First family of Windows Vista viruses unleashed

First family of Windows Vista viruses unleashed

An Austrian hacker earned the dubious distinction of writing what are thought to be the first known viruses for Microsoft's Windows Vista operating system. Written in July, the viruses take advantage of a new command shell, code-named Monad, that is included in the Windows Vista beta code.

The viruses were published last month in a virus-writing tutorial written for an underground hacker group calling itself the Ready Ranger Liberation Front, and take advantage of security vulnerabilities in the new command shell. Unlike the traditional Windows graphical user interface, which relies heavily on the mouse for navigation, command shells allow users to use powerful text-based commands, much like Windows' predecessor, DOS.

The viruses were written by a hacker calling himself "Second Part To Hell," and published on July 21, just days after Monad was publicly released by Microsoft, according to Mikko Hyppönen, chief research officer with Helsinki's F-Secure Corp. Second Part To Hell is the pseudonym of an Austrian-based hacker who also goes by the name Mario, Hyppönen said.

Because of its sophistication, the new command shell offers new opportunities for hackers, Second Part To Hell wrote in the tutorial, a copy of which was obtained by the IDG News Service. "Monad will be like Linux's (Overview, Articles, Company) BASH (Bourne Again Shell) -- that means a great number of commands and functions," he wrote. "We will be able to make as huge and complex scripts as we do in Linux."

read the rest here:
http://www.infoworld.com/article/05/...viruses_1.html

Looks like, everyone is turning pro these days. They can't bear to get other person credit of being better in whatever they do. :-)

Looks like Monad may not be included in Vista

Quote:

---

Until fairly recently, Microsoft was widely expected to make Monad part of the next version of Windows. But Microsoft decided earlier this year not to include Monad in either the Windows Vista client, due to ship in 2006, or Longhorn Server, due to ship in 2007. Microsoft officials have not elaborated on the reasons for the decision to cut Monad from the next releases of Windows.

---

From
http://www.eweek.com/article2/0,1895...05dtx1k0000599

MLF

Noooooo!! Neeeeed a good shell in windows! Can't keep living with CMD!

Its typical, just plain typical.

this is why I installed linux on my laptop yesterday lol.

Oh, there will be a shell, don't fret. That Monad just ain't gonna be it.

That "hacker" had been working in an old beta, and Monad isn't installed by default, and may not be included, in the current release, according to what I've read.

Why does Windows need a shell?

I really don't see what value this would add at all, two ways to do everything? Why? Shells are a throwback to the days of 64k of memory and bit-slice processors and they serve no point beyond allowing people to operate their system differently than their grandmother (which in turn must make them cooler). Seriously, when I just bought a new 3.2GHz system with 512MB of ram for less than $300, why on earth should I care about a little wasted resources (especially since this was an upgrade from a 400MHz system)

I do find it amusing that so many "hackers" are so anti-progress in this way, is it because all the old hacker manifestos from the 80's drone on endlessly about shells (and telnet)? This whole endeavor my MS seems just a way to sucker back Linux kiddies.

I know, I know all the great things you can do with shell scripts... you can do them all now anyhow enforcing various suites of configurations through the domain policy. Scheduling software updates, scheduling other tasks like back-ups. Parsing logs, triggered events, etc...

What if you just really, really need to write a script? Use Windows Shell Script... actually no don't use that, use Active Perl.

At the end of the day, a new Windows shell adds no value. It is antagonistic to the Windows design philosophy and creates new paths of attack that fall outside the scope of normal users and consequently are less likely to be configured in a secure manner. Ok, I'm done bitching.

cheers,

catch

::Why does Windows need a shell?


Well, I guess it depends on your point of view. I am a 1st gen DOS user, upgrading ( after MANY years of fighting against it ) to the Windows environment. While I enjoy Windows XPHE now, I must admit that I sort of miss being able to code and work in a DOS like mode. Most of my older work was done in anti-virus coding: disassembling virus code, marking the jumps and what it did - and I could do that MUCH better in a DOS mode rather than windows


::I really don't see what value this would add at all, two ways to do everything? Why?
::Shells are a throwback to the days of 64k of memory and bit-slice processors and they
::serve no point beyond allowing people to operate their system differently than
::their grandmother (which in turn must make them cooler). Seriously, when I just bought
::a new 3.2GHz system with 512MB of ram for less than $300, why on earth should I
::care about a little wasted resources (especially since this was an upgrade from a
::400MHz system)



Hmmm... wasted resources. I hate to list the wasted resources I currently have with XP when I compare it to 98se. While 98se WAS a bit of a pisser to work with ( and considering that soon MS would no longer support it ) it still allowed me to do certain things that I cannot do in XP. For example... Lately I have had a rogue program running on my system. In 98se I could have simple started in DOS safe mode and deleted the file, then edited the registry to remove any mention of it or related files. In XP I can't do that. Load Safe Mode and I am still in windows XP with all drivers and files loaded. And while NTSF file system might save me a bit of space and be a bit more secure, I find it impossible to see the drive if I use an emergency boot disk that might allow me to delete that rogue file.

