VX Heaven

Library Collection Sources Engines Constructors Simulators Utilities Links Forum

Wikipedia: Using free knowlegde for bad stuff

Ready Rangers Liberation Front [7]
November 2005

[Back to index] [Comments]

Intro Words

Wikipedia is a free encyclopedia, and everybody who is interested in is allowed to write articles, change articles, vote for articles and more. The following text represents an idea for using this encyclopedia for malware. As wikipedia has become one of the most important places for gaining information in the www, I thought it would be a good environment for computerviruses. After some days of thinking and discovering, I got an idea, and will present it to you in this article...

How does Wikipedia work

When a user thinks that (s)he wants to improve an article, (s)he clicks at the buttom "edit this page" and receives a html-page containing a "form" containing a textarea with the whole text of the article. The URL of the article and the edit-page have always the same format.

Original Page:[article-name]


Edit Page:[article-name]&action=edit


Every header souce code of an Edit-Page has exactly the same format - first there are 3.663 static bytes - then the start of the form-tag, which is static again, but contains the article-name - which could have different length:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "">
<html xmlns="" xml:lang="en" lang="en" dir="ltr">
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" href="/favicon.ico" />
<link rel="copyright" href="" />
    <title>Editing Intermediate technology - Edit this page - Wikipedia, the free encyclopedia</title>
    <style type="text/css" media="screen,projection">/*<![CDATA[*/ @import "/skins-1.5/monobook/main.css?1"; /*]]>*/</style>
    <link rel="stylesheet" type="text/css" media="print" href="/skins-1.5/common/commonPrint.css" />

    <!--[if lt IE 5.5000]><style type="text/css">@import "/skins-1.5/monobook/IE50Fixes.css";</style><![endif]-->
    <!--[if IE 5.5000]><style type="text/css">@import "/skins-1.5/monobook/IE55Fixes.css";</style><![endif]-->
    <!--[if gte IE 6]><style type="text/css">@import "/skins-1.5/monobook/IE60Fixes.css";</style><![endif]-->
    <!--[if IE]><script type="text/javascript" src="/skins-1.5/common/IEFixes.js"></script>
    <meta http-equiv="imagetoolbar" content="no" /><![endif]-->
    <script type="text/javascript" src="/w/index.php?title=-&action=raw&gen=js"></script>    <script type="text/javascript" src="/skins-1.5/common/wikibits.js"></script>
        <style type="text/css">/*<![CDATA[*/
@import "/w/index.php?title=MediaWiki:Common.css&action=raw&ctype=text/css&smaxage=2678400";
@import "/w/index.php?title=MediaWiki:Monobook.css&action=raw&ctype=text/css&smaxage=2678400";
@import "/w/index.php?title=-&action=raw&gen=css&maxage=2678400";
/*]]>*/</style>              </head>

  <body                 class="ns-0">
    <div id="globalWrapper">
      <div id="column-content">
        <div id="content">
          <a name="top" id="top"></a>
                  <h1 class="firstHeading">Editing Intermediate technology</h1>
          <div id="bodyContent">
            <h3 id="siteSub">From Wikipedia, the free encyclopedia.</h3>

            <div id="contentSub"></div>
                            <div id="jump-to-nav">Jump to: <a href="#column-one">navigation</a>, <a href="#searchput">search</a></div>      <!-- start content -->
            <script type='text/javascript'>
document.writeln("<div id='toolbar'>");
addButton('/skins-1.5/common/images/button_bold.png','Bold text','\'\'\'','\'\'\'','Bold text');
addButton('/skins-1.5/common/images/button_italic.png','Italic text','\'\'','\'\'','Italic text');
addButton('/skins-1.5/common/images/button_link.png','Internal link','[[',']]','Link title');
addButton('/skins-1.5/common/images/button_extlink.png','External link (remember http:// prefix)','[',']',' link title');
addButton('/skins-1.5/common/images/button_headline.png','Level 2 headline','\n== ',' ==\n','Headline text');
addButton('/skins-1.5/common/images/button_image.png','Embedded image','[[Image:',']]','Example.jpg');
addButton('/skins-1.5/common/images/button_media.png','Media file link','[[Media:',']]','Example.ogg');
addButton('/skins-1.5/common/images/button_math.png','Mathematical formula (LaTeX)','\<math\>','\</math\>','Insert formula here');
addButton('/skins-1.5/common/images/button_nowiki.png','Ignore wiki formatting','\<nowiki\>','\</nowiki\>','Insert non-formatted text here');
addButton('/skins-1.5/common/images/button_sig.png','Your signature with timestamp','--~~~~','','');
addButton('/skins-1.5/common/images/button_hr.png','Horizontal line (use sparingly)','\n----\n','','');
<form id="editform" name="editform" method="post" action="/w/index.php?title=Peter_Kropotkin&action=submit"

