ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-20 10:26:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fixed indentation in code blocks

Browse Source
This commit is contained in:
TheDuchy 2020-11-01 03:16:10 +01:00 committed by GitHub
parent b6467a43b8
commit dbdd507db4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 212 additions and 219 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Java/Virus.Java.Cheshire.a/README.md
View File

@ -176,7 +176,6 @@ public static int copyConstant(HashMap<String, Object> origin, int origin_index,
int new_index = addToPool(destination, new_constant); int new_index = addToPool(destination, new_constant);
constant_pool_map.put(origin_index, new_index); constant_pool_map.put(origin_index, new_index);
return new_index; return new_index;
} }
else if(const_tag == 3 || const_tag == 4 || const_tag == 5 || const_tag == 6){ else if(const_tag == 3 || const_tag == 4 || const_tag == 5 || const_tag == 6){
int new_index = addToPool(destination, orig_constant); int new_index = addToPool(destination, orig_constant);
@ -283,7 +282,6 @@ merely a matter of adding it to an index of methods, the real challenge is in en
} }
return newposition; return newposition;
} }
``` ```
There's no magic here. Essentially we just need to translate the original position of some code There's no magic here. Essentially we just need to translate the original position of some code
@ -366,12 +364,9 @@ write and have no control over. The good news for me is that this didn't require
} catch (IOException e) { } catch (IOException e) {
e.printStackTrace(); e.printStackTrace();
} }
} }
} }
} }
``` ```
Since our main virus method is never called by any of the other functions we've written, we have to copy the MethodRef Since our main virus method is never called by any of the other functions we've written, we have to copy the MethodRef
for that function to the target ourselves. We need to do this to use the invokestatic opcode, which is what we're sticking with for that function to the target ourselves. We need to do this to use the invokestatic opcode, which is what we're sticking with
@ -408,7 +403,6 @@ void autoBuild(){
build{ build{
autoBuild(); autoBuild();
} }
``` ```
We can quickly talk about what this does. The trick is very simple. We can define a custom task for gradle We can quickly talk about what this does. The trick is very simple. We can define a custom task for gradle
@ -420,4 +414,3 @@ get execution on clone in IntelliJ IDEA.*** Give it a try :)
The end result of this effort is a set of self-replicating bytecode that is only a few steps away from being pretty The end result of this effort is a set of self-replicating bytecode that is only a few steps away from being pretty
weaponizable. There are a lot of improvements I would have made to this code if I had the time, but hopefully a codebase weaponizable. There are a lot of improvements I would have made to this code if I had the time, but hopefully a codebase
to create viral code just by using an IDE as normal is enough for now. Hope you enjoyed. Until next time. to create viral code just by using an IDE as normal is enough for now. Hope you enjoyed. Until next time.