It could if the zip file is an EXE unzipping itself.. it might execute bad code.
Printable View
It could if the zip file is an EXE unzipping itself.. it might execute bad code.
essentially yes...I can lace programs with other programs, thats how trogans are installed on many systems...I can take a file and lace the zip with it. Either by overwritting the code i nthe file or by using the parts of the file that have free space. If the file code is overwritten you will get an error of some sort but the program/virus that was in the zip file could be run and most likely did. If the file wrote the the empty spots of the file then it ran while the zip was being installed in most cases...This was the technique used to put viruses in the jpg files....Find the empty space and place the virus in...now it's much more complicated than that but you get the jist!
hope it helps
- nc
Do you mean that if a try to open a zip file (that is not a self-extractor), and that I get an error message, it is possible that a virus / trojan / anything was executed? The thread take another turn... but it is pertinent enough...
JeffB
yea it's possible..when i was a "script kiddie" i used to lace trojans into all types of files and when a file is executed(ran, unzipped, still executing you are running the data through the system even if it's coded to run the debug client in the windows system you can run the malicious code) it can inject the virus...
what i mean by using the debug is the same thing that macro viruses did. Some of these things would take code that was in Hex format and throw it to the Debug program in windows. Windows would run the code and then execute it....bahbahbah!!! we have a live virus now! :) It may take some figuring out but i'm sure one of you could do it up heh :)...i'm not claiming it
Another thing you could do is, write your own zipping client and then have it infect the file itself and when it's attempting to run in the winzip program does the same thing...precompiled code that runs the malicious code....
look for Malicious Mobile Code or Mobile Malicious Code by OReilly....it's a good book and has some decent info. Somewhat a beginner book but still good nevertheless!
hope it helps
- nc
I might change my opinion about you booogt ... :eek:Quote:
Originally posted by booogt
...when i was a "script kiddie" i used to lace trojans into all types of files...
Thanks for the info anyway
JeffB
ROFL
hahahaha
thats good, thanks ;)
keyword "was", can you guess what i might be now? Now whats your opinion? Or should it be that because could you be making a false assumption...guess we'll never know, oh and btw i'm gonna email you a cool game i made, yea it's zipp.......ed *looks curiously* muahaha
ok enough of that
:)
glad to be of help
- nc
booogt, I still don't get it. You certainly sound like you know what you're talking about, so I hesitate to claim you're wrong, but I just don't get it. If ALL you do is unzip a file (not open it in any way) then the only code you have execute is winzip itself and that won't put a virus in your system.
How can totally passive data being extracted from a zip file cause a virus? I just don't get it and would appreciate any light you can shed on this. Remember, I'm saying that you do not OPEN or EXECUTE the unzipped file(s) at all, just let winzip put them on your hard disk.
thanks