virus writing kit??
Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: virus writing kit??

  1. #1
    Banned
    Join Date
    Mar 2005
    Posts
    4

    virus writing kit??

    Alooo
    Do u know what is that virus writing kit? How is it looks like? A programme?
    Is that hard to get a free virus writing kit? have an idea how to get it?

    Thanx..
    ll_myr
    Share on Google+

  2. #2
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hmmm,

    Virus writing kits.........you should refer to them in your paper/essay as "virus generation toolkits" as that is more correct.

    They were around several years ago, but I have not seen one for a long time, and with good reason.

    The ones I have seen were quite sophisticated, with nice graphical user interfaces, help screens and instructions. For their intended purpose they are virtually useless:

    1. They take a lot of time to produce and test.
    2. They work to a pattern, which is easily detected by antivirus software.

    They are a bit like those oil paintings by numbers.........the outline is there, and the areas are numbered to tell you which colour to use. Well you can use what colours you like, but the picture remains the same

    You can use them to create "new" viruses for testing AV software, but any AV worthy of the name should spot it as a generic virus straight away. It is more a case that any product that fails is rubbish?

    I also suspect that some of them were produced with the deliberate intention of wiping out "script kiddies"...............even virus authors have a sort of perverted professional pride.

    If you want a good example look for the "Office 97 Poppy macro virus generation toolkit" by vicodinES (that's David L. Smith to you). He got about 3 years for writing the Melissa virus.

    Go to one of the template files (.dot, .xlt) and copy it as a .txt file. Open it in Wordpad and look at the metadata at the bottom

    You will see that the bozo used his own registered copy of Office 97

    DO NOT mess with this sort of stuff on:

    1. A machine that does not belong to you
    2. A machine that is connected to a network
    3. A machine that you share
    4. Your normal "production" machine.
    Share on Google+

  3. #3
    Junior Member
    Join Date
    Mar 2005
    Posts
    9
    tons of them at: library.2ya.com.

    They are a bit like those oil paintings by numbers.........the outline is there, and the areas are numbered to tell you which colour to use. Well you can use what colours you like, but the picture remains the same
    I don't recommend use of those readymade virus generators. A good AV like AntiVir detects them in a sec.

    -=Cheers=-
    .............._...... _.......__
    ./\\../.|..|.|...|...|_../\\..|_|
    /..\\/..|_| |_.|_ |_ /..\\ |\\
    Share on Google+

  4. #4
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Quite correct,

    As an academic exercise I have just downloaded 17 of these kits (DON'T ASK!) and my AV went spare just at the kits in zip format. Most of them are really hot news..........you need MS DOS v6.0 for them to run My point is that you detect these things by their template or "skeleton"...........now you can encrypt or polymorphose the content, but I have yet to see any of them that could change their basic framework.

    I also found this, which, if read in the right light more or less says it all?

    Hello! This is the first virus generator on the web. Do you want to have your own virus? Are you too lazy to learn assembler and write virus yourself? Are you afraid of downloading ms-dos virus generators? Never mind. I have created virus generator on the web for you. Just set virus parameters in your web browser and cgi-script on the server makes the virus for you. It's so easy. Then you can execute the virus on machine of somebody you don't like.


    Well I found that rather amusing in a sad sort of way. The epitome or definition of the script kiddie?



    And please, no-one ask for my sources...........

    Nuclear

    I liked your link, but I am afraid that it is "all Greek to me"
    Share on Google+

  5. #5
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    most virus writing programs like most 'couldn't even run a script kiddie' tools are back doored. and rightly so, if you want to be that stupid and you want to cause harm just to cause harm you deserve to be bubba's net bitch.

    its one thing to want to know how they work. most thinking people that get hit with one ask how. but you just come here asking the people that have to deal with them for a tool to create one.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
    Share on Google+

  6. #6
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hi Ted~

    If you are right, and I am wrong, (all possible of course ) then you think that this is a serious request for a malware generator? Other than for academic purposes.

    Hmmmmm............I did a test this morning, just to see what happened, these things are so out of date the AV went mad at all of them! I would have turned it off, but I thought that it was an interesting exercise in itself, particularly as they were compressed files?

    Most of them require a pure DOS environment, and probably won't work under Win2K or XP. I am not sure if they will go under DOS 5.0 on my 286 box either.

    I find it incredible that anyone would maliciously want such software, that will have a street life of no more than 7 days maximum, unless you manually mess with the code?.......then you would not use one because the pattern is a dead give-away?

    As I tried to explain to the OP, this stuff came and went in a very short period of time. It is nice to know that some sort of sanity prevails. Or you might take the opposite view and hope that only generator kits are used, in which case life would be that much simpler?

    OH Well, I don't really care to be honest

    Cheers
    Share on Google+

  7. #7
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    Hi nihil! I agree with you... I could be wrong and you could be right and I thought about that before I posted.

    I think that most honest people truly doing research or just wanting to know would go out of their way not to appear as some malicious kid no matter how little they knew of the english language and I’ve defended a few here. With only one post on this board I tend to think that his question can be found on a few “security” boards. S/he obviously hasn’t been lurking here or this question would not have been asked at least not like it was.

    Whether the code in one of these templates can be altered, morphed and packed enough to evade virus scanners is not something I would know as I have no desire to create a virus but it’s really quite irrelevant. It’s the intent of the question and where this kid is heading I’m concerned with.

    It’s the people who are ignorant as to how bad the internet can be that become affected with this kind of thing. Those that don’t know yet how important it is to keep sigs up to date or don’t even realize how important AV scanners are…. innocent people, known to those with just a little bit of knowledge as the stupid.

    I can’t comprehend why kids drop rocks off of highway overpasses, desecrate churches and graves, tie cat’s tails together and throw them over a wire and worse. But there are allot of them out there and I’ve known a few as I’m sure many of us have, but I’m not going to help them accomplish their dirty deeds no matter what they may be except to say ‘don’t do it’, express my disdain for the whole thing and do everything I can to prevent it from happening. We’re not talking about white hat hackers here. We’re talking about someone wanting to propagate a virus...at least IMO.

    Man, i sound like a hard-ass and you still could be right! Sometimes i think I've forgotten what it feels like to mellow.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
    Share on Google+

  8. #8
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hi Ted~

    Man, i sound like a hard-ass and you still could be right! Sometimes i think I've forgotten what it feels like to mellow.
    Try a bottle of "Taylor's Late Bottled Vintage Port"..............it works for me

    I ran my tests on a Win2K box that I had just updated. The AV is 27 months out of date and still recognised all my samples as malware.

    Even a total retard newbie skiddie shouild know that the stuff is useless?

    Share on Google+

  9. #9
    Banned
    Join Date
    Mar 2005
    Posts
    4
    Hi Ted, this is for my paper ok, I've no intention to make a virus.
    But thanx for all ur comment n for nihil n nuClear that give me d link..

    Thanx...
    ll_myr
    Share on Google+

  10. #10
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Well young friend,

    You proved me right by responding? If you need some help with your paper, please ask, and we will do our best

    What is the title, and have you made a schema (outline) for it yet?

    Oh, by the way, if you download any of those tools, be very careful!!!! you will have to turn off your AV to get them to work, which means that they can kill you...........imagine that you are handling a spectacled cobra?

    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •