|
Why people write viruses
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
============================================================================
Why Write Viruses??
============================================================================
Many people wonder why people bother to make virus's. In this following
artical written by me I think you should be able to find out why for
yourself. Also those experienced with writting virus's should be able to get
some valuable tips for your future projects.
Most virus's you see today are made for one of two reason. Other to prove
a point to the world that you or your group are capable of writing virus's
or to get revenge on someone. On the first part, most virus's don't really
do much, some will cuase guru's, some will write stuff to the screen, and
some will kill certain areas of the disk. These are pretty well harmless,
recoverable and killable with virus checkers.
The Revenge virus is made to literally get even with someone that has done
you wrong. And in most cases it will simply format everything (Twice so
that all data is unrecoverable). Some will even change or erase certain
files on a system in such a way to benifit it's creator (Ie: increase
cheques or kill records). In any case, you can see that these go far beyond
the methods used by regular virus's seen today.
The very advanced programmer (always an ASM programmer) can and should
write virus's that give him power. Virus's themselves are pretty well easy
to make. If lets say one gets onto a communication system such as BCtel or
a public bulleting board system. As long as the virus runs on the machine
and the programmer has made the virus to work correctly, the programmer
could call up connect then type in an ASC password to activate his virus.
Once the virus (already in memory of the host machine) has been fed the
correct password it will wait for commands. The commands are whatever you
have specified the virus to do. Ie: steal files, increase access, view
accounts (To steal passwords) etc etc.
Even more advanced is to make a small compiler virus that works exactly
the same as the communications virus that I just mentioned in the last
paragraph. With one major exception, once you enter your ASC password, the
virus waits for you to upload you program that will be run right after the
communication transfer has finished. Since all modem have masks which mask
out unwanted character, you will never be able to upload straight machine
langauge. Instead, you upload ASC letters and numbers used to represent
machine langauge. Then once the data (program) has been sent, the virus
translates it into Machine langauge and jumps to the start of it to begin
executing the code that you just uploaded. This kind of virus gives you
total power. But as I said before, you MUST know your virus inside and out,
know how to program inside and out and know what you are
attacking/conqouring inside and out. Why you want to do this is so that
you can find out what machine it has installed itself on (ie:BCtel, BBS)
and then find out what type of machine and DOS it has, then thouroughly plan
your attack before you write the machine code. Once its done you simply call
up the host, punch in your virus password and upload the program you have
designed.
Now you are probably saying that if you write a virus there will be a
virus checker for it available sooner or later. Depends on how smart you
are, the best virus's are invisible ones. Here is how you make it invisible.
There are three things to take into consideration when making a virus
invisible. 1:Do not allow its code to be overwritten 2:Do not let its code
be accessed in any way shape or form 3:When 1 or 2 happens check memory and
then move the virus. ok, one and two are simple: all you do is check the PC
(program counter) and then search the next couple of lines to see if you
virus is going to be accessed), done with CMP's. The second one is a little
more difficult becasue your entire virus must become VARIABLE. You must
check mmory to find a NEW place that can hold your virus. Next you must move
you virus there and reroute all control to that new location.
Why make a virus invisible, well if it runs and hides everytime you try to
access it with software or other stuff, it will be impossible to kill it
becuase everytime you try to access it it will run away. The only real way
to kill a virus like this is with a hardware monitor being run by someone
who knows what they are looking for. Real nasty eh? But very effective if
you want to maintain control.
Future virus's. Most chip code is written on a computer, compiled and
then burnt into proms/eproms/etc. If say by chance someone knew what they
were doing, they could write a virus for the computer that would tag
preassembled chip code onto anything that gets compiled by the chip
compiler. In doing this their code get written to the chip along with your
virus generated code. This process is used and is most difficult unless you
know what you are doing but is most effective in controlling HARDWARE, such
as cash registers, video games, VCR's etc etc. Here are a few examples. Say
your virus managed to tag code for a cash register. Your virus code is made
to scan all input for the sequence 3412092392102. You walk into a bank
machine and simply press all those numbers (ignoring errors and whatever)
and all of a sudden. POW, your virus code starts executing. Pretty neat eh?
they have been using this technique in arcade video games for years to give
you unlimited lives and to get to the options screens by using joystick
movements. Another thing you could do is set it up again for input but for
cash input, say $1.99 $1.98 $1.97, once somebody goes into a store and buys
the correct number of prices in the correct order your virus begins, say it
takes of 50% of the total price or simply misses some of the items you buy
after the correct virus code has been established. Again you must know what
you are attacking/conqouring when writing a virus, as you can see virus's
EQUAL power.
The most overused virus I have encountered is the one that tags itself to
the bootblock. If it is a small enuf virus it can even fit on the bootblock.
Why the bootblock, becuase no matter what, that is the first thing executed
on the disk, even before virus checkers. Now, say you virus is a big fucker.
well you could use a trick that most priates use when they throw a demo or
trainer onto a game disk, simply write you virus onto the disk in a free
area (have a block check to make sure it doesn't overwrite anything), then
rewrite the bootblock so that it accesses the blocks that you have just
written your virus to. Once your virus has loaded, simply go to the spot on
the disk where the original bootblock was suppose to go and continue
executing the disk. This method is like a simple insert, you simply insert
your virus inbetween the bootblock and the original first run program.
Tag virus's are nasty, and most effective. These work simular to the
bootblock/firstrun program insert virus. With one exception they work on
files rather than the disk themselves. The change the executable file in
such a way so that when it loads the very first line jumps to the end of the
original file to the virus, runs it, and goes back to the original file
program. So knowing this you know know that you must change the first line
of the file and then tag your virus onto the end of it. This is very basic
and if you are smart enuf, you should be able to insert you virus anywhere
withing an executable file.
Once you have a virus loaded you are probably trying to figure out how
to keep it running while the original program loads executes and exits. This
has got to be the simplest. The machine has what is called exceptions. Read
about them thouroughly. These exceptions are like small multitasking
programs in themself. Each execption has an address to the code which it
should execute all the time. you simply change this address to the start of
your virus code located in memory. In doing this your virus will continue to
run until the exception is given another address to execute. Don't worry
though, most programmers are good programmers and they always restore what
they change, meaning eventually they will stop using their execption and
restore it back to its orignal form being your virus. Again, invisibility is
most important, a virus that runs before it is accessed by any external
force if one that runs forever.
If by chance you have a password activated virus and want it to do its
operations forever (perhaps a revenge virus) have your virus check the
system battery backed up clock. When you first log on and enter the password
have your virus write to the system clock, there is will be stored,
(bbattery backed up too) and then everytime the virus is run (this must be
programmed before hand) have it check the system clock for the virus
password. if it is there have the virus do whatever its suppose to do.
That's how you use the system clock to your advantage.
Anyways, that's my short hour spew on virus's. I may or may not make
another one with more detail, perhaps even some source code depending on
what the demand for it is like. As far as all of you computerites scared of
what I just finished writing, well it serves you fucking well right. You
can't go around replacing people with machines, look at all the thousands
starving, loosing there lives becuase of replacement. Stupid fools,
never let TOYS run your system because TOYS can be b/roken. And ______ has
just pointed everyone in the world in the right direction. Have fun cleaning
it all up assholes.
If you want to learn more about making virus's you will first have to
find me, then ask, then lay some cash on me (or wench or alcohol),
and I'll tell ya what you need to know. Happy Hacking.
|
|
