Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I was just looking through my bulk-mail folder, and I saw a single message with an attachment. I thought it was odd, so I looked at the subject, which read: "Hi"
Now this struck a cord with what I had just read, no more than 2 days ago, probably, about a new virus spreading around like mad. So I opened it up, and here's the text of the message:
Quote:
Test =)
rnoktajcmktgwodee
--
Test, yep.
If this isn't the Bagel virus, I don't know what is. Anyway, there's an attachment left in the message, which I havn't opened yet. I was wondering, is there any way I could open this sucker up in Linux, see what makes it tick, etc? It'd be interesting, from an educational standpoint, as to why firewalls and virus-checkers don't pick these things up all the time.
Sent. However, I don't know if the attachment got forwarded. I'd be very careful about posting your email address like that. I would've done something like linux886 <at> hotmail <dot> com or something along those lines. If the attachment didn't get forwarded, I'll send it from my Linux box.
I would attach the file here, but I'm afraid of the repercussions.
If you guys want the email, I'll send it to you. But you have to email me first. Plus, you have to promise HERE that you won't do anything malicious with it. I don't want the FCC or anyone pounding on my door anytime soon.
I too, would like to see what makes it tick I will not release it excipt on I quaerntined windows 98 box. (I want to se what it does) thank you joey.dale@elkenserver.net
I think I might've found a backdoor through Yahoo's whole anti-virus check. I simply took the arguement out of the URL for the anti-virus when I copied the URL to download the file. The filesize is 15872(bytes?). At least, that's the number that registered under the filesize when I ran ls -co
If you guys want the file, I might be able to throw off the anti-virus checkers if I tarball it.
Okay, after looking at "bagel" I've come up with some conclusions:
1.a) It's funny. It says that it cannot be run in DOS mode.
1.b) It should be called "beagle", not "bagel". Whenever it references to opening files(other than [%%random%%]) it refers to a file named "beagle.exe"
2) It appears that it doesn't affect Windows 95 systems. It modifies Windows systems by changing the regestry. Here's the string:
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.