136 lines
6.1 KiB
Plaintext
136 lines
6.1 KiB
Plaintext
-----BEGIN PGP SIGNED MESSAGE-----
|
||
|
||
GV1 v1.01 - Good Virus #1 v1.01 (c) 1994 By Stormbringer, Phalcon/Skism
|
||
User-Friendly, Menu-Controlled Self-Replicating Encryption Utility!
|
||
|
||
WARNING: THE AUTHOR OF THIS PROGRAM IS NOT RESPONSIBILE FOR ANY DAMAGES
|
||
CAUSED DIRECTLY OR INDIRECTLY FOR THE USE OF THIS PROGRAM. THE
|
||
USER ACCEPTS ALL RISKS OF USAGE BY POSSESSING THIS PROGRAM.
|
||
|
||
Good Virus #1 v1.01 is now released as freeware to the public.
|
||
Basics
|
||
~~~~~~
|
||
GV1 is a simple file encryption utility that uses one of the strongest
|
||
encryption algorithms available today, the International Data Enryption
|
||
Algorithm (IDEA). It is memory resident, allowing the user to simply
|
||
press its hot-keys (CTRL-ALT-V) to pop up its menu, allowing the user to
|
||
encrypt/decrypt files at any time simply by entering the filename and
|
||
password.
|
||
|
||
GV1 is also self-replicating, although ONLY AT THE COMMAND OF THE USER.
|
||
If instructed to do so, GV1 will attach itself OR REMOVE ITSELF from .COM
|
||
files as they are executed. This gives it a flexability to be used in places
|
||
where encryption programs are unwelcome and looked for, as infected programs
|
||
will seem "normal" to all but the most expert analysts. For example, many
|
||
governments have recently taken it upon themselves to limit, in one way or
|
||
another, the availability of encryptions to their people. In some of these
|
||
cases, good cryptographic protection is completely outlawed and even searched
|
||
for. While a person in this situation may choose to use PGP or another
|
||
established program, this can often be dangerous as one can simply look for
|
||
the PGP.EXE file. GV1 is at an advantage here because it can be attached to
|
||
almost any .COM file and pass through normal inspections unnoticed.
|
||
|
||
Main Menu
|
||
~~~~~~~~~
|
||
Below is the main user menu of the virus, with basically two parts, the
|
||
Infection Modes and the Encryption Commands. It is activated by pressing
|
||
CTRL-ALT-V from any text-based screen while the virus is in memory (which
|
||
happens the first time an infected program is run).
|
||
|
||
<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ͻ
|
||
<EFBFBD> Good Virus #1 1.01 <20>
|
||
<EFBFBD> [GV1] <20>
|
||
<EFBFBD> (c) 1994 by Stormbringer [P/S] <20>
|
||
<EFBFBD> <20>
|
||
<EFBFBD> Infection Mode: <20>
|
||
<EFBFBD> [N]one <20>
|
||
<EFBFBD> [I]nfect Files <20>
|
||
<EFBFBD> [D]isinfect Files <20>
|
||
<EFBFBD> <20>
|
||
<EFBFBD> Encryption Commands: <20>
|
||
<EFBFBD> [E]ncrypt File <20>
|
||
<EFBFBD> De[C]rypt File <20>
|
||
<EFBFBD> <20>
|
||
<EFBFBD> Press [ESC] To Exit Menu <20>
|
||
<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ͼ
|
||
|
||
Infection Modes
|
||
~~~~~~~~~~~~~~~
|
||
The infection mode of the virus is selected while on the menu simply
|
||
by pressing N, I, or D. When first run, the virus defaults to [N]one
|
||
and will therefore not infect (or disinfect) any files. If GV1 is set
|
||
to [I]nfect files, it will infect any valid .COM files as they are executed
|
||
from DOS. In [D]isinfect mode, GV1 will _disinfect_ any infected .COM files
|
||
as they are executed.
|
||
|
||
SHOULD A PROGRAM EVER FAIL TO WORK PROPERLY AFTER BEING INFECTED, FOLLOW
|
||
THE FOLLOWING STEPS:
|
||
1.) Reboot the computer.
|
||
2.) Execute an infected program OTHER than the problem file.
