https://github.com/guitmz/nim-cephei

Probably the first ELF binary infector ever created in Nim.
https://github.com/guitmz/nim-cephei

elf malware nim virus

Last synced: 22 days ago
JSON representation

Probably the first ELF binary infector ever created in Nim.

• Host: GitHub
• URL: https://github.com/guitmz/nim-cephei
• Owner: guitmz
• License: gpl-3.0
• Created: 2017-08-18T11:24:25.000Z (over 7 years ago)
• Default Branch: master
• Last Pushed: 2020-06-23T09:52:09.000Z (almost 5 years ago)
• Last Synced: 2025-04-09T16:19:06.529Z (22 days ago)
• Topics: elf, malware, nim, virus
• Language: Nim
• Homepage: https://www.guitmz.com/linux-cephei-a-nim-virus
• Size: 16.6 KB
• Stars: 28
• Watchers: 3
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Linux.Cephei

This is a POC ELF prepender written in Nim. I like writting prependers on languages that I'm learning and find interesting. Nim is a very nice one!    

It is probably the first binary infector ever written in this language, that's neat.    

The above affirmation is based on SPTH LIP page: http://spth.virii.lu/LIP.html

# Build

Build with:

```$ nim c -d:release --passL:-static cephei.nim```

You can also build with Docker: 

```$ docker run --rm -v `pwd`:/usr/src/app -w /usr/src/app nimlang/nim:alpine nim c -d:release --passL:-static cephei.nim```

Note that Nim version used was 0.17.0, the latest at this moment.

# Binary Sample

A static binary sample is also available at https://www.guitmz.com/linux.cephei

```

$ file linux.cephei

ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, not stripped

```

# Demo

[![asciicast](https://asciinema.org/a/RIYDinGMsBqCNOKi8K2MakSoF.png)](https://asciinema.org/a/RIYDinGMsBqCNOKi8K2MakSoF)