- Joined
- 3 Jul 2002
- Messages
- 3,233
I just had a wierd experience of fear and laughter, that i thought i should share with you.
When a certain person tryed to hack into a well knows media company (as a security consultant , not a malicious hacker), he already gained some access to the company's server and was trying to gain full access, so he uploaded a program needed to preform some operations in order to get full access. the only thing was , that when he tryed to run the program he got a "Bad command or file name" massage, which meant the file wasn't there. that person knew that he had already uploaded the program, so he searched for it, he found it in a C:\program files\SomeAntiVirus\Quarantine directory, which means the AntiVirus had identified the program as a virus and caught the file.
most AntiVirus products work by matching byte streams of known viruses to the programs and files your computer uses, so that person opened the one file program using a hex editor (Kinda like notepad for binary code) and saw the ASCII representation of each byte of code, since the program was already compiled (a process that makes Programing language files executable (.exe) ) he couldn't change much without harming the program.
then he noticed a plain text massage that displays every time you run the program, something like "Where do you want to go today" so he decided "what the heck, let's change that and see what happens" when he changed that line to "XXXX XX XXX XXXX XX XX XXXX" .
when he uploaded the file again the AntiVirus software didn't reconize the file as a virus!!! , and it is a popular Antivirus software that you may be using, keep that happy thought
When a certain person tryed to hack into a well knows media company (as a security consultant , not a malicious hacker), he already gained some access to the company's server and was trying to gain full access, so he uploaded a program needed to preform some operations in order to get full access. the only thing was , that when he tryed to run the program he got a "Bad command or file name" massage, which meant the file wasn't there. that person knew that he had already uploaded the program, so he searched for it, he found it in a C:\program files\SomeAntiVirus\Quarantine directory, which means the AntiVirus had identified the program as a virus and caught the file.
most AntiVirus products work by matching byte streams of known viruses to the programs and files your computer uses, so that person opened the one file program using a hex editor (Kinda like notepad for binary code) and saw the ASCII representation of each byte of code, since the program was already compiled (a process that makes Programing language files executable (.exe) ) he couldn't change much without harming the program.
then he noticed a plain text massage that displays every time you run the program, something like "Where do you want to go today" so he decided "what the heck, let's change that and see what happens" when he changed that line to "XXXX XX XXX XXXX XX XX XXXX" .
when he uploaded the file again the AntiVirus software didn't reconize the file as a virus!!! , and it is a popular Antivirus software that you may be using, keep that happy thought