HaCKeRz Kr0nlcKLeZ 1

home *** CD-ROM | disk | FTP | other *** search

/ HaCKeRz Kr0nlcKLeZ 1 / HaCKeRz Kr0nlcKLeZ.iso / chibacity / zoomhdii.cpt / Zoom HD II Trojan Horse Info next >

Wrap

Text File | 1991-04-08 | 3.7 KB | 91 lines | [TEXT/????]

"ZOOM HD" TROJAN HORSE ********************** SETUP Simple, really. All you need is ResEdit. Open up ╥Zoom HD II╙ with it. Now, open up the resource "STR#", resource ID # 129. You'll notice a very long list of text fields (100 to be exact), most of which are filled with ":null:". This is fine. Basically, each field contains the pathname to a file you wish "Zoom HD" to delete while on its rampage. You'll notice that the first eight or so fields have been filled, with things like "Desktop" and "System Folder:Finder". Let's explain, shall we? In case you don't know the structure of a path name, it goes like this: :<folder>:<file> i.e., a colon, then the name of a folder, then a colon, then the name of a file. The number of folders can be extended indefinetly: :<folder>:<folder>:<folder>:<folder>:<folder>:<folder>:<file> If the file you want is in the root directory, don't use any colons or folder names, just the filename. <file> So, it is obvious that the path name ":System Folder:Finder" would be for the file "Finder" in the folder ":System Folder", while the path name "Desktop" would simply mean the file "Desktop" in the root directory. As said before, you can nest folders as deeply as the Mac OS allows, so you could concievably do something like ":Games:Omega:Resources:Alpha.tnk" to mean the file "Alpha.tnk" in the folder "Resources" in the folder "Omega" in the folder "Games". You get the idea. However, you must be vitally sure that the path names you supply actually exist, or "Zoom HD" will bomb. AND, all pathnames MUST refer to files on the hard disk. If you have leftover text fields (i.e. you only have 30 files you want to zap instead of 100), fill all the non-pathname fields with ":null:". By this "Zoom HD" will know this isn't a pathname it should use. If you wish to change the bogus screen which pops up, just ResEdit it and/or the little icon. Have fun! ********************** LOGIC Here's what "Zoom HD" does... First, it pops up a bogus window stating "Scanning hard drive" or something. Then it begins reading the path names from the "STR#" resource ID # 129. For those that aren't ":null:", it does the following: it gets the byte length of the file, then it reduces the ENTIRE FILE to 2048* bytes less than that, then it deletes it. Since it was shrunk before deletion, the file is corrupt. Not completely corrupt but enough so that if it's an application it won't run right, and if it's a data file it won't have all the data. *The 2048 bytes are taken like this: 1024 from the data fork and 1024 from the resource fork. If it doesn't HAVE 1024 of each in the first place, "Zoom HD II" won't take anything out. ********************** MISCELLANEOUS STUFF OK, I'm not responsible for anything that happens with this. I just wrote it and the program to DEMONSTRATE how a trojan horse works, not to actually have people use it. So you can't sue me if you DO use it, because you shouldn't. It's immoral, illegal, and generally quite obvious. Oh, yeah, you might find that the application itself would seem a bit small for a utility such as this is pretending to be. And if your victim has any brains he might think the same thing. So to beef up the size. you might want to install large fonts or DAs, or a bunch of ╥CICN╙ or "PICT" resources into it; these all take up quite a bit of room (to a more believable size) and shouldn╒t hamper ╥Zoom HD II╙╒s performance at all. But don't lock the file. And tell your victim it won't work if the file is locked.... If you know who the author is (you should, if you have this file), then you may ask him for the THINK Pascal source code files. If he's in a good mood he'll let you have them. Remember this is for DEMONSTRATION purposes only!!!!