If you need assistance, please send an email to forum at 4hv dot org. To ensure your email is not marked as spam, please include the phrase "4hv help" in the subject line. You can also find assistance via IRC, at irc.shadowworld.net, room #hvcomm.
Support 4hv.org!
Donate:
4hv.org is hosted on a dedicated server. Unfortunately, this server costs and we rely on the help of site members to keep 4hv.org running. Please consider donating. We will place your name on the thanks list and you'll be helping to keep 4hv.org alive and free for everyone. Members whose names appear in red bold have donated recently. Green bold denotes those who have recently donated to keep the server carbon neutral.
Special Thanks To:
Aaron Holmes
Aaron Wheeler
Adam Horden
Alan Scrimgeour
Andre
Andrew Haynes
Anonymous000
asabase
Austin Weil
barney
Barry
Bert Hickman
Bill Kukowski
Blitzorn
Brandon Paradelas
Bruce Bowling
BubeeMike
Byong Park
Cesiumsponge
Chris F.
Chris Hooper
Corey Worthington
Derek Woodroffe
Dalus
Dan Strother
Daniel Davis
Daniel Uhrenholt
datasheetarchive
Dave Billington
Dave Marshall
David F.
Dennis Rogers
drelectrix
Dr. John Gudenas
Dr. Spark
E.TexasTesla
eastvoltresearch
Eirik Taylor
Erik Dyakov
Erlend^SE
Finn Hammer
Firebug24k
GalliumMan
Gary Peterson
George Slade
GhostNull
Gordon Mcknight
Graham Armitage
Grant
GreySoul
Henry H
IamSmooth
In memory of Leo Powning
Jacob Cash
James Howells
James Pawson
Jeff Greenfield
Jeff Thomas
Jesse Frost
Jim Mitchell
jlr134
Joe Mastroianni
John Forcina
John Oberg
John Willcutt
Jon Newcomb
klugesmith
Leslie Wright
Lutz Hoffman
Mads Barnkob
Martin King
Mats Karlsson
Matt Gibson
Matthew Guidry
mbd
Michael D'Angelo
Mikkel
mileswaldron
mister_rf
Neil Foster
Nick de Smith
Nick Soroka
nicklenorp
Nik
Norman Stanley
Patrick Coleman
Paul Brodie
Paul Jordan
Paul Montgomery
Ped
Peter Krogen
Peter Terren
PhilGood
Richard Feldman
Robert Bush
Royce Bailey
Scott Fusare
Scott Newman
smiffy
Stella
Steven Busic
Steve Conner
Steve Jones
Steve Ward
Sulaiman
Thomas Coyle
Thomas A. Wallace
Thomas W
Timo
Torch
Ulf Jonsson
vasil
Vaxian
vladi mazzilli
wastehl
Weston
William Kim
William N.
William Stehl
Wesley Venis
The aforementioned have contributed financially to the continuing triumph of 4hv.org. They are deserving of my most heartfelt thanks.
Registered Member #96
Joined: Thu Feb 09 2006, 05:37PM
Location: CI, Earth
Posts: 4059
Hah, I predicted this way back in 1998. My version of this was a hypothetical program which was essentially a list of start and stop points with common Windows 98SE files and a list of "code inversions" which was able to bit juggle the assembled code until it matched the original compressed file.
Never attempted to write such a beast but its interesting to see that someone else has. It does raise an interesting ethical question, in that basic viruses and useful programs such as data manipulation and processing share several common features so to not teach how viruses and malware work is to cripple the knowledge base and make it more likely that future malware writers will dig up the forgotten "old" methods and recycle them.
In this case, it is not the knowledge itself that is the issue, it is how the knowledge is used.
In fact, I once had my Acorn screen editing code pilfered by someone and converted into malware
Related to this is the recent discovery of a vulnerability in the Bluetooth headset protocol allowing for data injection using the Vol +/- buttons and a piece of software introduced by other means to transcribe this into executable code. Seems that this particular vuln has never been exploited because it was considered too much effort.
Registered Member #65
Joined: Thu Feb 09 2006, 06:43AM
Location:
Posts: 1155
There are many programs that can do this, as most overflow sled shims could be considered identical in description. i.e. they re-purpose the host system resources to deliver hostile programs. This is why Symantec products are essentially useless since around 2003, and active hashing of resident programs became "firewall" security products.
Perhaps these are the pair that wrote Flame... as it was signed with Microsoft's private key, used Microsoft's "update services" to install malware, and hooked the kernel to attack other hosts using Microsoft's LAN messaging services.
Note the coming UEFI secure boot key based system will essentially make OEM signed root-kits impossible to remove even if detected. Sony, Microsoft, HP, and Apple have all distributed OEM Trojans in their product lines, and only stopped when publicly confronted by lawyers trying to sue them.
Yawn... IIRC, this forum has rules about people talking about breaking other peoples toys... I guess the policy is philosophically based on how manure attracts flies...
This site is powered by e107, which is released under the GNU GPL License. All work on this site, except where otherwise noted, is licensed under a Creative Commons Attribution-ShareAlike 2.5 License. By submitting any information to this site, you agree that anything submitted will be so licensed. Please read our Disclaimer and Policies page for information on your rights and responsibilities regarding this site.
Frankenstein virus "builds itself by pilfering code"
