Idbeholda
06-22-2003, 09:18 AM
As some of you may or may not have heard, I am in the process of writing (yet another) vcl. I will post a more detailed article at http://www.athernigy.com, however, i am also extremely busy and have not had a lot of time to work on it. Here's the basic description of what exactly DjinnVX does.
Classic malware creation utilities primarily deal with user input and specifications. Granted this makes writing virii a whole hell of a lot easier to both "newbies" and "lamers", however, depending on the computer architecture (processor type, actual hardware compatibility issues), and the type of compiler used to generate the virus from the source to the actual program, many bugs and glitches can happen. The program I am working on uses the general idea of user input to create a virus/trojan/worm. It checks for a script in the same directory. If the script is not found, then the actual "creation" form comes up, then which the user points and clicks on options to create a script for the program to base its actions from. If the script is found, any number of things depending on what the user has specified can happen. As of now, the current version supports password stealing, file infection, ip snitching, keylogging, mass mailing routines, individual mailing routines, support for uploading private files to an email account, infection checking between multiple programs possibly running the same script (and in a sense a basic neural network, albeit shaky at that), event logging, file creation, editing, and deleting, and error checking to correct unexpected bugs.
The main problem with the idea of the malware creation utility BECOMING the malware program in question, is that like most other creation tools, that all of the "strains" of the malware can be detected by checking for a single string. However, quarantining and reparing any damage that may have been caused proves to be the tricky part. In order to fully understand how to repair the damage, and remove the malware from the system, one has to completely understand the that program bases it's actions from a script, rather than actual preprogrammed code. Etc, etc, etc, ad nauseum.
Classic malware creation utilities primarily deal with user input and specifications. Granted this makes writing virii a whole hell of a lot easier to both "newbies" and "lamers", however, depending on the computer architecture (processor type, actual hardware compatibility issues), and the type of compiler used to generate the virus from the source to the actual program, many bugs and glitches can happen. The program I am working on uses the general idea of user input to create a virus/trojan/worm. It checks for a script in the same directory. If the script is not found, then the actual "creation" form comes up, then which the user points and clicks on options to create a script for the program to base its actions from. If the script is found, any number of things depending on what the user has specified can happen. As of now, the current version supports password stealing, file infection, ip snitching, keylogging, mass mailing routines, individual mailing routines, support for uploading private files to an email account, infection checking between multiple programs possibly running the same script (and in a sense a basic neural network, albeit shaky at that), event logging, file creation, editing, and deleting, and error checking to correct unexpected bugs.
The main problem with the idea of the malware creation utility BECOMING the malware program in question, is that like most other creation tools, that all of the "strains" of the malware can be detected by checking for a single string. However, quarantining and reparing any damage that may have been caused proves to be the tricky part. In order to fully understand how to repair the damage, and remove the malware from the system, one has to completely understand the that program bases it's actions from a script, rather than actual preprogrammed code. Etc, etc, etc, ad nauseum.