Cross-platform virus?

[Derek Broughton]

Daniel Carrera wrote:

> Eric Dunbar wrote:
>> It's not a virus
> 
> That's besides the point.

Lighten up!  You asked for an explanation, and this looks like a pretty good
explanation to me.  Where you read between the lines and see ...
> 
> a knee-jerk reaction trying to convince me that Linux is secure. 

I saw a fairly detailed description of how it _could_ work.
> 
> That link was posted by me 2 posts ago, I am the OP. I posted asking how
> the binary could run on both systems if PE and ELF have different magic
> numbers.

Part (a) may need to run under Wine, but it can then modify part (b) to run
under Linux.  But it still needs to actually have the necessary privilege
to modify an executable (which if you're running wine with a vfat windows
partition, it _would_ have).  Alternatively, his post suggests that it
isn't actually an executable in _either_ environment.  If you can take
advantage of a buffer overrun exploit, you can get x86 machine code to
execute that can't be run by any normal loader.

Perhaps Eric didn't fully explain it - after all, it doesn't really exist -
but the theory seems valid.
-- 
derek