<textarea tabindex='1' accesskey="," name="wpTextbox1" id="wpTextbox1" rows='25'
cols='80' >

Next comes the whole text of the article in plain text containing wikipedia commands (explained later), and some more html and javascript code. Most of the code is unimportant for the idea, beside of these lines:

<input tabindex='5' id='wpSave' type='submit' value="Save page" name="wpSave" accesskey="s" title="Save your changes [alt-s]"/>

By clicking this buttom, you can save the text you have written in the textarea-tag - it is submitted to "http:/". The PHP script on the server rewrites the html-page then (by using databases or something like that I guess) and everything is done. That's how it should work.

The idea

Everything a user can do, a code also can do. That means, we can change a wikipedia article by a computer code automatically.

First of all, we have to download a edit-page (for example with 'URLDownloadToFile' API).

Then we have to edit the downloaded file. We want to change the text in the textarea-tag - and what is most important: We have to do something that automatically submits the form. About the first thing later (changing the text); how can we submit the form by itself? We have to include an "onload" to the body:

<body ONLOAD="window.setTimeout('document.editform.submit()', 1 );">

This body-tag submits the "editform" (see above in the Header of wikipedia) automatically after 1 millisecond. Theoretically we would just need the form-part now, but when we just use the form, wikipedia recognizes that something smells fishy, and gives following page: "Someone else has changed this page since you started editing it." Well, we do not want that, so just let's use the original page.

Now something about the wikipedia-commands, and how to use them, and some other secrets. The idea is to change 100s of pages at wikipedia (what we could do later). How do we get 100s of pages? The main idea of wikipedia seems to be connected information. Therefore inside the edit-form we can use the command "[[...]]" for making a internal link to another wikipedia article.

We could search in the textarea for any [[...]] and download the next page. An example:

Prince '''Peter Alexeevich Kropotkin''' (In [[Russian language|Russian]] Петр Алексеевич Кропоткин)
([[December 9]], [[1842]] - [[February 8]], [[1921]]) was one of [[Russia]]'s foremost [[anarchism|anarchist]]s
and one of the first advocates of what he called "[[anarchist communism]]"

In this shourt sentence we have found 8 more links to wikipedia-articles. All we have to do is to replace all spaces (" ") to underlines ("_") and copy the part before a potential "|" to the edit-page URL, and we have the direct link to all 8 articles:

A good page for starting a search for internal link is the page of "featured articles". ( There we could find a lot of very long articles, which are often very good connected to other articles - and have many external links in it.

Another way to find new articles is the wikipedia-feature called "Random article". Downloading "", wikipedia returns a random article. First we have to get the name of the article (static place in the html-source) and insert the name into the edit-page URL.

Well, now we know how to auto-submit text and how to find articles. What is missing is the way how to use it.

1: The dump way - destruction

It would be possible to replace all text in the textarea with nonsense. This would be of course worst case, and real destruction. Hope this never comes true!

2: Political messages

Of course, beside of nonsense, you could also spread real messages (like commenting on GWB's dump behaviour - whatever) - the good thing: As wikipedia is very popular, a lot of people will read your message. You can change something!

3: Usage for malware

I've mainy written and discovered the idea because this could also be used in malware. Wikipedia also uses external links. The syntax for such links:

   [URL text]
   [ Second Part To Hell]

Imagine you have a webserver (or in best case: a worm installs a webserver on the host's computer), you could search for all external links in the textarea-tag - and replace the URL:

[ People: Peter Kropotkin]

And after rewriting it becomes the following text:

[ People: Peter Kropotkin]

Most people trust wikipedia-links (yes, it is serios) - and I think this could be a good way for spreading.

Last words

Wikipedia is a great environment for information, which means that many people view and trust it. This is a perfect victim for new kind of viruses. The only way to prevent would be registered-only entrys or pictures with codes before every edit. But this would lead wikipedia to become a more closed environment than now.

PS: We need new heros! Read this:

[Back to index] [Comments]
By accessing, viewing, downloading or otherwise using this content you agree to be bound by the Terms of Use! aka