WaveFunc's Goofy Batch Virus Generator ====================================== Constructed in October 1995 Requires DOS 6 to function Enter BVGEN to start program Requires the files SETINVAR.COM and CONVBAT.EXE to work. Defines SHOW as the file viewer and EDIT as the file editor (alterable). A version of SHOW.EXE is included, no idea where it's from but does the job. This program makes batch viruses in case you haven't figured that out yet. So if this is against your policy, delete this program right now before your monitor melts and your processor strips a register. File sizes... SETINVAR.COM = 544 bytes CONVBAT.EXE = 3963 bytes SHOW.EXE = 4932 bytes If any of these are different you might have a real virus. I won't bother to list BVGEN.BAT's size - it's in a constant state of flux right now. This program and the batch programs it generates are provided purely for the personal persuit of knowledge and batch file appreciation. Viruses tend to have a bad rap but so does the batch programming language. Kind of works. Please do not add damaging code, it is in bad taste and detracts from the beauty of the art form. If you add code, add clever, unusual, insightful... Writing a 'real' virus is too easy, and the dangers are all too real that your creation will wreak havok upon the world. Takes the fun out of it. Batch viruses provide a mechanism by which replicating code can be explored for the code's sake without the dangers normally associated with these things. I'm not saying you should run them or anything. Using the Batch Virus Generator ------------------------------- If ANSI.SYS is loaded, the program will use ANSI screen codes which make the interface much smoother. The non-ANSI version of the menu must clear the screen with each variable change but is otherwise functional. Select the corresponding menu key to change the variables. Some options act immediately while others prompt for input. A - Virus Type Appending - merely copies the virus code to the end of a victim batch. Because of its simplicity there are many limitations. The virus Must use a hidden file because of the need to call itself. The host batch always runs first, then the virus (maybe). Inserting - copies the virus code before the host batch, ensuring it will always run when the infected batch is run. This is somewhat better than appending types, but still suffers from a problem that is brought out by batch files which call themselves - the virus runs with every loop. Compound - this time solves the loop problem by gaining control ahead of time, running the host to its completion then regaining control to reset the loop variables that make it possible. The virus bulk can be chosen to run before or after the host batch is run. Before is more virus-like. B - Name for files - this is a base name to get names for the output and config files from. Also used for some internal strings. Should not exceed 8 characters and must not include any . or extension. Just the name. C - Key String - a unique sequence of characters (up to 7) to define the virus lines. This must be chosen carefully to ensure it does not normally appear in batches. Any batch containing this string is assumed infected. Do not exceed 7 characters or the virus won't work! D - Infects per run - a string of 1's to indicate how many files the virus will infect on any one run. 1111 means 4, 1 means 1, etc. If blank the virus will reproduce until the seeks limit is reached or it runs out of files. E - Seeks per run - a string of 1's to indicate how many times the virus will seek for files before quitting. If blank the virus will seek until it finds an uninfected file or runs out of files. F - Search Elements - where the virus looks to find files to infect. Several strategies are available, including current, parent, path and various orders and combinations. Different code is produced depending on if it's a directory list that includes the path or a direct mask list. If you want to experiment with other stratagies it is easy to alter the produced code. It should be apparent where the virus will go - . .. %path% means the current is checked first, then the parent directory, and then path directories. The direct mask ..\*.bat *.bat means the parent will be checked first, then the current. If the path is not involved, the direct form is used for efficiency. G - Find Host? (Yes/No) - if Yes it generates code to search for the host in path directories if not present in current. This eliminates the need to have to run the infected batch from the directory it's in to infect or create a hidden copy. Appending viruses cannot use this option. H - Use Hidden Copy? (Yes/No) - if Yes will place a copy of the virus code into the root directory of drive C. This makes the virus faster by not having to always find the host batch, and by allowing the code to run from a smaller file. It also allows infected batches to still infect from the path provided the file sticks around. If removed the virus must be run again from the current directory to recreate the file (unless the Find Host option is used - then it will always recreate it). Appending viruses must use a hidden copy, impossible to call itself. I - Date Conditions - one or two strings that must match the output of the DATE command for activation to occur. If two strings are specified they must both match. If undefined, date is not considered. Specific dates are easy, if you are not sure, go to a DOS prompt and enter DATE, you're comparing to this. J - Time Conditions - same thing for TIME command. If date and time are jointly specified, all conditions must be true to run the activation code. It is easy to make the virus activate on Fridays in the afternoon. It is harder to narrow down a specific time but it can be done. K - Activation File - this holds the name of a file containing code to incorporate into the virus. If conditions are specified the code will run when all conditions are true. If conditions are specified but code is not a stub marking the position is included. All activation code is user supplied. BVGEN automatically adds the signature string to the version put into the virus so you don't have to clutter the code with %_ViRuS% symbols. You might have to double check the conversion, an echo'ed qbasic program is used to do the processing. The epitimy of anarchy but it works. Note: In order for a batch to make another batch it must use alternate characters to define redirection and pipes. I chose { } and ^, if you use these characters they will be converted to < > and | with the corresponding changes to the routine's behavior! The CONVBAT.EXE filter program is used to accomplish this task. Selecting Activation File from the main menu will take you to a mini-menu that lets you list, edit, sample-run or change the name of the activation routine. Lots of bugs in this part of the code... M - Make Batch Virus - builds the virus into a BA file then displays the generated code with SHOW (or whatever viewer is defined). N - Save Config File - saves the virus parameters to a CFG file to reload as soon as the new Name for files is given. See %path% limitations under Search Elements, this element is not always saved. O - Program Notes - calls up this text file. P - List this batch - displays the code for the BVGEN.BAT file. Q - Quit - that means I'm done with this doc.