VectorLinux

Please login or register.

Login with username, password and session length
Advanced search  

News:

Visit our home page for VL info. For support and documentation, visit the Vector Linux Knowledge Center or search the Knowledge Center and this Forum using the search box above.

Author Topic: How to write a Linux virus in 5 easy steps  (Read 1695 times)

hata_ph

  • Packager
  • Vectorian
  • ****
  • Posts: 3261
  • -- Just being myself --
How to write a Linux virus in 5 easy steps
« on: February 15, 2009, 03:07:56 am »

Interesting article about linux vulnerability....

http://www.geekzone.co.nz/foobar/6229

the follow up......

http://www.geekzone.co.nz/foobar/6236
Logged

Windozer

  • Vectorite
  • ***
  • Posts: 386
  • Have Vector Linux, Will Travel.
Re: How to write a Linux virus in 5 easy steps
« Reply #1 on: February 15, 2009, 10:24:26 am »

Quote
[From hata_ph's first link above, my emphasis: [step 4 of 5] Attach this [trojan/virus-infected] file to an email, which prompts the recipient to save and open the attachment. As explained, once it has been saved it will just appear as 'some_text.odt' on the user's desktop. And with the icon we have chosen in the launcher description it will look quite harmless.

Send this email out to as many email addresses as you can get a hold of.

Voila! A Linux virus in 5 simple steps. Every user that saves and opens the attachment you have sent them will get themselves infected with the malware script of your choice, which is then also restarted whenever the user logs in again.

That was easy, wasn't it?

Solutions for the problem

The easiest solution to prevent this kind of problem is to not just blindly click on attachments that people have sent you. [...]


Seem's like the "ease" of getting this kind of virus on a system depends on the user being asleep.   Is creating a linux-based virus that doesn't need user interaction much more difficult? If I recall correctly, we've talked about virus infections on *nix before here, but not from this perspective specifically.

- H
Logged
483,617th Registered Linux Snoozer

lagagnon

  • Global Moderator
  • Vectorian
  • *****
  • Posts: 1922
Re: How to write a Linux virus in 5 easy steps
« Reply #2 on: February 15, 2009, 07:47:46 pm »

Windaze: if the Linux user is running the system as a user and not as "root" then the root filesystem cannot be infected. The virus might do something to the users /home filesystem but cannot infect / .

Logged
"As people become more intelligent they care less for preachers and more for teachers". Robert G. Ingersoll

bigpaws

  • Vectorian
  • ****
  • Posts: 1872
Re: How to write a Linux virus in 5 easy steps
« Reply #3 on: February 15, 2009, 08:07:22 pm »

The proof of concept for this malware would infect the users space including
all personal settings ... where is your mail stored ~/home/who/.thunderbird for
example.

To escalate this program sudo can be used to achieve root somewhat easily.

The article description was off, imho it should have been somewhere around the
lines of exploit the auto features in KDE and gnome, maybe why not is having all
these convenient services really good?

Since Linux is following the Windows crowd request of automount and other such
things then these attacks will grow since writing one is trivial and the Windows crowd
and perhaps others will be complacent.

Those that would put forward that Linux users are more prudent than to just click on
that link since Linux is invincible. Linux just like almost any other system can be
successfully exploited. It's just that some are harder to attack than others.

Bigpaws
Logged

stretchedthin

  • Administrator
  • Vectorian
  • *****
  • Posts: 3780
    • Opensourcebistro.com
Re: How to write a Linux virus in 5 easy steps
« Reply #4 on: February 15, 2009, 11:47:37 pm »

quote from the mentioned article...
Quote
Interestingly, the Thunar file manager under xfce (Xubuntu 8.10) is doing something that Gnome's and KDE's file managers are not doing: It will flag the desktop launcher file as potential malware and thus prevent execution via a simple click. This works whether the attachment was saved from within Thunderbird or from within a web-based email system, such as Yahoo Mail

Hats off to the developers of Thunar.
Logged
Vectorlinux screencasts and  tutorials can be found at....
http://www.opensourcebistro.com/blog1
http://www.youtube.com/user/vid4ken?feature=mhee

Triarius Fidelis

  • Vecteloper
  • Vectorian
  • ****
  • Posts: 2399
  • Domine, exaudi vocem meam
    • my website
Re: How to write a Linux virus in 5 easy steps
« Reply #5 on: February 15, 2009, 11:53:30 pm »

Windaze: if the Linux user is running the system as a user and not as "root" then the root filesystem cannot be infected. The virus might do something to the users /home filesystem but cannot infect / .



That's where all the important, unique things are

Easy to recover LaTeX

Not so easy to recover one's master's thesis source

Whether h4x0rz would try to exploit that depends heavily on their aims
Logged
"Leatherface, you BITCH! Ho Chi Minh, hah hah hah!"

Formerly known as "Epic Fail Guy" and "Döden" in recent months