Msg : Prev 7 / 222 Next +8 9
1999-09-17 09:04:35

To  :

Subj:

preliminary C virus results (object code in infection)


OK. I've done it. I've infected a host executeable with compiled object code. 
At least I've gotten the new code to execute and leave the host code untouched 
(without running). Basically, I'm linking the object code manually and 
inserting the code into the host binary, patching the entry point to jump to 
main (from the parasite). I'll have to do a few hacks to get the original 
entry point jumped too again, but I thought it worth writing on. THIS COULD 
MEAN THE END OF PURE ASM VIRUS :) I'll post code once I've gotten everything 
working and cleaned up (its quite hacky - except for the linker code which 
was ripped off some previous project i wrote and was quite nice). I really 
see big things ahead from this result. C virus could be knocked up in an 
afternoon by beginners in pure C because there wont be a need to go to asm. 
I'll throw in some push/pop code to make sure the registers stay clean aswell 
i suppose. 

again. to reiterate, i infected host code without using asm parasite code but 
rather parasite code purely derived from c source (object code) :) 

hopefully, next time i post, i'll have a c virus written. 


Silvio 

VX Heavens - collection of viruses,sources and articles.
Нажми K для просмотра служебной информации
Пользовательского поиска