136 lines
6.1 KiB
Plaintext
136 lines
6.1 KiB
Plaintext
|
-----BEGIN PGP SIGNED MESSAGE-----
|
|||
|
|
|
|||
|
|
GV1 v1.01 - Good Virus #1 v1.01 (c) 1994 By Stormbringer, Phalcon/Skism
|
|||
|
|
User-Friendly, Menu-Controlled Self-Replicating Encryption Utility!
|
|||
|
|
|
|||
|
|
WARNING: THE AUTHOR OF THIS PROGRAM IS NOT RESPONSIBILE FOR ANY DAMAGES
|
|||
|
|
CAUSED DIRECTLY OR INDIRECTLY FOR THE USE OF THIS PROGRAM. THE
|
|||
|
|
USER ACCEPTS ALL RISKS OF USAGE BY POSSESSING THIS PROGRAM.
|
|||
|
|
|
|||
|
|
Good Virus #1 v1.01 is now released as freeware to the public.
|
|||
|
|
Basics
|
|||
|
|
~~~~~~
|
|||
|
|
GV1 is a simple file encryption utility that uses one of the strongest
|
|||
|
|
encryption algorithms available today, the International Data Enryption
|
|||
|
|
Algorithm (IDEA). It is memory resident, allowing the user to simply
|
|||
|
|
press its hot-keys (CTRL-ALT-V) to pop up its menu, allowing the user to
|
|||
|
|
encrypt/decrypt files at any time simply by entering the filename and
|
|||
|
|
password.
|
|||
|
|
|
|||
|
|
GV1 is also self-replicating, although ONLY AT THE COMMAND OF THE USER.
|
|||
|
|
If instructed to do so, GV1 will attach itself OR REMOVE ITSELF from .COM
|
|||
|
|
files as they are executed. This gives it a flexability to be used in places
|
|||
|
|
where encryption programs are unwelcome and looked for, as infected programs
|
|||
|
|
will seem "normal" to all but the most expert analysts. For example, many
|
|||
|
|
governments have recently taken it upon themselves to limit, in one way or
|
|||
|
|
another, the availability of encryptions to their people. In some of these
|
|||
|
|
cases, good cryptographic protection is completely outlawed and even searched
|
|||
|
|
for. While a person in this situation may choose to use PGP or another
|
|||
|
|
established program, this can often be dangerous as one can simply look for
|
|||
|
|
the PGP.EXE file. GV1 is at an advantage here because it can be attached to
|
|||
|
|
almost any .COM file and pass through normal inspections unnoticed.
|
|||
|
|
|
|||
|
|
Main Menu
|
|||
|
|
~~~~~~~~~
|
|||
|
|
Below is the main user menu of the virus, with basically two parts, the
|
|||
|
|
Infection Modes and the Encryption Commands. It is activated by pressing
|
|||
|
|
CTRL-ALT-V from any text-based screen while the virus is in memory (which
|
|||
|
|
happens the first time an infected program is run).
|
|||
|
|
|
|||
|
|
<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ͻ
|
|||
|
|
<EFBFBD> Good Virus #1 1.01 <20>
|
|||
|
|
<EFBFBD> [GV1] <20>
|
|||
|
|
<EFBFBD> (c) 1994 by Stormbringer [P/S] <20>
|
|||
|
|
<EFBFBD> <20>
|
|||
|
|
<EFBFBD> Infection Mode: <20>
|
|||
|
|
<EFBFBD> [N]one <20>
|
|||
|
|
<EFBFBD> [I]nfect Files <20>
|
|||
|
|
<EFBFBD> [D]isinfect Files <20>
|
|||
|
|
<EFBFBD> <20>
|
|||
|
|
<EFBFBD> Encryption Commands: <20>
|
|||
|
|
<EFBFBD> [E]ncrypt File <20>
|
|||
|
|
<EFBFBD> De[C]rypt File <20>
|
|||
|
|
<EFBFBD> <20>
|
|||
|
|
<EFBFBD> Press [ESC] To Exit Menu <20>
|
|||
|
|
<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ͼ
|
|||
|
|
|
|||
|
|
Infection Modes
|
|||
|
|
~~~~~~~~~~~~~~~
|
|||
|
|
The infection mode of the virus is selected while on the menu simply
|
|||
|
|
by pressing N, I, or D. When first run, the virus defaults to [N]one
|
|||
|
|
and will therefore not infect (or disinfect) any files. If GV1 is set
|
|||
|
|
to [I]nfect files, it will infect any valid .COM files as they are executed
|
|||
|
|
from DOS. In [D]isinfect mode, GV1 will _disinfect_ any infected .COM files
|
|||
|
|
as they are executed.
|
|||
|
|
|
|||
|
|
SHOULD A PROGRAM EVER FAIL TO WORK PROPERLY AFTER BEING INFECTED, FOLLOW
|
|||
|
|
THE FOLLOWING STEPS:
|
|||
|
|
1.) Reboot the computer.
