NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

use Perl

All the Perl that's Practical to Extract and Report

Robrt
(email not shown publicly)

robert at perl dot org

Monday November 10, 2003

01:08 AM

[ #15674 ]

Include the EICAR virus string inside another more malicious virus and hope the virus scanner identifies it as EICAR.

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Without JavaScript enabled, you might want to use the classic discussion system instead. If you login, you can remember this preference.

And then what? (Score:1)

by grantm (164)

Surely the point of the EICAR test virus [eicar.org] is that anti-virus software treats it exactly the same as a real virus - ie: auto-delete or least quarantine. So any malicious code you'd added wouldn't get a chance to run.
virus in 60 bytes? (Score:2)

by ask (83)

(Unless your point is that maybe some anti virus software is too dumb anyway ....)

I thought the eicar thing was only allowed to be 128bytes long ... And I don't think it's allowed to contain anything else than the eicar string and whitespace.

- ask

--
-- ask bjoern hansen [askbjoernhansen.com], !try; do();