of space on their comupters. In Ye Olde Dayes, viruses couldn't be too virulent, because the user (even the thickest dunce) would notice their programs were taking three times as long to load. With these fast computers, you can write huge viruses (as far as viruses go, that is), and most users wouldn't give it a second thought. I'm experimenting with evolving viruses, a la Mark Ludwig. Most of my viruses are unscannable by the fifth generation or so, and my best virus is at a good twenty-five generations since the kernel virus. How it works is you write a virus (preferrably one which dosen't jump directories so you can test it) which evolves. Not polymorphic, as that just hides its encryption sequence, but it actually adds and replaces random bytes within the program. I'm currently using the Darwinian Mutation Engine, though I've optimized it a bit and added some other features. I also used Dark Avenger's polymorphic engine to hide the encryption sequence (though the base sequence is extremely complicated: it's something like the sine of the ASCII code plus it's tangent divided by 3.324 plus 4 rounded up). Then I evolve it against a buttload of anti-virus software until it becomes unscannable. To get back to my good idea, it would work by scanning the program it infects via simple Heuristic Analysis, searching for code common in anti-virus programs. If it's anti-virus, it infects it. Thus an anti-virus scan will simply infect your computer further. It will overwrite COM files, thus disabling most DOS commands (just in case we have a DOS nerd on our hands). It infects both Windows and DOS .exes by inserting its code at the bottom of the program. It's type is a memory resident boot-sector virus, and every time your computer starts up it will have overwritten your logo.sys/io.sys files with a program that displays "YOU HAVE BEEN INFECTED!!! BE AFRAID!!! BE VERY AFRAID!!!" (I haven't coded that yet. Anyone know how to code pictures in asm?). The payload (besides the annoying message) is based on a Bulgarian virus I read about (I forget what it was called . . . it was pre-Dark Avenger), and it overwrites/corrupts a random sector of your hard drive when executed. That way your computer dies a slow, wasting death.

It's still very much in development. I'm going to take the code of my 25th-generation virus, so it's unscannable, then add in the extras. I've already started the memory-resident/boot-sector infection mechanism and the Heuristic analysis, but that could take quite a while. The payloads and such I've already programmed in my other viruses, so it should be pretty simple, besides the scanner aspect. The method of distribution would be a bit tricky. I live in Charlottesville, home of UVA. It's computers are known for being well-guarded, so I suppose I'd release it on there, and if it made it past those defences it would probably be fit for the wild. I need to think of a more creative way to spread it besides the traditional email viruses. Maybe I could nuke a major software companie's computers with a source code virus capable of inserting the code of my kewl virus. My friend Malachi is rather adept at hacking, but I wish there was a safer method of distribution.

Ooble · Mar 10th, 2005, 5:38 PM

Mind splitting that up a little?

Cipher · Mar 10th, 2005, 6:10 PM

I didn't understand half the words used in that...

WTF is a Darwinan Mutation Engine?!

Mar 9th, 2005, 4:17 PM	#1
Christian_Rosenkreuz_777 Newbie Join Date: Feb 2005 Location: Charlottesville, VA (rated #1 place to live) Posts: 25 Rep Power: 0	Computer Viruses: Their Future and Nature I was wondering what your thoughts are on Computer Viruses. Contrary to popular belief, most virus-writers aren't technopaths. But what do you think of their future? I'm pretty adept at writing DOS viruses, but Windows NT is a new jungle, and who uses DOS programs these days? It seems the only succesful viruses are Macro viruses, which any Visual BASIC programmer can write (their written with the Microsoft Word/Excel scripting language, thus they spread through documents). It seems the only delivery system is a Trojan Horse. I do some programs in C, so I suppose you could write a game or whatever, and add in some assembler instructions enbedded in the C code. The source code virus is also underrated, but you need someone on the inside to deliver them. What do you guys think about this touchy subject? Have you written any viruses? If so, what kind? __________________ Cavear Emptor

Mar 9th, 2005, 5:52 PM	#3
Cipher Hobbyist Programmer Join Date: Feb 2005 Location: /home/cipher Posts: 123 Rep Power: 4	I just got keylogged by Havok who used Blazing Tools Perfect Keylogger, he sent it to me hidden as something else, very crafty, perfect?, no. It has to be activated via clicking the exe. __________________ And there was much rejoicing... Yay....

Mar 9th, 2005, 10:26 PM	#5
Infinite Recursion Programming Guru Join Date: Jul 2004 Location: United States Posts: 3,467 Rep Power: 8	Cipher... why would you execute a file from someone who you are "at words with"? __________________ http://jasonpowers.net "There are a thousand hacking at the branches of evil to one who is striking at the root."

Mar 10th, 2005, 3:08 PM	#7
Cipher Hobbyist Programmer Join Date: Feb 2005 Location: /home/cipher Posts: 123 Rep Power: 4	No this was before we got into a fight. I used to be his friend. We are neighbors. He sent me it and I delted it later. He decived me. Then we got into the fight and now I definitly won't accept anything from him ever again. __________________ And there was much rejoicing... Yay....

