[RandomlyKnighted]

I have never written a malware program. I have however thought about the way it could be done differently.

In reference to the debate that was going on for a couple of pages, for MOST Windows viruses, wouldn't encrypting the System32 folder keep viruses from spreading since the usually attack the dlls in that folder?

Also in reference to the mention of how Macs and Linux computers do not get viruses. There is currently 3 malware viruses out for Mac OS X. People have already found out how to fix and remove them, but nonetheless there are viruses for it. Although to my knowledge there is not a viruses for Linux.

[Sergio Tapia]

One of the more common Linux 'viruses' is a tar bomb, or a fork bomb. Imagine a rar that continually expands and expands and expands...

[no2pencil]

I've removed an irc bot/virus used for DDOS from a Linux server. They exist, they are just quiet, efficient & those infected don't usually know it.

[modi123_1]

Sergio Tapia, on 08 March 2011 - 04:53 PM, said:

One of the more common Linux 'viruses' is a tar bomb, or a fork bomb. Imagine a rar that continually expands and expands and expands...

Hey now that sounds like my mother in law! Zing! Kakow!

[AdamSpeight2008]

http://en.wikipedia....i/Linux_malware

[DillonSalsman]

darek9576, on 08 March 2011 - 01:23 PM, said:

I do not want to create a malware software and do not intend to PM people who managed to do it. I am a Java programmer so there is no way i can write a keylogger in Java which is high lever.

A while ago I was trying to write a card counting Java program that allowed input without focus. Aka you play your blackjack game, evaluate the cards and press the count up/down button as needed and press a reset button when the deck or shoe gets shuffled.
The solution I found was some C++ hook or something like that, but its not impossible. >.>

I'm not sure how I feel about the atmosphere of this thread..

[xtfresh]

no2pencil, on 08 March 2011 - 02:27 PM, said:

AdamSpeight2008, on 08 March 2011 - 04:22 PM, said:

I've written a virus (Self replicating Program) (not on windows).

ONLY WINDOWS CAN GET VIRUSES ZOMG OH-NOEZ! MAC OSX & UBUTNU ARE VIRUS PROOOOOF!!! *head explodes*

thats exaclty what i was thinking reading that. To answer op's question, no i haven't yet as I am still learning Java (AP CS course) but i think its a fascinating topic.

[atraub]

Fine, I'll man-up and be the first to say it, YES!!! I have written a piece of malware! Project Viper was a simplistic program built upon Python and designed to run on Linux. Why'd I make it? Just to screw with my roommate a little. Did I ever distribute it? Yeah, I put it on my roommate's computer! A day or two later, I gave him the cure. I'm not ashamed of it nor am I a monster for having done it! It was an interesting project and I had fun doing it!

I never implemented any means to spread the program past his computer, so it was completely benign. I assure you, I'm not going to form a botnet and sell it to hackers; I'm just a regular guy who got bored 1 afternoon.

Why are so many of you so uptight? There's no danger in discussing this out loud.

This post has been edited by atraub: 09 March 2011 - 07:24 AM

[xclite]

You aren't the first, but yay for responding

[marinus]

I actually written one , i wanted to delete a stupid application on my pc , only the exe file . So I said why dont i tryh to write a virus

it was for fun . It read the processes and tried to find them and delete them. After and hour it detected a new process . Then detect if process is stopped if it stopped do File.Delete();

Im not gonna tell you how exactly but it worked in a weird way.

This post has been edited by marinus: 08 March 2011 - 11:35 PM

[Aphex19]

darek9576, on 08 March 2011 - 11:38 AM, said:

As the title states basically. Have you ever written a malicious software? If yes, what was it? Did it actually run? Why did you do it ? If not, have you tried, and if you had to stop what caused it?

I am asking out of pure curiosity. I know DIC does not support help in these areas but i am not asking about code but more about experience.

I think, writing e.g. a keylogger program is an awesome way to challenge yourself to write a cool application (I know that there are million of cool application a person can produce but after you wrote it, you might not use it but it may make you aware of the stuff that are there on the net, etc.).

Thanks in advance for answers.

I have written a program that overwrites your boot-sector on your hard disk, however, I did not do this maliciously, nor will I ever do it maliciously. I did it just to see what Windows will allow you to do, and to my surprise, the code needed to cripple an operating system is nothing more than 20 lines of code. I ran it on a virtual machine and even though it must be ran as administrator, it does overwrite the boot-sector.

I am aware that newer OS's have the option to fix any problems with the boot-sector given the OEM disk, but if this was XP or earlier, it's gonna be pretty difficult to restore without alot of hassle.

What's even more surprising is that this program was not detected by AVG, probably the most popular anti-virus. It just shows that Windows is very much vulnerable.

This post has been edited by Aphex19: 09 March 2011 - 03:28 AM

[codeprada]

Just for the fun of this thread. i wrote scripts that did a bunch of things. I remember i had one that i used on my flash drive that stole personal images from a victim's computer with the autorun feature (word of advise...disable it). quick a nifty script. I wrote a simple keylogger using the low level keyboard hook, a DLL that'll log all packets of a program when injected. The Win32 API is very useful when it comes to making malicious code (for windows that is).

[raziel_]

On the original question: I dont rly write viruses not that i cant think a way to fuck someones PC up. However i did write a spam bot for Skype to joke with a friend of mine and this get me writing a MOD for skype that i keep working on. Oh and maybe several SQL injections that i test my programs against but i guess that dose not count

This post has been edited by NoBrain: 09 March 2011 - 06:14 AM

[Aphex19]

codeprada, on 09 March 2011 - 05:38 AM, said:

The Win32 API is very useful when it comes to making malicious code (for windows that is).

You're not kidding, the Windows API has functions that almost seemed designed for malicious use, such as SetWindowsHook, which by default is capable of injecting a new callback procedure into every single process running on the system. However, this is probably just my perception, this function has legitimate uses.

Microsoft also released a library called detours which allows you to easily inject code into a process, detours does this by placing a JMP instruction at the start of an arbitrary function which jumps to the code that detours injects for you, from a user written DLL. This hooking technique is often used to hook DirectX or WinSock functions (for example).

Microsoft are their own worst enemy, I think.

This post has been edited by Aphex19: 09 March 2011 - 07:24 AM

[Creecher]

I've written a keylogger in C++, just to see if I could, and it never went beyond sending the keys to a text file. It was a simple console program that ran in the background and was never picked up by my AV software.


If there where safer ways to look at malicious softwares, I'd love to know how they work, some of them are quite ingenious.