Sunday, 10 October 2010

Be careful what you click!

This is not related  to emulation, but I feel that it's something that needs to be said. I think that Microsoft should do something about this huge weakness I have found in their operating system!

I hate viruses, most of us do, which is why I thought I'd have a try at writing one... just to see how easy it was for people to write malicious software. Turns out, it is very easy with just some basic coding knowledge.

In my opinion, the most destructive malware would be malware that deletes information from your computer, and what better information to delete from your computer than the Master Boot Record. For those who don't know what the MBR is, it is a small peice of code (512 bytes) that lies at sector 0 of your boot disk. This is the sector that the BIOS loads into memory for immediate execution after the post screen. It essentially boots up your operating system and usually loads the kernel and jumps to it. Without a valid Master Boot Record, your entire operating system is useless, removing the MBR effectively renders your OS useless, and unbootable.

However, there are steps you can take to repair your MBR, infact, it's very easy in modern operating systems like Vista or Windows 7. You just insert the Windows 7 system disk, and repair your operating system, however, if you do not know how to do this, or you have an older OS like XP, you are pretty screwed.

Which brings me on to this software I wrote. The virus I wrote (which I will never be using maliciously of course), replaces your MBR with my own custom MBR, which prints a little message to the screen instead of loading your OS. Keep in mind that I have created a few safe guards to make sure that I didn't click it by accident, I created some "Are you sure" messageboxes just to be safe, but if I took these away, this software would be very dangerous.

The executable needs to be run as adminstrator, but this is hardly much of a safe guard, as most users would probably be logged on as admin anyway.

I won't release this software or source code for now, unless anyone specifically asks for it, because there is always the chance that it could be used maliciously. It is however a very small file, and the source is very small, so be careful what you click.. or you might just get your MBR deleted. The Windows 7 and Vista UAC doesn't seem like such a bad thing to me anymore...

7 comments:

  1. Follow my new blog please!

    http://everythingguitarz.blogspot.com/

    ReplyDelete
  2. cool post bro!!:)
    Welcome to Italy!

    ReplyDelete
  3. Oh don't worry, I use Mac :D
    Thanx for the tips bra.

    Supp 'n' follow.

    ReplyDelete
  4. Dude I got a virus coz I wasn't careful one time. WTF

    ReplyDelete
  5. thx for chekcing me out. good helpful post here.

    ReplyDelete
  6. Everybody got a virus or two once in their lifetime and obviously keep getting some adware or even malware due to unsafe internet browsing, that won't stop. You can always use Linux and be a bit safer without half the hassle.

    ReplyDelete