Differences between revisions 2 and 3
Revision 2 as of 2011-03-27 20:37:37
Size: 2908
Editor: 24-151-193-255
Comment:
Revision 3 as of 2011-03-27 20:37:52
Size: 2913
Editor: 24-151-193-255
Comment:
Deletions are marked like this. Additions are marked like this.
Line 23: Line 23:
}}}

= Malicious Software =

Although this includes a wide variety of software, and you should read chapter 10 in preparation for the exam, I'm going to concentrate on two types in this lecture: Viruses and Keyloggers.

Viruses

Viruses must be able to copy themselves verbatim onto other systems. The question is how? Can code (ascii or otherwise) make a copy of itself? See if you can devise a logical sequence of actions that will output the same sequence of actions.

In general, the method used to create a quine in any programming language is to have, within the program, two pieces: (a) code used to do the actual printing and (b) data that represents the textual form of the code (e.g., progdata in the first C example below). The code functions by using the data to print the code (which makes sense since the data represents the textual form of the code), but it also uses the data, processed in a simple way (e.g., quote() below) to print the textual representation of the data itself. (see: http://en.wikipedia.org/wiki/Quine_%28computing%29)

Here is one written in C#: 

   1 using System; 
   2 class Q 
   3 { 
   4      static void Main() 
   5      { 
   6           string s = "using System;class Q{2}static void Main(){2}string s ={1}{0}{1};Console.Write(string.Format(s, s, (char)34, (char)123, (char)125));{3}{3}";
   7           Console.Write(string.Format(s, s, (char)34, (char)123, (char)125)); 
   8      } 
   9 }

Does that look a bit esoteric? Look at a longer one, but one that is easier to follow: 

   1 using System;
   2 class P
   3 {
   4     static void Main()
   5     {
   6         string[] S = {
   7 "        Console.WriteLine(\"using System;\");",
   8 "        Console.WriteLine(\"class P {\");",
   9 "        Console.WriteLine(\"    static void Main() {\");",
  10 "",
  11 "        Console.WriteLine(\"        string[] S = {\");",
  12 "        foreach (string line in S) {",
  13 "            string escapedLine = line.Replace(@\"\\\", @\"\\\\\")",
  14 "                .Replace(\"\\\"\", \"\\\\\\\"\");",
  15 "            Console.WriteLine(\"\\\"{0}\\\",\", escapedLine);",
  16 "        }",
  17 "        Console.WriteLine(\"        };\");",
  18 "",
  19 "        foreach (string line in S) Console.WriteLine(line);",
  20 "",
  21 "        Console.WriteLine(\"    }\");",
  22 "        Console.WriteLine(\"}\");",
  23         };
  24         Console.WriteLine("using System;");
  25         Console.WriteLine("class P {");
  26         Console.WriteLine("    static void Main() {");
  27 
  28         Console.WriteLine("        string[] S = {");
  29         foreach (string line in S)
  30         {
  31             string escapedLine = line.Replace(@"\", @"\\")
  32                 .Replace("\"", "\\\"");
  33             Console.WriteLine("\"{0}\",", escapedLine);
  34         }
  35         Console.WriteLine("        };");
  36 
  37         foreach (string line in S) Console.WriteLine(line);
  38 
  39         Console.WriteLine("    }");
  40         Console.WriteLine("}");
  41     }
  42 }

}}}

NetworkSecurity/MaliciousSoftware (last edited 2011-03-27 21:13:22 by 24-151-193-255)