::I do find it amusing that so many "hackers" are so anti-progress in this way, is it because
::all the old hacker manifestos from the 80's drone on endlessly about shells
::(and telnet)? This whole endeavor my MS seems just a way to sucker back Linux kiddies.


Not anti-progress so much as wanting to be in complete control of our systems, which we are not with windows XP. And yes I have had my fair share of "Hacks" and "Busts." Buit who I am now is a long way away from who I used to be and what I do not is a lot different.


::I know, I know all the great things you can do with shell scripts... you can do them all
::now anyhow enforcing various suites of configurations through the domain
::policy. Scheduling software updates, scheduling other tasks like back-ups. Parsing
::logs, triggered events, etc...


Again, it comes down to being in COMPLETE control of my system. Letting it do what I want it to do, NOT what some other person thinks is best for me.

::What if you just really, really need to write a script? Use Windows Shell Script... actually
::no don't use that, use Active Perl.

::At the end of the day, a new Windows shell adds no value. It is antagonistic to the
::Windows design philosophy and creates new paths of attack that fall outside the scope
::of normal users and consequently are less likely to be configured in a secure manner.
::Ok, I'm done bitching.

::cheers,

::catch


What if we LIKE doing things the old way or the "harder" way? Does that make us any worse or wrong? No. It is just how we like doing things. I admit that I am still learning about Windows XP, but I have to admit that under 98se I had fewer problems with spyware or viruses than I've had with XP. As for Security and being more or less secure depending on wether there is a new Windows shell or command mode: Well, if you are going to take the responsibility of OWNING a computer, then take the responsibility of learning to make it secure under ANY circumstances ( which is why I am here at AO in the first place )

Sorry if this was rather long but at least I had my say

Carenath

I am sorry carenath, but I feel very little of your post is accurate (the parts based on fact anyhow, most is opinion which is perfectly respectable.)

Quote:

---

Most of my older work was done in anti-virus coding: disassembling virus code, marking the jumps and what it did - and I could do that MUCH better in a DOS mode rather than windows

---

I don't see how doing this via a shell or a GUI makes a difference... you're not using the shell or the GUI, you're using the application (whatever app you choose that is). All a shell provides is a text based user environment for interfacing with various applications. Using the GUI you can run several instances of the application while browsing your stocks or ebay or porn or having a visual meeting with other developers in your team or whatever while waiting, yet keeping a real time eye on your disassembling or whatever you happen to be doing.
The application itself will run no differently.

Quote:

---

Lately I have had a rogue program running on my system. In 98se I could have simple started in DOS safe mode and deleted the file, then edited the registry to remove any mention of it or related files. In XP I can't do that.

---

This is because XP actually has a security policy, unlike win98. To be able to simply load the system with the security policy disabled could be catastrophic, this is why the DOS(-like) safe mode has been replaced by the repair console, which does exactly what you are saying.
Again, this has nothing to do with running a shell or not, it deals with loading the system incrementally or alternately (whichever you desire).

Quote:

---

And while NTSF file system might save me a bit of space and be a bit more secure, I find it impossible to see the drive if I use an emergency boot disk that might allow me to delete that rogue file.

---

If by "a bit more secure" you mean "makes permissions possible" then yes, I agree. I don't see why you would have trouble using the repair console to access the drive. You must not be properly informed about this process.

Quote:

---

Not anti-progress so much as wanting to be in complete control of our systems

---

Unfortunately, having a more sophisticated shell doesn't grant any additional control, it merely provides users with a text interface to applications and the OS.

Quote:

---

which we are not with windows XP

---

You are as much as you can be. You can develop your own kernel drivers, you can run any applications that you like, you can modify the security policy, you can modify resource allocation, you can schedule all of these tasks, you can create and remove services, you can create incident based actions, what more do you want? Why do you think a more comprehensive shell will grant this?

Quote:

---

Again, it comes down to being in COMPLETE control of my system. Letting it do what I want it to do, NOT what some other person thinks is best for me.