|
||
3.) Set GV1 to disinfect by pressing CTRL-ALT-V, then D.
|
||
4.) Execute the problem file. It should now execute fine.
|
||
|
||
|
||
Encryption Commands
|
||
~~~~~~~~~~~~~~~~~~~
|
||
GV1 has two encryption commands, [E]ncrypt File and De[C]rypt File.
|
||
For each, one is prompted for a filename (include FULL path to file if it
|
||
is not within the current directory) and a password. REMEMBER YOUR PASSWORDS
|
||
AND TYPE THEM CAREFULLY! GV1 does no password checking and has NO backdoors.
|
||
If you forget or mistype a password, the file is lost. Remember this when
|
||
you are using it - GV1 is very secure, and should be treated with care.
|
||
|
||
GV1 creates no headers on the files, nor does it mark files it encrypts in
|
||
any way. One advantage of this is that one can not determine _anything_
|
||
from a GV1 encrypted file, EVEN THE FACT THAT IT IS ENCRYPTED DATA RATHER
|
||
THAN SIMPLE GARBAGE. However, this also means that you MUST get the password
|
||
correct the FIRST time to retreive your data, as GV1 has no record of the
|
||
original password and will "decrypt" the file with whatever password you
|
||
give it.
|
||
|
||
Extra Security Features
|
||
~~~~~~~~~~~~~~~~~~~~~~~
|
||
GV1 makes no backups, nor does it leave a "deleted" copy of the file it
|
||
is used to encrypt on the drive. When a file is encrypted, it is encrypted
|
||
and no trace of its unencrypted form is left, making GV1 suitable for
|
||
protecting even sensitive data.
|
||
|
||
Validity of This File
|
||
~~~~~~~~~~~~~~~~~~~~~
|
||
I have included a copy of my PGP key, and have signed this document and
|
||
included a pgp-signed version of the executable for GV1 to enable PGP
|
||
users to ensure the authenticity of these files. Future updates of GV1
|
||
will also be signed for verification with the key included in this file
|
||
to ensure that the virus is coming from a secure source.
|
||
|
||
Greetings
|
||
~~~~~~~~~
|
||
Greets to: King of Hearts (whose IDEA code is used by the virus), Mark Ludwig,
|
||
Fred Cohen, Musad Kafir, Dark Angel, Urnst Kouch, Phalcon/Skism,
|
||
Trident, Hermanni, Trinity, and all the rest of you in the virus/
|
||
antivirus scene (I mean, really, if I listed ALL you guys that
|
||
are cool here...heh.).
|
||
|
||
-Stormbringer, Phalcon/Skism
|
||
|
||
|
||
- -----BEGIN PGP PUBLIC KEY BLOCK-----
|
||
Version: 2.3a
|
||
|
||
mQCNAi0o+dUAAAEEAJSwQUugNUAWBK41zfxlixKQoYNs3YUOflAmc3HD5YG/Zlhr
|
||
cyD4PxIH/Qs8nljHE9XJkV1Va4Xm9faM8bhpEbNDS/0UvqnQKueptazbOsMyJqij
|
||
j47OKbBfZR6VbRM0h/9Qte39vyhYfrbfjognrMNIYWVN/UMTnkYqE9PU9e0dAAUR
|
||
tBxTdG9ybWJyaW5nZXIgW1BoYWxjb24vU2tpc21d
|
||
=wzsK
|
||
- -----END PGP PUBLIC KEY BLOCK-----
|
||
|
||
-----BEGIN PGP SIGNATURE-----
|
||
Version: 2.3a
|
||
|
||
iQCVAgUBLh3EEEYqE9PU9e0dAQEdlQQAhIJQs3LjSfxwbW73eZcykVXKNT9VG8hh
|
||
p3P9pWc1jlCwVcfEKaQ8a+lh+jBcp18NlXidc/dWAkZjmjih0Tc8DOpzFXULtjuH
|
||
f2vh73cL2PY+2pXICqVURg/080AIpM34phEPEpQMN4/Vh8Ka0PNl1GRrKG2q3LND
|
||
utRbrM8lpXg=
|
||
=9egw
|
||
-----END PGP SIGNATURE-----
|