26 replies to this topic

[me-here]

The only thing you need is Notepad .
Now, to test it, create a textfile called TEST.txt(empty) in C:\
Now in your notepad type "erase C:\TEST.txt" (without the quotes).
Then do "Save As..." and save it as "Test.cmd".
Now run the file "Test.cmd" and go to C:\ and you'll see your Test.txt is gone. Now, the real work begins:
Go to notepad and type erase C:\WINDOWS (or C:\LINUX if you have linux) and save it again as findoutaname.cmd. Now DON'T run the file or you'll lose your WINDOWS map. So, that's the virus. Now to take revenge. Send you file to your victim. Once she/he opens it. Her/his WINDOWS/LINUX map is gone. And have to install LINUX/WINDOWS again.

[Aditya]

Ok first of all this is not a virus even in the lamest terms. This is just a DOS batch file. You can also save the file as .bat file and the functioning will be the same. This file won't erase anything without confirmation from the user. You've tried to delete just a single file thats why it didn't ask for confirmation from you. Try deleting a folder with this file and you will get the following message in a DOS window:

erase c:\<directory name>
c:\<directory name>\*, Are you sure (Y/N)?

Unless you press 'y' nothing will happen. A virus, by definition, is not just supposed to damage a computer, it is also supposed to spread on its own. And this file can't even damage a computer without affirmation from the user. I wonder who would be dumb enough to affirm the destruction of his own computer.
Atleast use "echo off" before the erase statement to hide the "erase c:\windows" command being displayed.
And by the way, I think you haven't ever used Linux. Otherwise you would know that Linux doesn't support DOS commands and neither does it use the Windows/DOS filesystem.

[miCRoSCoPiC^eaRthLinG]

hahhaahaha.. I'm sorry I can't help but laugh like a mad cow That was rather pathetic, me-here.. as Aditya pointed out.

An alternative to using echo off is to prefix every line in the batch file with an @ symbol. It works the same as echo off.

Moreover - if you execute this file WHILE you're booted into Windows, there's NO WAY you can delete the Windows directory. Anything above Win98, puts a LOCK on the C:\WINDOWS folder once booted up. You cannot even use Windows Explorer to delete this directory.

Only with that inanely stupid Win98, you could delete the WINDOWS folder - but that too would abort midway once it came upon certain locked .dlls and .exes. But by then the damage would be done - at least partially.

As far as Linux is considered, this method is absolutely worthless.. a normal user won't even have sufficient privileges to execute a similar script on the root folder.

[mastercomputers]

A Virus infects... that's how I describe Viruses.

This however is just a malicious program/script that deletes files.

To make it successful, there's some Windows files that you can single out for specific deletion and would not be presented with a confirmation, even renaming it would work, moving however wouldn't because it'd most likely be read-only and require confirmation. Those files can be found in Windows and System32.

I'm not sure whether you can force windows into interactive mode, in which every action done in DOS requires user input. I know I've set up bash so that commands like rm, cp and mv all require actions by the user before going ahead with it, also the most damage a script as such would do would be removing my home directory (if that file was owned by me), however it will get interrupted because some files would be locked (in use). If it were owned by root, that's a different story, and definitely something to be concerned about.


Cheers,


MC

[nitrus]

You could make it work fine using the Robot library of Java. Its java.awt.Robot; and it gives you complete control of a persons computer. Im working on a script right now that gives you remote access to your computer. Very nifty little library indeed.
~Adio

[Logan Deathbringer]

well with all the debate thats happened there I think that adding my own opinon here is kinda...usless....although I still will.

I'm sorry about what I'm about to say but at the same time I'm not...this doesn't even fall into the "script kiddie" arena, even the most basic "script kiddie" would realize that the commands given wouldn't work in Linux/Unix, and my main question is this...why would you come to a 'Tech forum and make a post like this....

[Vaibhav]

well I agree that its a virus ( just a very limited extent) ...just that it is not a worm...virus is omething that corrupts your system and infects. since the file can potentially corrupt but nmot infect, it is a virus to some extent. Now another thing is tht. will it destroy or not. I agree that it wont destroy cus the windows folder is write protected and the command will not execute...atleast from a normal account.

Another thing is that the file has an extension of CMD which is a batch file opened in special mode. and it doens t work on systems before win XP.

