Is rust feasible for trojan , malware ,viruses etc?

Hello all,

I recently came across a post which said that C is the best language for creating trojan , malware,viruses etc. Some said that writing malware in C++ is also a feasible option as they both provide inline assembly.

I was wondering if rust can be used for it as well ?

P.S. no Malicious intentions..just hungry for knowledge.

Thank you community!

3 Likes

The short answer to this is "yes!", although it's probably going to be beneficial if we deconstruct the question a little.


When you think of it, malware is just another type of program and you can (in theory) create malware in any turing complete language. For example, most viruses and spyware are just programs that use the operating system's APIs for nefarious purposes (e.g. starting up the webcam or taking a screenshot when you're doing online banking). Inline assembly can sometimes be useful but the standard library is usually all you need, although in Rust you can use the libc (for *nix) or winapi (windows) crates to directly use OS-specific code.

I know Windows gives you ways to create a thread that's owned by another process, effectively allowing your malware to "migrate" to other processes by just calling some create_thread_owned_by_process() function and passing it a pointer to the function to be executed. As a real-world example, metasploit's meterpreter does this and it's really cool to see!

On a practical note, the hardest part of creating malware would be making sure your code gets run by the target. Languages which compile to native code have a massive advantage here because you just need to copy a binary to the target's machine. Compare this with a language like Python where your target would also need to have installed the Python interpreter, standard library, and any 3rd party dependencies you use.

Even malware which will embed copies of itself into another executable doesn't care about the programming language it's written in. An executable is just another file (albeit one which is special-cased by the OS), so what's stopping you from opening the file, moving some bytes around, then saving it again? There are loads of libraries for reading and writing executables (for Rust, the goblin crate is quite nice).

This might sound a bit funny, but I'd actually recommend you try this out yourself as an educational experience. Writing these sorts of programs is a great tool for learning how an operating system works and is designed, or how you can coordinate a distributed system (think of a C&C server trying to distribute tasks or updates). I wouldn't say it's much of a risk because you'd expect any anti-virus worth its salt to detect something made by the average person, and that's assuming you follow the project through to completion and write something that works (e.g. my GitHub is full of old half-completed toy projects :stuck_out_tongue_closed_eyes: ).

8 Likes