Mar 10th, 2005, 4:20 PM	#8
Christian_Rosenkreuz_777 Newbie Join Date: Feb 2005 Location: Charlottesville, VA (rated #1 place to live) Posts: 25 Rep Power: 0	I know kids who nuke the school with Macro Viruses, but they're mostly lamers and wanna-be-hackers. I do have an idea, just in case we have another republican president (as it would target gov computers speciffically). With the new Windows operating systems coming out, and 64-bit computers coming probably within the decade, computers will be extraordinarilly fast, and will probably have massive storage capacity. The sad truth is, most computer users only use like 10 Gbytes if that of space on their comupters. In Ye Olde Dayes, viruses couldn't be too virulent, because the user (even the thickest dunce) would notice their programs were taking three times as long to load. With these fast computers, you can write huge viruses (as far as viruses go, that is), and most users wouldn't give it a second thought. I'm experimenting with evolving viruses, a la Mark Ludwig. Most of my viruses are unscannable by the fifth generation or so, and my best virus is at a good twenty-five generations since the kernel virus. How it works is you write a virus (preferrably one which dosen't jump directories so you can test it) which evolves. Not polymorphic, as that just hides its encryption sequence, but it actually adds and replaces random bytes within the program. I'm currently using the Darwinian Mutation Engine, though I've optimized it a bit and added some other features. I also used Dark Avenger's polymorphic engine to hide the encryption sequence (though the base sequence is extremely complicated: it's something like the sine of the ASCII code plus it's tangent divided by 3.324 plus 4 rounded up). Then I evolve it against a buttload of anti-virus software until it becomes unscannable. To get back to my good idea, it would work by scanning the program it infects via simple Heuristic Analysis, searching for code common in anti-virus programs. If it's anti-virus, it infects it. Thus an anti-virus scan will simply infect your computer further. It will overwrite COM files, thus disabling most DOS commands (just in case we have a DOS nerd on our hands). It infects both Windows and DOS .exes by inserting its code at the bottom of the program. It's type is a memory resident boot-sector virus, and every time your computer starts up it will have overwritten your logo.sys/io.sys files with a program that displays "YOU HAVE BEEN INFECTED!!! BE AFRAID!!! BE VERY AFRAID!!!" (I haven't coded that yet. Anyone know how to code pictures in asm?). The payload (besides the annoying message) is based on a Bulgarian virus I read about (I forget what it was called . . . it was pre-Dark Avenger), and it overwrites/corrupts a random sector of your hard drive when executed. That way your computer dies a slow, wasting death. It's still very much in development. I'm going to take the code of my 25th-generation virus, so it's unscannable, then add in the extras. I've already started the memory-resident/boot-sector infection mechanism and the Heuristic analysis, but that could take quite a while. The payloads and such I've already programmed in my other viruses, so it should be pretty simple, besides the scanner aspect. The method of distribution would be a bit tricky. I live in Charlottesville, home of UVA. It's computers are known for being well-guarded, so I suppose I'd release it on there, and if it made it past those defences it would probably be fit for the wild. I need to think of a more creative way to spread it besides the traditional email viruses. Maybe I could nuke a major software companie's computers with a source code virus capable of inserting the code of my kewl virus. My friend Malachi is rather adept at hacking, but I wish there was a safer method of distribution. __________________ Cavear Emptor

Mar 9th, 2005, 4:48 PM	#2
Mad_guy Hobbyist Programmer Join Date: Oct 2004 Location: Sandstorm, Techno Club Posts: 239 Rep Power: 4	Personally, most of the Virii you see these days are lame or are written by sluts who use others' exploits. MyDoom for example, is just a lameass DoS attack mailer worm, while worms like Code Red who exploit really cool vulnerabilities, In CRs case, Buffer Overflows, while cool, sluttly use exploits already discovered. As for NT systems, there are tons of them still. It's different, but still essentially the same for most things depending on what the worm or virus is doing. People these days like the graphical interface, that's why there's now Malware. The days of original Viruses and worms that were not only original but coded by people who knew what they were doing are gone. These days it's just 90% stupid-ass Visual BASIC keyloggers and fucking retarded DoS worms, not even to mention the fuckers who use the exploits of others to drive their virus and are what make it work.

Mar 10th, 2005, 5:38 PM	#9
Ooble I eat cake for breakfast. Join Date: Jul 2004 Location: In my box. Posts: 4,434 Rep Power: 9	Mind splitting that up a little? __________________ Me :: You :: Them

Mar 10th, 2005, 6:10 PM	#10
Cipher Hobbyist Programmer Join Date: Feb 2005 Location: /home/cipher Posts: 123 Rep Power: 4	I didn't understand half the words used in that... WTF is a Darwinan Mutation Engine?! __________________ And there was much rejoicing... Yay....

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Programming Forums > Application Development > Assembly

Computer Viruses: Their Future and Nature