|
|||
|
|
2.) Execute an infected program OTHER than the problem file.
|
|||
|
|
3.) Set GV1 to disinfect by pressing CTRL-ALT-V, then D.
|
|||
|
|
4.) Execute the problem file. It should now execute fine.
|
|||
|
|
|
|||
|
|
|
|||
|
|
Encryption Commands
|
|||
|
|
~~~~~~~~~~~~~~~~~~~
|
|||
|
|
GV1 has two encryption commands, [E]ncrypt File and De[C]rypt File.
|
|||
|
|
For each, one is prompted for a filename (include FULL path to file if it
|
|||
|
|
is not within the current directory) and a password. REMEMBER YOUR PASSWORDS
|
|||
|
|
AND TYPE THEM CAREFULLY! GV1 does no password checking and has NO backdoors.
|
|||
|
|
If you forget or mistype a password, the file is lost. Remember this when
|
|||
|
|
you are using it - GV1 is very secure, and should be treated with care.
|
|||
|
|
|
|||
|
|
GV1 creates no headers on the files, nor does it mark files it encrypts in
|
|||
|
|
any way. One advantage of this is that one can not determine _anything_
|
|||
|
|
from a GV1 encrypted file, EVEN THE FACT THAT IT IS ENCRYPTED DATA RATHER
|
|||
|
|
THAN SIMPLE GARBAGE. However, this also means that you MUST get the password
|
|||
|
|
correct the FIRST time to retreive your data, as GV1 has no record of the
|
|||
|
|
original password and will "decrypt" the file with whatever password you
|
|||
|
|
give it.
|
|||
|
|
|
|||
|
|
Extra Security Features
|
|||
|
|
~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
|
GV1 makes no backups, nor does it leave a "deleted" copy of the file it
|
|||
|
|
is used to encrypt on the drive. When a file is encrypted, it is encrypted
|
|||
|
|
and no trace of its unencrypted form is left, making GV1 suitable for
|
|||
|
|
protecting even sensitive data.
|
|||
|
|
|
|||
|
|
Validity of This File
|
|||
|
|
~~~~~~~~~~~~~~~~~~~~~
|
|||
|
|
I have included a copy of my PGP key, and have signed this document and
|
|||
|
|
included a pgp-signed version of the executable for GV1 to enable PGP
|
|||
|
|
users to ensure the authenticity of these files. Future updates of GV1
|
|||
|
|
will also be signed for verification with the key included in this file
|
|||
|
|
to ensure that the virus is coming from a secure source.
|
|||
|
|
|
|||
|
|
Greetings
|
|||
|
|
~~~~~~~~~
|
|||
|
|
Greets to: King of Hearts (whose IDEA code is used by the virus), Mark Ludwig,
|
|||
|
|
Fred Cohen, Musad Kafir, Dark Angel, Urnst Kouch, Phalcon/Skism,
|
|||
|
|
Trident, Hermanni, Trinity, and all the rest of you in the virus/
|
|||
|
|
antivirus scene (I mean, really, if I listed ALL you guys that
|
|||
|
|
are cool here...heh.).
|
|||
|
|
|
|||
|
|
-Stormbringer, Phalcon/Skism
|
|||
|
|
|
|||
|
|
|
|||
|
|
- -----BEGIN PGP PUBLIC KEY BLOCK-----
|
|||
|
|
Version: 2.3a
|
|||
|
|
|
|||
|
|
mQCNAi0o+dUAAAEEAJSwQUugNUAWBK41zfxlixKQoYNs3YUOflAmc3HD5YG/Zlhr
|
|||
|
|
cyD4PxIH/Qs8nljHE9XJkV1Va4Xm9faM8bhpEbNDS/0UvqnQKueptazbOsMyJqij
|
|||
|
|
j47OKbBfZR6VbRM0h/9Qte39vyhYfrbfjognrMNIYWVN/UMTnkYqE9PU9e0dAAUR
|
|||
|
|
tBxTdG9ybWJyaW5nZXIgW1BoYWxjb24vU2tpc21d
|
|||
|
|
=wzsK
|
|||
|
|
- -----END PGP PUBLIC KEY BLOCK-----
|
|||
|
|
|
|||
|
|
-----BEGIN PGP SIGNATURE-----
|
|||
|
|
Version: 2.3a
|
|||
|
|
|
|||
|
|
iQCVAgUBLh3EEEYqE9PU9e0dAQEdlQQAhIJQs3LjSfxwbW73eZcykVXKNT9VG8hh
|
|||
|
|
p3P9pWc1jlCwVcfEKaQ8a+lh+jBcp18NlXidc/dWAkZjmjih0Tc8DOpzFXULtjuH
|
|||
|
|
f2vh73cL2PY+2pXICqVURg/080AIpM34phEPEpQMN4/Vh8Ka0PNl1GRrKG2q3LND
|
|||
|
|
utRbrM8lpXg=
|
|||
|
|
=9egw
|
|||
|
|
-----END PGP SIGNATURE-----
|