A possible virus
William D. Colburn (aka Schlake)
wcolburn at nmt.edu
Thu Apr 26 20:38:54 GMT 2001
On Thu, Apr 26, 2001 at 11:09:08AM -0600, Dan Egli wrote:
> Jpegs are different than Source Code. It is possible to include worm/trojan
> info in the image, but it's not possible to include RUNNABLE worm code in
> source code. You'd have to compile the code for the worm code to become
> dangerous.
Again, this is *horribly* off topic, but, I disagree. Worms work
because software fails to interpret it correctly. If there is a broken
tar utility out there with a buffer overflow in it, then source code
could be a worm. Just like a broken image viewer can let an image file
be a worm. How long ago was it that people would riducle the warnings
not to read your email because it could destroy your hard drive.
Everyone knew that reading email can't destroy your hard drive.
For your amusement, I will attach some source code written in C. I
mean, a shell script that runs under UNIX. I mean, some source code
written in FORTRAN. I mean, a DOS program. I mean, some source code
written in COBOL. I mean, a program written in postscript. Yea, all
those things, I mean them all, and I am attaching only one file. Oops,
did I forget that it was also writen in Pascal? Yup, I did.
Complexity is the bane of security. Trust nothing!
--
William Colburn, "Sysprog" <wcolburn at nmt.edu>
Computer Center, New Mexico Institute of Mining and Technology
http://www.nmt.edu/tcc/ http://www.nmt.edu/~wcolburn
-------------- next part --------------
(*O/*_/
Cu #%* )pop mark/CuG 4 def/# 2 def%%%%@@P[TX---P\P_SXPY!Ex(mx2ex("SX!Ex4P)Ex=
CuG #%* *+Ex=
CuG #%*------------------------------------------------------------------*+Ex=
CuG #%* POLYGLOT - a program in seven languages 15 February 1991 *+Ex=
CuG #%* *+Ex=
CuG #%* Written by Kevin Bungard, Peter Lisle, and Chris Tham *+Ex=
CuG #%* *+Ex=
CuG #%* We have successfully run this program using the following: *+Ex=
CuG #%* ANSI COBOL: MicroFocus COBOL85 (not COBOL74) *+Ex=
CuG #%* ISO Pascal: Turbo Pascal (DOS & Mac), Unix PC, *+Ex=
CuG #%* AIX VS Pascal *+Ex=
CuG #%* ANSI Fortran: Unix f77, AIX VS Fortran *+Ex=
CuG #%* ANSI C (lint free): Microsoft C, Unix CC, GCC, Turbo C++, *+Ex=
CuG #%* Think C (Mac) *+Ex=
CuG #%* PostScript: GoScript, HP/Adobe cartridge, *+Ex=
CuG #%* Apple LaserWriter *+Ex=
CuG #%* Shell script: gnu bash, sh (SysV, BSD, MKS), ksh *+Ex=
CuG #%* 8086 machine language: MS-DOS 2.00, 3.03, 4.01, 5.00 beta *+Ex=
CuG #%* VPix & DOS Merge (under unix) *+Ex=
CuG #%* SoftPC (on a Mac), MKS shell *+Ex=
CuG #%* *+Ex=
CuG #%* Usage: *+Ex=
CuG #%* 1. Rename this file to polyglot.[cob|pas|f77|c|ps|sh|com] *+Ex=
CuG #%* 2. Compile and/or run with appropriate compiler and *+Ex=
CuG #%* operating system *+Ex=
CuG #%* *+Ex=
CuG #%* Notes: *+Ex=
CuG #%* 1. We have attempted to use only standard language features. *+Ex=
CuG #%* Without the -traditional flag gcc will issue a warning. *+Ex=
CuG #%* *+Ex=
CuG #%* 2. This text is a comment block in all seven languages. *+Ex=
CuG #%* *+Ex=
CuG #%* 3. When run as a .COM file with MS-DOS it makes certain *+Ex=
CuG #%* (not unreasonable) assumptions about the contents of *+Ex=
CuG #%* the registers. *+Ex=
CuG #%* *+Ex=
CuG #%* 4. When transfering from Unix to DOS make sure that a LF *+Ex=
CuG #%* is correctly translated into a CR/LF. *+Ex=
CuG #%* *+Ex=
CuG #%* Please mail any comments, corrections or additions to *+Ex=
CuG #%* peril at extro.ucc.su.oz.au *+Ex=
CuG #%* *+Ex=
CuG #%*------------------------------------------------------------------*QuZ=
CuG #%* *+Ex=
CuG #%*!Mx)ExQX4ZPZ4SP5n#5X!)Ex+ExPQXH,B+ExP[-9Z-9Z)GA(W@'UTTER_XYZZY'CPK*+
CuG #(* *(
C # */); /*(
C # *) program polyglot (output); (*+
C # identification division.
C # program-id. polyglot.
C #
C # data division.
C # procedure division.
C #
C # * ))cleartomark /Bookman-Demi findfont 36 scalefont setfont (
C # * (
C #
C # * hello polyglots$
C # main.
C # perform
C * ) 2>_$$; echo "hello polyglots"; rm _$$; exit
print
C stop run.
-*, 'hello polyglots'
C
C print.
C display "hello polyglots". (
C */ int i; /*
C */ main () { /*
C */ i=printf ("hello polyglots\n"); O= &i; return *O; /*
C *) (*
C *) begin (*
C *) writeln ('hello polyglots'); (*
C *) (* )
C * ) pop 60 360 (
C * ) pop moveto (hello polyglots) show (
C * ) pop showpage ((
C *)
end .(* )
C)pop% program polyglot. *){*/}
More information about the samba
mailing list