Posted: January 1st, 2020
Figure 1: This is a simple shell based virus.
Figure 1: This is a simple shell based virus.
ITN 106 – Extra Credit
Purpose
This extra credit assignment worth an extra 7.5% of your final grade. It is
optional.
Problems
The script in figure 1 is a small virus we built in class. Note that every virus
performs four main operations.
• Run a payload script.
• Locate other files to infect.
• Check if the located files are already infected.
• Infect any uninfected located files.
1
Notably, this script has an empty payload. Needless to say, you should avoid
running this on any machine you care about unless you want to be reminded
of this class long after this semester.
To complete this assignment, you need to accomplish several tasks:
• Write a virus detection script.
• Create an uninfected script that will trigger your virus detection script:
a false positive.
• Write a virus removal script.
• Explain what will happen if your virus removal script acts on a false
positive.
• Rewrite the virus to include a payload.
For the virus detection script, you should use the same mechanism the
virus uses. You can test the detection script on infected and uninfected files.
The virus detection script should be used in the following way: detect.sh
suspect-file.sh The detection script should echo out a message indicating
whether the file is valid or not. Hint: To create your solutions, reuse as much
of the original virus as possible.
While writing the detection script, you may have realized it makes mistakes. The false positive should cause the detection script to fail, despite not
containing the virus. For credit, you must create the shortest false positive
possible.
The virus removal script is similar to the original virus, but rather than
adding the virus, it removes it. The virus removal script should be used the
following way: clean.sh The removal script does not need to display any
output. It should clean all files in the same directory as it. Hint: To create
your solutions, reuse as much of the original virus as possible.
The payload can be anything, but a simple echo command is fine. When
you rewrite the script to have a payload, the payload must always run when
an infected file runs, but must only once. Hint: Make sure adding the payload
doesn’t run your virus’s ability to infect.
To get full credit on this assignment, you must submit the following:
• A screenshot or text file containing a working virus detection script.
• A screenshot or text file containing a false positive.
2
• A screenshot or text file containing a working virus removal script.
• A succinct explanation of what the virus removal script does to false
positives.
• A screenshot or text file containing a working virus with a payload.
3