Ethical Hacking – Malicious Batch Programming
Hello everyone now let’s create some malicious/bad files in order to see that what else we can do with the help of batch programming now let’s create some batch files in order to extend the functionality of batch programming well I will use the same window salmon operating system in my VirtualBox in order to test those files so first of all we will make one batch file which will delete all the files present inside a particular directory or the files which are present inside a particular disk drive so let’s go here to my computer and here you will find one that disk drive that is local disk key so let’s create some file inside that so I’m creating a notepad file here let me copy this up and paste it some for few more times so here you will see that we have created 29 files now let’s go back and let’s open the notepad so here we will write down the code which is responsible for deleting all the files so at the rate echo off then here we will write on de el sol de L is actually command in command prompt which is used to delete a particular file or all the files you can see here the delete command is supported by a command prompt and here we’ll pass the two arguments F and Q so F is f means forcefully and then here we have to write down the path of a particular folder or a path of a particular disk drive of which we want to delete the files and we will write here local disk e and here I will just put the star then dot then star again so this symbol is actually used for selecting all the files so you can also check it here let’s go here to local disk E and if I just put it here you can see that it has listed out all the files present inside that particular directory so let me save that file so let’s save this file as delete dot dat click on save and you can see here that the files come here so now if I double click on this file or execute this file and if I go back here to the my computer local disk II you will see that this file has actually deleted all the files which are present inside local disk II so similarly what you can do you can specify here the path of a local disk C and you note and you all know that in local disk C our windows files and configuration files are present and if you want to make this file this batch file as a malicious one you can just point to system 32 directory and if this file delete solve the file present inside the system 32 directory then our system will be corrupted and it will never start once we shut down that system now let’s do one thing let’s create one more file which will shut down a particular system and we’ll give a particular message to the user so let’s go here let me close this thing and let’s create a new notepad file so we have to write down the same code at the ready go off and here we will write down message so here the msg is actually command in a command prompt in order to display a particular message so we have to write here an Asterix that is star and here we have tried down the message you are hacked and just hit enter and here we will write down the command in order to shut down a particular system so I’m writing here shutdown followed by – s means shutdown and here I will specify a particular time like – T that after particularly timer shift system will be shut down so just right here you can give any seconds that give it as 10 that after 10 seconds our system will be shut down and here we will give one more argument that is – so this is for actually displaying a particular comment so let’s right here you are hacked by batch file and let me close the double quotes and let’s just save this file on my desktop and you can just rename it as anything like hello dot bad so here you can see that if I just double click on this file so the first of all this file will display a send message that you are hacked and if I click on OK here you will see that this is this message that is comment you are hacked by the batch file and now you can see that normal system is shutting down so this is how you can also make this kind of batch files in order to shut down a particular system and you can just convert it into dot exe file and you can change its icon and you can do a lot of things so now the next thing we have to do is obviously we have to start our Windows 7 operating system again so the next example which I want to show you is actually a part of DNS poisoning attack so first let me just log in so in upcoming videos we will discuss about DNS poisoning in which we can change the DNS configuration of a particular system and then we can redirect a user of a particular website to another website so as we all know that versus the function of DNS is actually used for changing the domain name into IP address so in look in Microsoft Windows operating system there is one files called as host file which is used to mapping the domain name into an IP address so that file that is host file is present inside local disk c windows and system 32 and here is one directory called as drivers et Cie and here you can see the host file present inside this directory and if I open this file in notepad you will see here that it has listed out the sample configuration so here you can see a local host so it’s a domain name and once we type the local host in any browser we just get redirected to this IP address now what I am going to do is I will create one entry inside this file and I will point out and write down here google.com and unknown IP which means if anyone just IP in browser google comm he just get redirected to that IP and that IP and that IP is not actually a real one so that’s why the user will see her a 404 not found message or any other message now let’s go here to our notepad okay so let’s write down a code for this DNS poisoning attack so I’m just writing over here at the ready go off and first of all we will change our directory so we will go to C then windows and system32 then drivers and et Cie and here we go so let’s