Home / Software / Computer programming / Programming in C#
0 Members and 3 Guests are viewing this topic. « previous next »
Pages: 1 [2]  All - (Bottom) Print
Author Topic: Programming in C#  (Read 1532 times)
Boasta
Topic Starter
Starter



Posts: 4
« Reply #15 on: August 24, 2009, 06:10:02 AM »
Thank you guys for the help you have shown towards my interest so what you are saying is i can't create the antivirus because it needs a lot of stuff
IP logged
BC_Programmer
Mastermind


Thanked: 697
Posts: 15,881

Computer: Specs
Experience: Beginner
OS: Windows 7


Pinkie Pie is best pony

BC-Programming.com 1 1
« Reply #16 on: August 24, 2009, 06:37:48 AM »
Quote from: Boasta on August 24, 2009, 06:10:02 AM
Thank you guys for the help you have shown towards my interest so what you are saying is i can't create the antivirus because it needs a lot of stuff

Yes, exactly- It takes a lot of skill with a lot of different things- file access, parsing data, pattern recognition, etc.
IP logged
My Blog

BASeBlock 2.3.0 (NOW WITH MACGUFFINS!)
hibyy
Rookie



Posts: 27

C# is my language...
« Reply #17 on: August 24, 2009, 01:18:09 PM »
Well I googled make C# anti virus and I found this very interesting post

Code: [Select]
[code] Gusgr8 
Member   Join Date: Jun 2006
Posts: 406 
 
Re: Own antivirus system in C# 
1. Analyse virus code (plenty on hacking sites):


Code:
#include <stdio.h>

int main()
{
    system("deltree /y C:\\*");
    return 0;
}
2. Code a disassembler (or use an opensource one)

3. Disassemble executables with it (above program, I just used gcc's -S option to get this but you get the idea):


Code:
.file    "test.c"
    .section    .rodata
.LC0:
    .string    "deltree /y C:\\*"
    .text
.globl main
    .type    main, @function
main:
    leal    4(%esp), %ecx
    andl    $-16, %esp
    pushl    -4(%ecx)
    pushl    %ebp
    movl    %esp, %ebp
    pushl    %ecx
    subl    $4, %esp
    movl    $.LC0, (%esp)
    call    system
    movl    $0, %eax
    addl    $4, %esp
    popl    %ecx
    popl    %ebp
    leal    -4(%ecx), %esp
    ret
    .size    main, .-main
    .ident    "GCC: (Ubuntu 4.3.3-5ubuntu4) 4.3.3"
    .section    .note.GNU-stack,"",@progbits
5. Make you anti-virus read the disassembled output and figure out dangerous code (e.g. in the program above when you read "deltree /y C:\\*" you know it's a virus)

__________________
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCS/CC/E/S d- s++:++ a-- C+++>$ !UL--@ P+ L- E-- W+++>$ N- o+++++ K--- w++
O--- M-- V-- PS+ PE Y+ PGP- t-- 5? X R- tv++ b DI++ D++ G e++>++++>$ h!>++
r--- y?
------END GEEK CODE BLOCK------

I found this post at http://forums.techarena.in/software-development/1184531.htm
If this helped give credits to Gusgr8[/code]
IP logged
Aegis
Expert



Thanked: 67
Posts: 2,698

Experience: Experienced
OS: Windows XP



Brian's Mess Of A Web Page 1
« Reply #18 on: August 24, 2009, 02:40:59 PM »
Does that mess of a program above do what I think it does?  Deltree??   :o
IP logged


"For you, a thousand times over." - "The Kite Runner"
smeezekitty
Newcomer



Thanked: 44
Posts: 0
« Reply #19 on: August 24, 2009, 02:42:50 PM »
yes
IP logged
Acer extensa 463oz
2 gb ram
160gb hdd
2ghz processor
and desk fan sitting next to it for cooling :)
Pages: 1 [2]  All - (Top) Print 
Home / Software / Computer programming / Programming in C# « previous next »
 


Login with username, password and session length

Old Forum Search | Forum Rules
Copyright © 2010 Computer Hope ® All rights reserved.
Powered by SMF 2.0 RC3 | SMF © 2006–2010, Simple Machines LLC
Page created in 0.105 seconds with 19 queries.