informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/virus/DOCUMENTATION/mdl.txt

262 lines
8.9 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

MDL - Mass Destruction Library
Version 0.10b
Written by Evil Avatar
Table of Contents
-----------------
Table of Contents...................................................1
Greetings...........................................................1
License.............................................................2
What is MDL?........................................................2
How MDL works.......................................................2
Using the MDL.......................................................2
Source code availability............................................3
Problems............................................................3
The Future..........................................................4
Virus Toolkit History...............................................4
Greetings
---------
Greetings go out to Dark Angel, Hellraiser, the rest of the Phalcon/Skism
group, and Dark Avenger, who are, in my humble opinion, the greatest virus
authors today. MDL is dedicated to John McAfee, for he will benefit the most
from this package.
MDL Documentation -1- Evil Avatar 1993
License
-------
The author hereby releases this program as freeware. You are free to use
the MDL in viruses. It is prohibited to use it in other ways (i.e. Trojan
Horse). You may distribute this archive and associated files only to virus
programmers.
What is MDL?
------------
MDL is a library that can be linked to any virus. MDL has been written
using Intel 8086 assembly language. MDL is used as an easy method to destroy
data on a disk without having to do all the tedious coding.
How MDL works
-------------
MDL is distributed with many routines, seven of them intending to destroy
data. Some are very basic; some are fairly complex. One routine that is not
destructive is a random number generator. This is used by some routines in
the library. This can also be called for your own use to create random
numbers for an encryption system.
Using the MDL
-------------
MDL consists of several modules. I assume you are using assembly to
write your virus. If you are using a high level language then you are on your
own. At the beginning of your virus put this:
.model tiny
.code
extrn kill_br: near, pot_shot: near, pt_trash:near, sec_buf:near
extrn screw_file: near, alter_fat: near, fat_fuck: near, rip_hd: near
extrn rnd_num: near, load_sec: near
Then you just write your virus. When you are ready to kill some data, you
have several options, explained in detail below. Parameters are passed in
registers. All is left is to link MDL.LIB to your virus. All registers are
preserved. Now to create havoc!
1. KILL_BR
This is your first option. This call to the MDL will overwrite the boot
record of any disk you specify with data that you get to specify. All
parameters are mandatory. They are as follows.
AL - Drive number (i.e. A=0, B=1, C=2, etc.).
DS:BX - Start of text/code you want the boot sector to be overwritten
with. You can get real creative with this. You can kill the
disk with the right text. You might even want this to point to a
new boot record of your own!
2. POT_SHOT
This option will destroy a sector of your choice on the default drive.
You can also choose a random sector to destroy.
AX - Sector to destroy (to get a random number, call RND_NUM just
previous to calling this command).
MDL Documentation -2- Evil Avatar 1993
3. PT_TRASH
With this routine, you can kill the Partition table on the hard disk.
This will make all data there inaccessible. There are no parameters to this
routine.
4. SCREW_FILE
The fifth option will open a specified file and overwrite it with random
data. There is only one parameter.
DS:BX - Offset to the name of the file to screw.
Note: The file name cannot be a wildcard. Changes are also made to the
date/time stamp, so if you want stamp kept the same, you will have to do it
yourself. I thought that this would help in flexability.
5. ALTER_FAT
This will change random bytes in both FATs. This will irrevocably cause
crosslinks. There are no parameters.
6. FAT_FUCK
This routine will overwrite both copies of the FAT with random data
making the data on the disk inaccessible. There are no parameters.
7. RIP_HD
Last of the destruction routines, RIP_HD will overwrite the contents of
the entire disk, making recovery of data impossible. Once again, there are
no parameters. This command does not return. It keeps formating until the
computer locks up, or there is an exception error.
8. RND_NUM
This routine will generate 16-bit random numbers. The random number is
returned in ax.
9. LOAD_SEC
This routine will load a specified sector into a buffer. This routine
has two parameters.
AL - Drive number (i.e. 0=A, 1=B, etc.).
DX - Logical sector to read.
This option returns with ES:BX pointing to the start of the sector buffer.
Source code availability
------------------------
Source code is made available partly because I think by the time this
program is a threat to anyone, the virus scanners will be able to detect it,
partly because It'll help you learn how to create your own malicious code,
and partly because it'll help me out by allowing others to check for bugs in
my code. This code is to be used as a learning tool. It is to allow real
virus writers to spend their time on stealth techniques and other things then
having to worry about activation routines. This is not to be used with PS-MPC
or any other code generator and distributed. That is not virus writing. This
program was written in Turbo Assembler 2.02. I trust that you will not alter
it and re-release it as your own.
Problems
--------
This code was written over a weekend and very hastily. It is not very
MDL Documentation -3- Evil Avatar 1993
optimized. Also, I didn't give it alot of testing (I don't have a spare hard
drive to kill). However, I did test some routines on floppy disks and they
worked fine. This code is bound to have tons of bugs (note the 0.10b
release). Report any bugs to Evil Avatar. If you can, please suggest
alternate code (you will be given credit for it).
The Future
----------
For the future of MDL, I plan on fixing all bugs. I also plan on adding
any other routines that come to my head (one that comes to mind is a file
crosslinker). I don't plan on spending too much time to this project as I
don't endorse the idea of trashing every hard drive in existence. I made MDL
to see if I could do it. I am only releasing it in hopes that someone can
learn from it. Remember the most memorable viruses don't always have
malicious code! For my future, I plan on releasing more toolkits
(i.e. polymorphic engine, construction kits, etc.). I also plan on joining a
virus group and creating more viruses.
Virus Toolkit History
---------------------
GENVIR - This was the first attempt at a virus toolkit. If was written in
1990 by a French virus writer. It was never released as a functional program.
Virus Construction Set (VCS) - VCS was written in 1991 by Verband Deutscher
Virenliebhaber, a German group. VCS is very primitive compared to modern
construction kits.
MuTation Engine (MtE) - MtE was written in 1991 in Bulgaria by Dark Avenger.
It is a polymorphic engine that allows a virus to exist in over 4 billion
variants.
Virus Construction Lab (VCL) - VCL was written in 1992 by Nowhere Man of NuKE.
It uses a graphical user interface to allow a user to create a virus.
Phalcon/Skism Mass Produced Code Generator (PS-MPC) - PS-MPC was written in
1992 by Dark Angel of Phalcon/Skism. It is based on VCL, however, it creates
more compact code than VCL.
Instant Virus Production Kit (IVP) - IVP was written be Admiral Bailey of YAM
(Youngsters Against McAfee). It is rumored to be a rewrite of PS-MPC with
some rudimentary changes.
TridenT Polymorphic Engine (TPE) - TPE was written in late 1992 by the TridenT
group. It is similar to MtE.
G2 (G squared) - G2 was written in 1993 by Dark Angel of Phalcon/Skism. It
is the most powerful construction kit to date. It allows the use of different
code packages to do different tasks.
Evil Avatar's Mass Destruction Library (MDL) - MDL was written in 1993 by Evil
Avatar. It is a library that allows easy destruction of data.
MDL Documentation -4- Evil Avatar 1993
Reference in New Issue View Git Blame Copy Permalink