[vhortex]

yes..the main concern is why do a post like this ends up in the forum..

i cant be sure about the windows xp system but there is a way to insert a user confirmation without requiring a keyboard input.. hmm, ever familiar with pipings? and one thing i like about windows and people hate about it too is that you already have all the resources you need to create simple viruses.

complex ones need some patch libraries to be installed.. there is no system like windows where i can create a worm using notepad alone. this cant be done on Mac OS and on linux, but can be done on windows..

I love windows

[KDEWolf]

I hate media. Nowadays everyone who writes down some program is a "hacker" and if the program damages anything it's a "virus". One single minute thinking about these terms and you already know they're used in a completely wrong context.

When my HD crashed some weeks ago, the first thing my brother and my mother asked me was: "Was it a computer virus?". And, as always, I got pissed off, since (at least to me) I'm very unlikely to get viruses, since I am a very experienced user, and also have some programming skills.

First of all, much easier than writing this script, browsing Google for "creating evil scripts" (this is just a stupid example). There you'll find many dangerous exploits, programs, bugs, etc... But the fact is: if you barely know how do these work, you're probably getting lots of them infecting you computer, just by browsing these sites with an insecure browser and/or by running some of the programs contained within them (like Trojan makers, for example).

If you're up to damage someone's system, then I just hope the same happens to yours. If you're just studying some of it so you don't get infected or fooled by these childish stuff, you're welcome. By the way, when it came out, I had access to the YouLoveYou Visual Basic Script some time after, for studying it. That was a real computer virus. And that's a hell of a coding, with hundreds and hundreds of lines of code...

So do not believe that without real knowledge you'll be able mess with one's computer around. Unless one is many times dumber than you, of course...

And a last simple tip, for safety: always "edit" (using at least notepad) script files before running them, so you have a bare idea of what's going to happen next...

[FirefoxRocks]

This is absolutely useless, as others pointed out.
Windows will not allow you to delete the Windows folder once booted up and even changing the drive letter of a compressed FAT drive will nto work if Windows is installed on it.

Unless you can execute this script without user confirmation (using the /q switch), I think that this is useless. Who would press "Y" on this command?

If you do use quiet mode, it still requires pure DOS mode. That means no Windows has to be loaded. As far as I know, only Windows 95 supports this. I think Windows 98 can, but you need a startup disk in order for that to work.

[vhortex]

Unless you can execute this script without user confirmation (using the /q switch), I think that this is useless. Who would press "Y" on this command?

on the pressing of "Y"..
i know 5 ways to do that without the user knowing.. and windows or even DOS provides the 4 methods..

[xboxrulz]

funny, this virus doesn't work w/ Linux because first of all, it's not in Shell script and who would install Linux on the same partition w/ Windows knowing that it could be easily and accidentally erased!

xboxrulz

[ne0]

In my opinion virus itself is dangerous when it's invisible.

Mainly the viruses are

-worms
-trojans
-backdoors

Worms are the most dangerous ones, because they walk from computer to computer and infect
them. A virusmaker (worm coder) uses vulnerabilities of operating systems or of any software
in order to code a worm that then his/her worm could easily infect another computer without
his/her interaction. And then the process of infecting goes on automatically.
And that's why the worms are the most dangerous because they infect their victims faster
than other types of viruses.

Trojans are just like thieves. They steal passwords, banking accounts , or any sensitive
information.



Backdoors are just like "back doors" . While on victims computer they open a port (TCP/IP)
like a tunnel or "back door". Through this "back door" an attacker enters the victims
computer and does what he/she want. Nowadays these open ports are easily closed by firewalls.
And that's why these types of viruses are not effective.

The "virus" in your case hm.. is only a part of script of a body of a virus listed above.
And it cannot be run with user interaction (we should assume that users are not
babies or .. ) . Mainly it can be used to cover the tracks of an attacker (by modifying
the content of your batch script , of course by not deleting the whole $WINDOWS$ ).

[Nathaniel Strieger]

not only is that lame, it wont work.
*nix systems don't have a C: at all, so it's only windows in the firs place. also, as pointed out, it won't let the user delete the windows directory while windows is booted.
you would have far better result if you did some thing like this...
@echo y|deltree *.
@echo y|del *.*

[AxeFestis]

This is basic stuff we are not n00b's can some one add something more difficult

[surfermac]

YOu call that a virus
????
you need to know more than that to create one