Slashdot Mirror

← Back to Stories (view on slashdot.org)

Reverse Engineering Win32 Trojans on Linux

Posted by michael on from the clean-room dept.

slackrootcyc writes "A post (and previous article) give a detailed examination of the reversing process, using a trojan found in the wild. Later on in the story it discusses some techniques for reversing Windows-native code entirely under Linux."

8 of 86 comments (clear)

  1. Win32 Trojans... by JessLeah · · Score: 4, Funny

    ...the condoms that bluescreen.

    Where do you want to Put It Today?(TM)

    --
    Honey, I shrunk the Cygwin
  2. Violation of the DMCA!! by SuperDuG · · Score: 5, Funny
    hehehehe wonder if Symantec and Network Associates will sue for having their code reverse engineered ...


    wait a minute anti-virus software makers don't make virii, what was I thinking

    --
    Ignore the "p2p is theft" trolls, they're just uninformed
    1. Re:Violation of the DMCA!! by Istealmymusic · · Score: 2, Funny
      Even something as benign as VNC or Radmin can be turned to the "dark side."
      As well as a benign utility such as SubSeven or NetBus.
      --
      "The lesson to be learned is not to take the comments on slashdot too literally." --Vinnie Falco, BearShare
    2. Re:Violation of the DMCA!! by Anonymous Coward · · Score: 1, Funny

      and several cows (that is plural of cow) roamed the farms.

  3. Uh Oh... by nothing+safe · · Score: 3, Funny

    *GASP* Does this mean that the cat is out of the bag with that top secret trojan known as 'Sub7'?

  4. Make Win32 Trojans Open Source by Slashdotess · · Score: 4, Funny

    This is why we should be coding everything in Open Source. The fact being is, in this highly dynamic internet society today Trojans can hide their code to prevent security professionals from doing their job. When we finally open source these trojans, our software will become more secure because programmers from around the world can work on making the trojans and the programs the effect faster, better, and more secure.

    Currently, trojans are badly written because of their inherent proprietary nature. Using something like sourceforge a multitude of coders can be simultaneously working on different parts of a trojan while the open source community can review, debug and test the code for infectioness effectiveness.

    Only when we make Trojans open source will we realize that our computer controlled Oil tankers accross the world will be safe from Da Vinci.

  5. Trojan Writers by Dakisha · · Score: 5, Funny

    And in further news, trojan writers worldwide file a DMCA suit against linux users for circumventing there security and reverse compiling there intelectual property ;)

  6. Coming soon! by Anonymous Coward · · Score: 1, Funny

    With any luck, the anti-virus companies will soon start to figure out how to write linux viri...

    They've done a darn good job on win32! Just imagine the amount of work they've put in... Especially when all you need is the following options:

    o Remove .Exe attachments
    o Remove .Com attachments
    o Remove embedded (inline) e-mail files.

    But wait, that'd be too easy!