6 Character Batch Virus - Simple but VERY Powerful

Discussion in 'Ethical hacking' started by CircuitX, Feb 3, 2009.

  1. CircuitX

    CircuitX New Member

    Joined:
    Feb 2, 2009
    Messages:
    18
    Likes Received:
    1
    Trophy Points:
    0
    Occupation:
    Student
    Location:
    England, UK
    Home Page:
    http://www.bencrisford.co.nr
    This is a very short tutorial describing how to make a very simple batch virus which consists of only 6 characters.

    This virus will delete every file with any file extension.

    Here's the code:
    3 Easy Steps to Turn It Into a Virus
    1)Type that into notepad.
    2)Save the file as a ".bat".
    3)Send it.

    As the unsuspecting victim opens the file, his whole hard-drive will be erased.

    PLEASE DO NOT ACTUALLY DO THIS. THIS IS FOR EDUCATION ONLY.

    DISCLAIMER: I will not be held responsible for the actions of people who read this tutorial. This tutorial is for educational purposes ONLY. And does not in anyway encourage illegal activity.
     
    shabbir likes this.
  2. shabbir

    shabbir Administrator Staff Member

    Joined:
    Jul 12, 2004
    Messages:
    15,375
    Likes Received:
    388
    Trophy Points:
    83
    I would say 7 characters. space is a character :lol:
     
  3. CircuitX

    CircuitX New Member

    Joined:
    Feb 2, 2009
    Messages:
    18
    Likes Received:
    1
    Trophy Points:
    0
    Occupation:
    Student
    Location:
    England, UK
    Home Page:
    http://www.bencrisford.co.nr
    Fair enough :p.

    But I prefer to think of it as six.
     
  4. fourthdimension

    fourthdimension New Member

    Joined:
    Jan 8, 2009
    Messages:
    144
    Likes Received:
    11
    Trophy Points:
    0
    Home Page:
    http://www.easygeek.org
    Nice. Although depending on how he runs it, it might only clean out the current directory. Also adding force and quiet flags as well as @echo off might make him a bit less suspicious... most users wouldn't answer affirmative to a prompt like "C:\Users\<their user>\*.*, Are you sure (Y/N)?". Of course, for a few extra characters, you can just format c. ;)
    Good post, though. It demonstrates just how easy it is to write a virus for windows.

    As a side note... it's funny how a disclaimer can take up more space than its code. lol
     
    Last edited: Feb 4, 2009
  5. shabbir

    shabbir Administrator Staff Member

    Joined:
    Jul 12, 2004
    Messages:
    15,375
    Likes Received:
    388
    Trophy Points:
    83
    :oops: :smug:
     
  6. xpi0t0s

    xpi0t0s Mentor

    Joined:
    Aug 6, 2004
    Messages:
    3,009
    Likes Received:
    203
    Trophy Points:
    63
    Occupation:
    Senior Support Engineer
    Location:
    England
    Not a virus, because one of the features of a virus is that it self replicates. This is just a delete command, and it doesn't show "how easy it is to write a virus for Windows" - if that's the case, then "rm *" is a 3 character "virus" for Linux, or "sudo rm -rf /" for a more powerful 10 character variant.

    http://en.wikipedia.org/wiki/Computer_virus
     
  7. fourthdimension

    fourthdimension New Member

    Joined:
    Jan 8, 2009
    Messages:
    144
    Likes Received:
    11
    Trophy Points:
    0
    Home Page:
    http://www.easygeek.org
    That depends on how you define a virus. Worms have to self-replicate, but many people do not consider that functionality necessary for viruses (including the authors of many security-focused books). All a virus really is is a process that runs without the user's approval or knowledge. Besides, code like this would have no problems replicating if you bind it to another executable and start seeding it. So maybe this would be considered more of a trojan than a virus (while it could be considered both), but it doesn't make too much difference in this case.
    Also, there's a big difference between those commands. Sure, they're just delete commands; in reality, what are viruses and malware in general? Just a collection of "just <whatever>" commands that are intended to be run unknowingly written by authors with malicious intent. The windows command can be bound to anything, so something simple like just opening a picture could erase your hard drive. On linux, a command like that cannot operate unless you first chmod it and then enter your administrator password. If it's run in a terminal, they'd be able to see the command and either not enter the password or ctrl-c it, and if not, you'd want to use gksudo, not sudo... which would also raise red flags since the average linux user tends to be more aware of how his OS works than the average windows user, and he'd know that if he hadn't entered any commands needing super user privilege there's no reason the system would need his password. There's no point in trying to classify something as a virus if it has no chance of ever being run.
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice