Virus Creation Lab

[instronics]

Why isnt this thread in the tech humour section ? Its always nice to have a good laugh

[Noia]

hehehe....

Personaly though...I'd love to get my hands on some Stealth or poly-morphic code....always wonder how da hell they work...still....a Virul lab isn't gona be able to make any thing a half decent AV can't pick up....companire like McAfee and Norton pick those things apart and make sure they search for hard-coded string....thus..no matter what you pick...the Virus will still be picked up :P

hmm...

*Waits for Negative.. *

- Noia

[alittlebitnumb]

Personaly though...I'd love to get my hands on some Stealth or poly-morphic code

Here is the expanation of the MtE Polymorphiuc Engine: http://www.avp.ch/avpve/poly-gen/mte.stm :

MtE (MuTation Engine) is the first known polymorphic generator. It was released in 1991 and shocked the anti-virus researches by its very difficult (for 1991) polymorphic algorithm. Into the decryption part of a virus the operations SUB, ADD, XOR, ROR, ROL can be present in any times and any order. The code which loads a key and another values of a cipher consists also from random number of assembler instructions (ADD, SUB, TEST, XOR, OR, SHR, SHL, ROR, MOV, XCHG, JNZ, PUSH, POP ... - more than 1/2 of i86 instructions) with some addressing modes.
These MtE-based viruses contain the string:

MtE 0.90

The engine was created by Dark Avenger, and the source code is well commented and documented for the would be virus maker. The source code is attached in plain text which in itself is totally harmless. PLEASE DO NOT COMPILE THIS SOURCE UNLESS YOU ARE IN STRICT TESTING CONDITIONS. WHILE AV WILL PICK IT UP, IT CAN STILL HARM YOUR COMPUTER IF YOU DO NOT KNOW WHAT YOU ARE DOING. YOU HAVE BEEN WARNED.

On this site, you can find Zines by 40hex that go into specific detail covering different aspects of virii. It's old school, but very interesting and educational. To this day, I wonder how AV researchers keep up with all of it....