Homework Sourse Homework Sourse

Program V 1234567 procedure attachtoprogram begin repeat fil

Program V 1234567; procedure attach-to-program; begin repeat file:= got-random-program; until firest-program-lin notequalto 1234567; propend V to file; end; procedure execute-payload; begin (* perform payload actions *) end; procedure trigger-condition; begin (* return true if trigger condition is true *) end; begin (* main action block *) attach - to program; if trigger-condition then execute-payload; goto original program code; end; A simple virus A compression virus There is a flaw in the virus program of Figure 6.1a. What is it? program CV 1234567; procedure attach-to-program; begin repeat file:= got-random-program; until firest-program-lin notequalto 1234567; compress file; (*t1 *) propend CV to file; (* t2 *) end; begin (* main action block *) attach-to-program; uncompress rest of this file into tempfile; (* t3 *) execute tempfile; (* t4 *) end; A compression virus There is a flaw in the virus program of Figure 6.1a. What is it?

Solution

a)simple virus


the actual procedure is


every first line jumps into the main methos here

and the main method checks that the condition whether subroutine is trigger pulled


now it cause damage in the files if the condition yes ,then it calls the subroutine do damage

if all files are infected then the program will loop for a indefinate time

after main part it goes to next label


hence flaw in the given code as followws ,\"files runs indefinate period of time\".


b)


here every first line jumps into the main methos here

here we are compressinf the files so that thet occupy less pace

here The 01234567 is the virus signature

then The virus then asks for the permission (ask-permission) to infect a random executable (get-random-executable-file).

If the permission is granted, it compresses the executable (infect-executable), prepends itself to it (prepend), uncompresses the current executable file (uncompress the-rest-of-this-file) into a temporary file(tmpfile) and runs it (run tmpfile).

Users will experience significant delays as their executables are decompressed before being run.

then insert a copy of a routine that decompresses the program when its execution begins.


the falw here is they \"didnt mention the following condition{if ask-permission then infect-executable;\"

Program V 1234567; procedure attach-to-program; begin repeat file:= got-random-program; until firest-program-lin notequalto 1234567; propend V to file; end; pr

Get Help Now

Submit a Take Down Notice
Tutor
Tutor: Dr Jack
Most rated tutor on our site