My Old Virus Story

WYSIWUG · Sep 24, 2012

I once was the co-author of a virus that only worked on XP due to the OS having gaps in the kernel that caused the CPU to generate a file with random data in it, 256 bytes in size, then the CPU will copy and paste line 3, 4, 5, 15 & 80 into a new file and write that file to all possible sectors.

It was designed to "chop" the file so it would fit into any sectors it wanted to place it into. It would start when the bootstrap was loaded but before the bootstrap was executed the virus was executed first, and this was key to making the virus work, or when Windows loaded the virus would not work.

I forgot why, I think is was because the OS would not let the virus execute when there was many process threads, as the virus had 1013 threads itself.

So what did the virus do? Clogged the Hard Drive with random data then deleted the partition table and the kernel.

It was never relesed on the Internet and never will be, but I still have it stored on a 1.44MB Floppy Disk in my (mum's) wall safe at home.

The author died in a car crash in 2008 and I put a copy of it on another Floppy Disk for him to take to another universe.

It was the most complicated virus me and David ever wrote.

R.I.P David Rottaham, my best friend and a real computer nerd I bet you are now using powerful alien computers.

Hureho · Sep 24, 2012

Sounds like a very powerful virus and I'm glad you didn't leak it online. David must have been a very smart and talented man.

RIP.

WYSIWUG · Sep 24, 2012

He called it "Sector Hector"

I have not executed it since he died, it wont be right without him there to watch it's funny magic.

He was the man, he could write a website with 10 pages in under 30 mins!

You should have seen him type, sometimes the computer would not keep up with his key strokes.

We have written about 17 viruses together, I deleted these viruses when our file server blowed up, David did not look correctly and put to much voltage into the CPU and RAM.

He said me one day, when I die, I will be using alien computers in another universe.

MMM · Sep 27, 2012

WYSWUG I think you seek attention.....
Have no time for any one who brags of these things who can do damage to OP computers, nothing personel but I could not be bothered with your type.

Computear · Sep 27, 2012

MMM said:
WYSWUG I think you seek attention.....
Have no time for any one who brags of these things who can do damage to OP computers, nothing personel but I could not be bothered with your type.

Abuse does not rule out use.

He said nothing about releasing these viruses onto any computers, quite the contrary. It seems you have an irrational fear of that which you do not understand. The best security (both for computers and otherwise) experts in the world are the ones that understand how these things work. Knowledge is gained through experience. It's necessary to work with these things. And even for the sheer enjoyment of programming, it is nothing more than entertainment until it is put into use.

And if you could not be bothered with his type, you need not post a reply. It seems you are the one who desires attention. Especially considering this is posted in a "Security | Hacking" forum.

threadmark · Sep 27, 2012

Well thats a very good story but how did you get past the ECC? And please don't say it was too long ago to remember. If the virus uses some magical â€œGapâ€ in the kernel to affect/â€fitâ€ into HD sectors, The ECC would be the one thing that would need to be tricked in order to corrupt said sectors.

what was the delivery method?

please tell me how you would overcome the hamming-codes 7,4.

MMM · Sep 28, 2012

Computear said:
Abuse does not rule out use.

He said nothing about releasing these viruses onto any computers, quite the contrary. It seems you have an irrational fear of that which you do not understand. The best security (both for computers and otherwise) experts in the world are the ones that understand how these things work. Knowledge is gained through experience. It's necessary to work with these things. And even for the sheer enjoyment of programming, it is nothing more than entertainment until it is put into use.

And if you could not be bothered with his type, you need not post a reply. It seems you are the one who desires attention. Especially considering this is posted in a "Security | Hacking" forum.

I have no irrational fear or lack of understanding on this subject.....I made my comment & stand by it and I do not need your permission to reply to posts.

I do not think this forum promotes the subject of how to hack or how to write viruses, maybe a Mod or Admin might clarify this.

WYSIWUG · Sep 30, 2012

@MMM

I know I wont move to Aussie if the mining jobs go bust here.

Also I have no idea what threadmark means by ECC. I just helped to write the bits where the virus generates the random data, which is easy, David wrote about 97% of the virus.

My last post on this thread.

dale · Sep 30, 2012

RIP David.

threadmark · Oct 1, 2012

So how would you deliver the virus to users? If you had nothing to do with the virus, why hold a copy? You obviously do not know how to use it, or how it works.

My Old Virus Story

WYSIWUG

In Runtime

Hureho

Solid State Member

WYSIWUG

In Runtime

MMM

Daemon Poster

Computear

Daemon Poster

threadmark

In Runtime

MMM

Daemon Poster

WYSIWUG

In Runtime

dale

Daemon Poster

threadmark

In Runtime

Similar threads