Solve : Programming in C#?

1.	Solve : Programming in C#?
Answer» Thank you guys for the help you have shown towards my interest so what you are saying is i can't create the antivirus because it needs a lot of stuffQuote from: Boasta on August 24, 2009, 06:10:02 AM Thank you guys for the help you have shown towards my interest so what you are saying is i can't create the antivirus because it needs a lot of stuff Yes, exactly- It takes a lot of skill with a lot of different things- file access, parsing data, pattern recognition, etc.Well I googled make C# anti virus and I found this very interesting post CODE: [Select][code] Gusgr8 Member Join Date: Jun 2006 Posts: 406 Re: Own antivirus system in C# 1. Analyse virus code (plenty on hacking sites): Code: #include <stdio.h> int main() { system("deltree /y C:\\"); return 0; } 2. Code a disassembler (or use an OPENSOURCE one) 3. Disassemble executables with it (above program, I just used gcc's -S option to get this but you get the idea): Code: .file "test.c" .section .rodata .LC0: .string "deltree /y C:\\" .text .globl main .type main, @function main: leal 4(%esp), %ecx ANDL $-16, %esp pushl -4(%ecx) pushl %ebp movl %esp, %ebp pushl %ecx subl $4, %esp movl $.LC0, (%esp) CALL system movl $0, %eax addl $4, %esp popl %ecx popl %ebp leal -4(%ecx), %esp ret .size main, .-main .ident "GCC: (Ubuntu 4.3.3-5ubuntu4) 4.3.3" .section .note.GNU-stack,"",@progbits 5. Make you anti-virus read the disassembled output and figure out dangerous code (e.g. in the program above when you read "deltree /y C:\\*" you know it's a virus) __________________ -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GCS/CC/E/S d- s++:++ a-- C+++>$ [emailprotected] P+ L- E-- W+++>$ N- o+++++ K--- w++ O--- M-- V-- PS+ PE Y+ PGP- t-- 5? X R- tv++ b DI++ D++ G e++>++++>$ h!>++ r--- y? ------END GEEK CODE BLOCK------ I found this post at http://forums.techarena.in/software-development/1184531.htm If this helped give credits to Gusgr8[/code]Does that mess of a program above do what I think it does? Deltree?? yes

Answer»

Thank you guys for the help you have shown towards my interest so what you are saying is i can't create the antivirus because it needs a lot of stuffQuote from: Boasta on August 24, 2009, 06:10:02 AM

Thank you guys for the help you have shown towards my interest so what you are saying is i can't create the antivirus because it needs a lot of stuff

Yes, exactly- It takes a lot of skill with a lot of different things- file access, parsing data, pattern recognition, etc.Well I googled make C# anti virus and I found this very interesting post

CODE: [Select][code] Gusgr8
Member Join Date: Jun 2006
Posts: 406

Re: Own antivirus system in C#
1. Analyse virus code (plenty on hacking sites):

Code:
#include <stdio.h>

int main()
{
system("deltree /y C:\\*");
return 0;
}
2. Code a disassembler (or use an OPENSOURCE one)

3. Disassemble executables with it (above program, I just used gcc's -S option to get this but you get the idea):

Code:
.file "test.c"
.section .rodata
.LC0:
.string "deltree /y C:\\*"
.text
.globl main
.type main, @function
main:
leal 4(%esp), %ecx
ANDL $-16, %esp
pushl -4(%ecx)
pushl %ebp
movl %esp, %ebp
pushl %ecx
subl $4, %esp
movl $.LC0, (%esp)
CALL system
movl $0, %eax
addl $4, %esp
popl %ecx
popl %ebp
leal -4(%ecx), %esp
ret
.size main, .-main
.ident "GCC: (Ubuntu 4.3.3-5ubuntu4) 4.3.3"
.section .note.GNU-stack,"",@progbits
5. Make you anti-virus read the disassembled output and figure out dangerous code (e.g. in the program above when you read "deltree /y C:\\*" you know it's a virus)

__________________
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCS/CC/E/S d- s++:++ a-- C+++>$ [emailprotected] P+ L- E-- W+++>$ N- o+++++ K--- w++
O--- M-- V-- PS+ PE Y+ PGP- t-- 5? X R- tv++ b DI++ D++ G e++>++++>$ h!>++
r--- y?
------END GEEK CODE BLOCK------

I found this post at http://forums.techarena.in/software-development/1184531.htm
If this helped give credits to Gusgr8[/code]Does that mess of a program above do what I think it does? Deltree?? yes

Solve : Programming in C#?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment