1 (edited by UnkownUser 2017-07-09 00:22:50)

Topic: How to infect MBR?

Since im a bit messing with Python anyone got a sample of a virus who can affect MBR ?
Because i want to create something like the following...
https://www.bleepstatic.com/images/news/u/986406/Malware/Gaming/MBR-boot-screen.jpg

Thumbs up Thumbs down

Re: How to infect MBR?

I'm fairly versed in Python 2, so I'll use that as a base. First, you'd need to actually write the bootsector, which requires kernel-level programming in ASM. Then, you just need to write the binary equivalent of this to the first few sectors of the drive, which is easy to do with Python 2... if you have admin privileges. I can't give specific examples of code, but you get the jist of things.

I like to examine and theorize about everything, from Amazon's <quote> impenetrable </quote> ultravisor to autorun viruses (virii?) being technology's version of an STD (Slot Transmitted Disease).
I dabble in Python 2.x and non-stereotypical BATCH (x>50 lines). I also fuck up VMs from time to time.

┬──┬ ︵ /(.□. \)

Thumbs up Thumbs down

Re: How to infect MBR?

Yeniaul wrote:

I'm fairly versed in Python 2, so I'll use that as a base. First, you'd need to actually write the bootsector, which requires kernel-level programming in ASM. Then, you just need to write the binary equivalent of this to the first few sectors of the drive, which is easy to do with Python 2... if you have admin privileges. I can't give specific examples of code, but you get the jist of things.

Thx for the idea, but i really need some sample code to learn from it because its been a while i didn't use Python sooo i really don't know how i'm gonna do it

P.S: I got some very low knowledge in ASM ;-;

Thumbs up Thumbs down

Re: How to infect MBR?

here is a hello world bootloader.

http://i.imgur.com/RZ2s1qZ.png

DosExe.asm:

; Converted from a FASM code by Xyl2k!
code segment use16
assume cs:code
org 7c00h

start:
; Main program
main:        ; Label for the start of the main program

 mov ax,0000h    ; Setup the Data Segment register
        ; Location of data is DS:Offset
 mov ds,ax    ; This can not be loaded directly it has to be in two steps.
        ; 'mov ds, 0000h' will NOT work due to limitations on the CPU

 mov si,offset HelloWorld    ; Load the string into position for the procedure.
 call PutStr    ; Call/start the procedure

jmp $        ; Never ending loop

; Procedures
PutStr:        ; Procedure label/start
 ; Set up the registers for the interrupt call
 mov ah,0Eh    ; The function to display a chacter (teletype)
 mov bh,00h    ; Page number
 mov bl,07h    ; Normal text attribute

nextchar:    ; Internal label (needed to loop round for the next character)
 lodsb        ; I think of this as LOaD String Block
        ; (Not sure if thats the real meaning though)
        ; Loads [SI] into AL and increases SI by one
 ; Check for end of string '0'
 or al,al    ; Sets the zero flag if al = 0
        ; (OR outputs 0's where there is a zero bit in the register)
 jz return    ; If the zero flag has been set go to the end of the procedure.
        ; Zero flag gets set when an instruction returns 0 as the answer.
 int 10h    ; Run the BIOS video interrupt
 jmp nextchar    ; Loop back round to the top
return:        ; Label at the end to jump to when complete
 ret        ; Return to main program

; Data
HelloWorld db 'Hello World',13,10,0

db 510-($-start) dup(0)  ; Fill the rest of the sector with zero's
dw 0AA55h ; Add the boot loader signature to the end

code ends
end start

make.bat:

@echo off
set path=\masm32\bin
set lib=\masm32\lib
set name=DosExe
ml.exe /c /nologo /Fo DosExe.obj DosExe.asm
link16.exe /TINY /NOLOGO DosExe.obj,BootLoader.dat,DosExe.map,"",""
del *.OBJ
pause
@echo on
cls
SELECT * FROM `users` WHERE `login` = 'admin '#--' and `password`='d6d36367ad2384f71489707e6fff0879921b50f9';

Thumbs up +1 Thumbs down