---

Yeah yeah, "Fight the Power"

Again... a shell grants no new access! It is nothing more than a different style of interface to the EXACT same resources, the EXACT same objects, the EXACT same subjects. It isn't about fighting fascism, it's about typing everything in or using a more point and click interface (with a little less typing). It's about... why use an interface within an interface?

Quote:

---

What if we LIKE doing things the old way or the "harder" way?

---

Then don't argue when I say that you are anti-progress.

Quote:

---

Does that make us any worse or wrong? No. It is just how we like doing things.

---

So go use *name of BSD flavor withheld*, they are pretty backward and are always seeking new users.

Quote:

---

I admit that I am still learning about Windows XP, but I have to admit that under 98se I had fewer problems with spyware or viruses than I've had with XP. As for Security and being more or less secure depending on wether there is a new Windows shell or command mode: Well, if you are going to take the responsibility of OWNING a computer, then take the responsibility of learning to make it secure under ANY circumstances ( which is why I am here at AO in the first place )

---

So let me get this straight... you have problems with spyware and viruses, yet you are going to give the hypothetical users of this future Windows with a more sophisticated shell a hard time for not wanting to be required to spend the extra effort to secure a feature they don't want and will never use?

Look it is fine to like shells, but don't argue that it isn't backward and don't argue that it magically gives you more power. Doing so makes you wrong on both accounts.

cheers,

catch

Edited to be a little nicer, I was in a pissy mood on account of my Seagate issues. :)

-- I am sorry carenath, but I feel very little of your post is accurate (the parts based on
-- fact anyhow, most is opinion which is perfectly respectable.)

Actually, very little of my post was based on hard facts. The differences between 98 and XP are facts, even promoted by MS as a reason to switch.

-- I don't see how doing this via a shell or a GUI makes a difference... you're not using
-- the shell or the GUI, you're using the application (whatever app you choose that is). All
-- a shell provides is a text based user environment for interfacing with various applications.

Well true. but as you noted, my opinion of which is better or offers more control still stands.
This is not meant as criticizim but just an opinon.

-- This is because XP actually has a security policy, unlike win98. To be able to simply load
-- the system with the security policy disabled could be catastrophic, this is why the DOS
-- (-like) safe mode has been replaced by the repair console, which does exactly what you
-- are saying.
-- Again, this has nothing to do with running a shell or not, it deals with loading the
-- system incrementally or alternately (whichever you desire).

Hmmm. could you please point me to a good tutorial on how to do what you mentioned above? Something that goes a little in depth but is still easy (relatively speaking) to understand?

-- If by "a bit more secure" you mean "makes permissions possible" then yes, I agree. I
-- don't see why you would have trouble using the repair console to access the drive.
-- You must not be properly informed about this process.

Nope, you're right. I'm not properly informed. When I bought the XP package, it had very little That I could find on how to do some of the things that you are mentioning. But... then again, maybe I didn't look in the right places.


-- You are as much as you can be. You can develop your own kernel drivers, you can run
-- any applications that you like, you can modify the security policy, you can modify
-- resource allocation, you can schedule all of these tasks, you can create and
-- remove services, you can create incident based actions, what more do you want? Why
-- do you think a more comprehensive shell will grant this?

Again, see above...


-- Again... a shell grants no new access! .....little less typing). It's about... why use
-- an interface within an interface?

Can't really argue against that point except to say that some of us like to type


-- Then don't argue when I say that you are anti-progress.

Again, we are not anti-progress, just anti-"screw things up until on-one understands them anymore," which seems to be what MS enjoys doing everytime they come out with a new version of their OS.



-- So let me get this straight... you have problems with spyware and viruses, yet you
-- are going to give the hypothetical users of this future Windows with a more
-- sophisticated shell a hard time for not wanting to be required to spend the extra effort
-- to secure a feature they don't want and will never use?

No, just don't expect me to like how people take something simple and screw it up until no-one can either understand or use it easily. Besides. Some of those hypothetical users might just like the extra shell. I mean, it really is a pain that I have to go thru about 3 to 5 different steps when I want to play an older game that happens to be written for DOS only.

-- Look it is fine to like shells, but don't argue that it isn't backward and don't argue that
-- it magically gives you more power. Doing so makes you wrong on both accounts.


I'm not stating either... I'm simply stating that some of us would welcome an alternative to the total GUI control and access.


-- cheers,

-- catch

-- Edited to be a little nicer, I was in a pissy mood on account of my Seagate issues.

Thank you for the courtesy. Much appreciated.

Carenath