Linux.Cephei: a Nim virus

3 minute read Published:

Simple prepender virus written in Nim
NimĀ is a systems and applications programming language. It has nice features such asĀ producing dependency-free binaries, running on a huge list of operating systems and architectures and compiling to C, C++ or JavaScript. I’ve been messing with it for a while and I am very pleased with it. To be honest, Nim and Go have been my choices when I need to start a new project (goodbye Python, at least for now).


5 minute read Published:

Windows version of Linux.Liora
So I decided to port my Linux.Liora ( Go infector to Win32 and it worked great. Minor tweaks were needed in the code, you can run a diff between both and check it out. EDIT: Fixed the PE verification routine, it checks for a proper PE file now. Thanks hh86! Virus source: /* * Win32.Liora.B - This is a POC PE prepender written in Go by TMZ (2015). * * Win32.

Linux.Liora: a Go virus

4 minute read Published:

Simple prepender virus written in GoLang
So this guy asks me in a job interview last week “Have you ever developed in Go?” and well what’s best to learn a language than writting a prepender (probably a lot of things but don’t kill my thrill)? There you have it, the probably first ever binary infector written in GoLang (SPTH LIP page “outdately” confirms that). Basically a port from my Linux.Zariche ‘cause my life is in a hurry.

Linux.Zariche: a Vala virus

9 minute read Published:

Simple prepender virus written in Vala
Vala is an object-oriented programming language with a self-hosting compiler that generates C code and uses the GObject system. Vala is syntactically similar to C# and and rather than being compiled directly to assembly or to another intermediate language, Vala is source-to-source compiled to C, which is then compiled with a platform’s standard C compiler, such as GCC. You can also create VAPI files which are basically native C (not C++) functions you can import to Vala code (I will show an example later).