Re: Trojans: common programming language ?

From: Aaron B. Lingwood (ten.EGNUM.edonretni_at_reraos)
Date: 04/28/04 

Date: Wed, 28 Apr 2004 09:52:15 +1000

On Tue, 27 Apr 2004 23:18:41 +0100, tarquinlinbin
<noemail@myrealbox.com> wrote:

>Hello,
>i was wondering if there is a common language in which trojans and
>indeed viruii are prgrammed?
>
>I ask becuase there is a file that i would like to study to find out
>what it is and what it does?.

No. Viruses can and are written in a range of different languages.

A lot of the latest Trojans have been pumped out in VB, mostly due to
the fact that VB is taught widely in schools.

If you remember the Melissa Virus (incorrectly called a virus) it was
a macro worm written in VBA (Visual Basic for Applications) which is
strongly implemented in Office 97 and above.

The blaster worm was well written in Visual C#.NET (ignoring a small
error that crashed infected computers and defeated its stealth attack
plan)

Many of the first viruses were written assembly language, C or Python.
Most Scripting worms use VBS or Windows Scripting. Other modern worms
and Trojans are written in RAD languages such as VB or even C++

When talking computers, the plural of virus is viruses though, either
are acceptable. Some people are just picky.

Many modern programming languages write a signature to the file
indicating the owner of the machine, the serial number for the
software/OS and many other traceable bits of information.

If you were wanting to compile a virus for testing/research purposes,
please ensure you disconnect every part of the LAN from the net. Also
ensure that before reconnecting, you format EVERY hard drive for EVERY
computer on the LAN at the time of testing, even if you 'know' that
particular machine is not infected.

Letting a virus get out into the wild is not only irresponsible but,
in most countries, is a higher offence than a hit-and-run. WHEN (not
if) you get tracked and caught, you will be looking at a definite jail
term (possibly quite long) as well as fines and suits totaling a
couple of hundred million dollars.

I would recommend a lot of reading on the subject and also to join
SANS and CERT and read as many white papers as possible. You will also
need to learn C and assembly.

As almost every virus has been disassembled by professionals, there is
a lot of information out there regarding what certain viruses do. To
Google for this information, search <VirusName/FileName> and "White
Paper"

I would recommend duplicating someone else's study before trying to do
your own. It will be a difficult yet rewarding experience.

If you are thinking about writing a virus, don't! You are probably
already flagged by several government departments for posting such a
question as this.

HTH

Aaron Lingwood

Relevant Pages