informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/uploads/debugmsdosbatch.txt

175 lines
8.8 KiB
Plaintext
Raw Permalink Blame History

******************************************
******************************************
*** HOW TO DEBUG MS-DOS BATCH LANGUAGE ***
******************************************
****************************************** by cOrRuPt G3n3t!x
I once again wanted to learn something new in batch, how to debug my normal code to binary code and then assemble
it at a later stage and execute it. The good thing about that is the code is in binary form and i don't
think anyone is gonna sit and learn binary when you can just debug from your console and get the figures! So the
language can basically be considered encrypted. As far as i've tested my 2 AV's NOD32 and Avast don't pick up the
binary code. So i went around the internet looking for a tutorial of some sort to start me out, or even the binary code
and its corresponding characters, BUT FOUND FUCK ALL!!! So back at square one and determined to learn how i set off
on my new task it took me about 15 minutes to get the hang of things and another 5 minutes to work out where my errors
in the code where. But i have accomplished my task and now want to teach others also struggling to find a debug tutorial how!
So with out further adoo i present to you...
1)The basics and Purpose (as far as I understand):
------------------------------------------------
Well as i told you i have no backround information on debugging because i couldn't find any tutorial. but from
what i've seen the what debugging basically does is take the characters you enter into your batch program and replace them
with specific numbers and letters which correspond back to a certain letter in the alphabet. Binary was first used
in batch to debug pictures, sounds etc which then made it possible for a batch program to display an actual picture
or play an actual sound. But as other VXers soon found out, it could be used to encrypt their batch in a completely
different way (it kinda brought a 3rd dimension to batch scripting).
2)Pro's and Con's:
---------------
Their are a few advantages using binary code as opposed to normal encryption and batch techniques. First off we can hide our virus
payload in binary until the AV is disabled or 'taken care of' ;) and then execute the actual binary into the original script
and there you have it! Another advantage is the fact that not many users are familiar with this coding or method and therefore
it won't really alarm them into thinking it's a virus. However a major disadvantage (which maybe the results of my utter lack
of proper research) is that when converting to binary all the code that MS-Dos gives us has to be taken down manually!!!!
So creating a huge multipart, polymorphic batch virus is not impossible; but rather impractical!
3)Creating Batch To Debug:
------------------------
Well i am only going to show you one example of how to debug code as the rest are exactly the same, only the size
of the script needs to be changed and new binary values need to be put in! We will start with the legendary "Hello VXer"
Which as far as i know was coined by non other then the great SPTH vxer. So we will make a simple batch that will display
the text 'Hello Vxer' in a CMD window to do this see below:
--------------------------------------[Cut Here]---------------------------------------
@echo off
echo hello VXer
pause
exit
--------------------------------------[Cut Here]---------------------------------------
Now copy and paste code to a .txt and rename it to 'hello.bat'
Then run the code and a text displaying 'Hello VXer' should be displayed.
3a)Actual Debugging Method:
-------------------------
Now that we have our normal batch script in hand we shall now begin to learn how to debug it. Firts we move
our batch file to the directory C:\, next we open Command Prompt, now in the CMD window type DEBUG C:\hello.bat
next you should see something like this in your CMD windows
C:\Users\CorruptGenetix)DEBUG C:\hello.bat
-
Next we type RCX and press enter
C:\Users\CorruptGenetix)DEBUG C:\hello.bat
-RCX
Next the screen will look like this
C:\Users\CorruptGenetix)DEBUG C:\hello.bat
-RCX
CX 0027
:
CX 0027 is the size of our script which is integral in debugging!
Next press enter again and the screen should then look like this
C:\Users\CorruptGenetix)DEBUG C:\hello.bat
-RCX
CX 0027
:
-
Now type D and press enter the screen should then look like this
C:\Users\CorruptGenetix)DEBUG C:\hello.bat
-RCX
CX 0027
:
-D
1761:0100 40 65 63 68 6F 20 6F 66-66 0D 0A 65 63 68 6F 20 @echo off..echo
1761:0110 68 65 6C 6C 6F 20 56 58-65 72 0D 0A 70 61 75 73 hello vxer..paus
1761:0120 65 0D 0A 65 78 69 74 00-00 00 00 00 00 00 00 00 e..exit.........
1761:0130 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
1761:0140 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
1761:0150 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
1761:0160 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
-
Before we continue a few tips unless you see alot of zero's like the above one it may not
be the end of the debugged script and you may need to type D and press enter again until alot of zero's begin to appear
then you shall know you've reached the end of your script. Another thing is you don't need to understand
all these figures just copy them down to a txt file but do not use copy the hyphens or the zero's only up to the last
digit which is line 8 and ends with '74' and ignore the '1761:' and the '@echo...' comments to the right
so you should have copied down this
0100 40 65 63 68 6F 20 6F 66 66 0D 0A 65 63 68 6F 20
0110 68 65 6C 6C 6F 20 56 58 65 72 0D 0A 70 61 75 73
0120 65 0D 0A 65 78 69 74
Now we have successfully converted our batch to binary, but this binary is useless so in order to use it we have to re-assmble
it to it's original script (if you are confused as to why we want to re-assmble this after we have jus de-assembled it i dont
think you have grasped the concept and should end reading this tutorial now :)) now i will show you step by step how to re-assmble
this binary into a woking script.
Now when coding back to a script we write the binary to abtch file that will then write to a seperate file which will then be dubugged
and renamed to a operable batch file, see below the script and comments:
::echo is used to write the lines of data to a seperate file for debugging purposes
echo e 0100 40 65 63 68 6F 20 6F 66 66 0D 0A 65 63 68 6F 20>>vxer
echo e 0110 68 65 6C 6C 6F 20 56 58 65 72 0D 0A 70 61 75 73>>vxer
echo e 0120 65 0D 0A 65 78 69 74>>vxer
:: In the above lines we echo the boinary code to a file called vxer (it can be called whatever you like)
:: we have to remember to put the 'e' infront of the binary codes lines to make sure the debug.exe knows what
:: it is doin (debugging)
echo rcx>>vxer
:: Next we get the size of our code, which when we were first debugging the original batch script was CX 0027
echo 27>>vxer
:: we now write the file size into the file vxer. we leave out the CX and the zero's and only write the digits which is 27
echo n bat>>vxer
:: in the above line we name our file which i just simply called bat it can be whatever you like but the 'n' has to be there
:: as it's the parameter used for naming the file
echo w>>vxer
:: The 'w' tells the debugger to now write the code to the file BAT in tha above lines
echo q>>vxer
:: the 'q' quits the debugging process
debug<vxer
:: this is where the actual debugging takes place remeber the '<' is needed in order to do process the file for debugging
ren bat helloVXer.bat
:: this will rename the 'bat' which we called the program a few lines up to an operable batch filr (with the extension .bat)
del vxer
:: this will delete the file used to debug the code.
You should now see a file called helloVXer.bat in the current directory, this is the working batch script which we debugged and re-assembled
run it and the text 'hello VXer' shall appear, so we have went from a script to a binary which got debugged and now gave us the batch we processed
earlier on.
This technique can also be used to debug pictures, sounds, VBS scripts, .exe's, .com's and many more. I hope this tutorial sheds some light
on the illusive debug.exe in windows. If there are any problems or queries feel free to contact me and i'll do my best to help.
[?]Contact Me:
-----------
[@]immortalassassin@rocketmail.com
Reference in New Issue View Git Blame Copy Permalink