Government Security
Network Security Resources

Jump to content

Photo

Cody Oebel Virus ;) By: Codeerror

- - - - - windows network virus trojan php
  • Please log in to reply
3 replies to this topic

#1 CodeError

CodeError

    Private

  • Members
  • 8 posts

Posted 05 April 2010 - 07:45 PM

I developed a virus for windows XP\vista\win7.
I would really like to have as much feed back as possible on it. e.g Someone sending it to a victim and reporting results etcetra. I blind coded much of it and am not 100% sure if its going to work without testing.
So anyone willing to test it would be great.. whether on a test machine or victim I could care less which.
It should render the machine useless, and requiring a format once executed. If anyone could try to counter it's effects and provide me the steps they took so I can code a counter to those steps that would be awsome. I am going to post a download also of my undetectable remote access trojan, but this program I am linking here is strictly destructive and does not connect to a socket and send network information. It simply hopefully effectively causes the OS to be unusable.

http://www.yourfilel....php?fid=538675

Use at your own risk, but please report back to me the results which you discovered.

A list of what CMV32 will do-

1- Replicate itself onto the system for redundancy
2- Add itself to system startup for both xp\vista\win7
3- revoke rights to utilitys which could prevent someone from removing it
* System restore points are wiped out
* System restore application is destroyed, and rights revoked from dir
* taskmanager, regedit,msconfig are all rights revoked from usage.
* A call to listed directorys for further replication is made, but not tested
at this time. I blind coded this feature without testing due to lack of
machines I have available for testing.
* a shutdown call with a message is the last thing the user will see
if their machine has enough resources capable of handling all that is going on, otherwise the user will freeze.
* Finally windows files begin to get deleted, due to some of the files are
in use, and the virus cannot delete them I destroy those programs child processes and the process itself in order to delete the file, and it continues to delete prime system required files for booting.


END RESULT --- machine will freeze on XP, and from the way I coded it I blindly assume it will allow a user to use task manager on Vista as I didnt code in a revoke for task manager on vista. Once ran on vista if the user reboots the machine the OS shouldnt come up anymore. BLACK SCREEN of death ... e.g not blue screen.
CODY OEBEL a.k.a [odeE|7|70r e.g CodeError a.k.a for short CodeE PRO-nounced much like mah name Cody :)

#2 Takatori

Takatori

    Private

  • Members
  • 4 posts

Posted 10 March 2011 - 12:21 AM

Not bad, however for liability's sake you should say that it shouldn't be used on a real victim and is here just for educational purposes.

Don't want to be held liable if some Skid comes and uses it :)

#3 Guest_uncle777_*

Guest_uncle777_*
  • Guests

Posted 08 April 2011 - 02:18 PM

as the great Borat would have said: "very nice"! I like...

I am yet to test it though...speaking of which i have 3 virtual machines ready for the task...but again...lazyness strikes again!

Now...are you sure adding to registry will work on vista/7? I cetainly doubt so. I mean when you add to startup - then it's pretty much adding new values to the registry, which is something vista/7 would ask for admin rights and need a password for such a task. It will definetly work on xp with admin rights though. I can't be sure about 7 - i am more of a linux guy, but this is a wild guess.
Also, try this:

- Generate a new GUID each time the program is compiled...works good against norton and others.
- Add exception to the windows firewall - works good on xp.
- Do NOT write to system32 - instead write to documents and settings/users - this way you prevent problems with windows 7 security features.
- Name your processes with some good name - like "svchost.exe", "updates.exe"...etc - so people won't be suspicious.
- Create somrthing asynchorous...like a keylogger ;).
- Create a webserver which uses c:\ as a document root.

P.S.
Yes, don't use it for malicious purposes...rememeber that you can encounter some...other programmer like you :) or a kid dying of cancer who wants to buy a new medicine...and then the virus stops it...it will be totally immoral!

#4 bruxelles

bruxelles

    Private

  • Members
  • 12 posts

Posted 05 May 2011 - 07:08 AM

can u reupload the file ? link is dead





Also tagged with one or more of these keywords: windows, network, virus, trojan, php