Tutorial Batch File Programing 2

Setelah kita belajar menggunakan perintah dasar batch file menggunakan "echo" sekarang waktu nya kita melakukan penggabungan dengan perintah-perintah internal. Dalam tutorial ini kita hanya perlu memasukkan perintah-perintah apa saja yang akan kita gunakan nantinya.

Yuuk, kita langsung pada tutorial nya.

1. Pada file yang telah kita buat dalam Perintah Batch file yang lalu bernama Coba1.bat coba anda tambahkan perintah "dir > latihan.txt" tepat diatas perintah "pause". Perintah ini berfungsi untuk membuat sebuah file baru bernama "latihan.txt" dan kemudian mengisinya dengan hasil dari perintah "dir" pada folder yang aktif saat itu sehingga script pada file Coba1.bat anda akan menjadi seperti ini.

Echo off

cls

Echo halo semuaa....

Dir > latihan.txt

Pause

2. Anda simpan hasil tersebut dengan nama yang sama dan coba anda jalankan.

3. Coba anda perhatikan pada jendela Command Prompt yang muncul. Tidak akan terlihat adanya efek yang berpengaruh dengan ditambahkan nya perintah "dir > latihan.txt". Di jendela Command Prompt memang tidak akan terlihat efek yang terjadi, tapi coba anda buka Windows Explorer kemudian anda perhatikan di folder tempat anda menyimpan file Coba1.bat disimpan. Pada folder tersebut akan muncul sebuah file bernama "latihan.txt". Anda klik pada file tersebut untuk melihat isi nya. Jika dilihat isi file tersebut adalah daftar nama file dan folder serta informasi lain seputar direktori anda. Ketemu kan efek nya dari penambahan perintah
"dir > latihan.txt".

4. Selain anda menggunakan perintah "dir" sekarang cobalah menambahkan perintah "copy" untuk menyalin file "laporan.txt" ke Drive C.

5. Anda hapus file "latihan.txt" pada folder yang pertama. Setelah melakukan kedua perintah tersebut maka listing program yang anda buat akan tampak seperti ini.

Echo off

cls

Echo halo semuaa....

Dir > latihan.txt

Copy latihan.txt C:\

Del laporan.txt

Pause

6. Anda simpan perubahan tersebut dengan nama yang sama dan anda coba jalankan.

7. Pada jendela Command Prompt yang muncul akan terlihat penjelasan "1 file(s) copied". Penjelasan tersebut menandakan bahwa telah dilakukan nya penyalinan sebanyak 1 file. Kemudian anda periksa pada drive C anda apakah ada file hasil salinan dari "latihan.txt" dan anda lakukan juga pengechekan pada folder penyimpanan pertama file Coba1.bat anda. Apabila berhasil akan tampak file "latihan.txt" pada drive C anda dan akan hilang file "latihan.txt" pada folder penyimpanan pertama anda.

Nah dengan beberapa langkah tersebut anda dapat membuat sebuah virus kecil-kecilan, ya seperti memindahkan file tanpa diketahui. Jika belum berhasil coba anda check ulang kembali isi file Coba1.bat dan ikuti langkah-langkah mulai dari atas.

Semoga Tutorial Batch File Programing 2 ini berguna bagi anda. Next kita akan membahas tutorial batch file menggunakan perintah eksternal. Regards.

Sumber Buku Belajar Membuat Virus.

Conficker.C

We've been tracking the Conficker worm since it launched itself into the wild last November; despite the best efforts of security officials worldwide, the worm still hasn't been completely crushed. The original flavor and its nastier follow-up (Conficker.A and Conficker.B) have been locked down, but the worm's creators have a third version (Conficker.C, naturally) prepared to hit the tubes come April 1. The new "C" twist won't have all of the tools "B" used to replicate, but it will be able to detect and kill certain system processes designed to find and remove it.

Ars spoke with Don DeBolt, CA's Director of Threat Research, to get some additional information on Conficker.C, its threat profile, and why the gosh-darned thing isn't dead yet. CA (formerly Computer Associates) has published an extensive guide to Conficker.C, which includes information on its attack vectors, behavioral analysis, and how to tell if the "C" variant of Conficker is running on your system. This last part could pose a challenge—unlike previous versions, C adopts what DeBolt refers to as a "defensive stance" and throws up a number of roadblocks, all of which are aimed at hindering user detection of the worm.

The security industry was collectively able to put the brakes on Conficker.B's expansion when they managed to reverse-engineer the virus and determine which domains it would attempt to register and dial home to on particular dates. With Conficker.A and B, the worm chose to contact 32 addresses out of a possible 250 on any given attempt. With their algorithm broken, the malware authors went a step beyond updating their randomization/selection code—they also vastly increased both the number of domains the worm could generate as well as the number it will randomly select. Conficker.C will select 500 domains out of a randomized pool of 50,000 instead of the previous 32/250.

This will drive up the cost of operating the botnet (we've previously covered how vulnerable malware networks can be to changes in their cost structure) but will also significantly increase the cost of attempting to monitor and prevent botnet registrations, even once the randomizing algorithm has been broken.

Once installed, Conficker.C implements a variety of nasty behaviors. The worm will attempt to disable Windows Automatic Update and stop access to the Windows Security Center, can detect and kill SysInternals' Process Explorer program, and will interfere with the operation of a number of other search-and-destroy programs including WireShark and SysClean.

It will also reset and delete system restore points, disable various services (including WinDefend, BITS (Background Intelligent Transfer Service) ERSvc (Error Reporting Service) and WerSvc (Windows Error Reporting Service, Vista-only). In a final fit of pique, Conficker.C will prevent any attempt to connect to a variety of antivirus software services or websites. This behavior is nothing new to malware in general, but it's the first time we've seen it from our Conf(l)ickt-causing little friend.

The security industry's battle against Conficker is unlikely to resolve this go-round—we'll probably see at least a "D" variant before this is done—but DeBolt believes the coordinated response and organized counter-attack from Team White Hat has dramatically retarded the virus' ability to infect new systems. In the meantime, Romanian researchers from BitDefender have released a tool that should remove Conficker, though it's not clear if this will clean versions A, B, and C, or just the first two.

From : ars technica