just verify this part by clicking over here so see windows system32 drivers and et Cie so we have to write down this D as testing okay let’s go here now here we will write down a command echo and here we’ll specify a first of all here we will write down the IP address so let’s write here local host IP address again and now let’s add here the domain name google.com and just we use this redirection Allah crater in order to save this output of echo in a particular file and that file name is hosts so let’s do one more entry with the same IP and now this time just slide down here as to DP google.com let’s do one more time let’s not do it for HTTP okay now let’s save this file so here you can see that this file is created on my desktop and in order to run this file we have to run this file with an administrator privileges so let’s go here and just run this file as an administrator now in order to verify let us go back here and let’s just open this file again and see that whether we are successfully able to make an entry in that file or not and here you can see our entries and here is our IP address and here is that domain now let’s go here and let’s start the internet explorer let’s just open a new tab so now let’s write here HTTP google.com and let’s see what happen so here you can see that our inter Explorer is displaying this error that is an infant Explorer cannot display the webpage why this is giving us an error because as soon as we just write here as TTP google.com and hit enter however this domain just get mapped to this IP that is this one localhost IP and there is no local host server running so that’s why it’s down so that’s why we are seeing this message so what else we can do is so even you can just write here a legitimate IP a public IP and if just user open that page or particular website he just get redirected to that public IP so what attackers do they actually map a particular systems into their own IP which is a malicious one so the same thing you can do for the multiple domains so this was a small introduction we can say for a DNS attack which we will cover in the upcoming video now in the last let’s create a last batch file which will disable the mouse by hitting the registry entries in our Windows operating system so while doing the windows hacking I also told you that how we can copy the Sam file by going to registry editor so first of all let’s go there so let’s write here agitate and here you can see the registry editor now what I’m going to do here is I will create a batch file which will do a little modification in the registry and will actually disable the mouse of this operating system so first of all let me take you to that path or the registry which holds the mouse settings so let’s go here to the H key local machine then system then currentcontrolset and here you will found one directory called a services and here is one directory called as most class so let’s directly go there and here you can see the directory mouse mouse class and here you can see that the mouse class driver and here the file which is we want to hit so it’s name is start and if I just double click on it so by default it value is 3 so if I just change its value and make it as a4 and click on OK and if I boot my system again then that time my mouse will not work so now what we have to do in our batch file we actually have to hit this registry and we will try to change the value of this file that is start and the data type it’s it’s a registry D word so let me just close this thing and let’s create a new notepad file and now let’s write here echo had the ready go off and this file also requires and administrative privileges so first of all we’ll write down this command set key and here we’ll write down H key local machine then system currentcontrolset followed by the services then mas class mo u CLA SS and now what we’ll do first of all we will delete the previous key which is present inside that file and that the start file and we’ll write here registry delete percentile key and then we’ll make a new entry that is our eg registry add then key and here we’ll write here the file so we can specify a file by writing here /v and the file name we saw is start and we’ll specify one more parameter hi the /t and here we’ll write a data type so the T stands for type and it’s registry D word it’s not an integer so and here we’ll specify the value or the data and that’s for now let’s just cross check and verify so it’s H key local machine and system currentcontrolset services an MOU class okay everything looks perfect now let’s just save this file as reg dot dat so you can see this file here now let’s run this file as an administrative privileges so first of all it asks us that whether we want to delete the previous registry just right on here why and now if we go here to the start you will see that we cannot add it okay nobody’s let’s just restart this operating system and let me just close this file and now here you can see that our mouse is disabled you can see here that here is my mouse on my parent operating system and if I open this one you will see that my mouse is not working so this is a very annoying trick which you can do and be sure that what you are doing while using this batch file because and also be sure to write a particular registry path and if suddenly you will write a wrong registry path then it will cause a big problem for you so in this video we have covered that what else we can do by batch programming and how we can turn a simple batch programming into malicious one so thanks for watching this video …
We acknowledge that this video belongs to the author and thank them for it’s use.
Copyright Disclaimer under section 107 of the Copyright Act of 1976, allowance is made for “fair use” for purposes such as criticism, comment, news reporting, teaching, scholarship, education and research. Fair use is a use permitted by copyright statute that might otherwise be infringing..
As found on Youtube