Fake CMD

scambaiter633 · 16 July 2017 07:56

Made a fake CMD. Download it here: MEGA

Compatible with tree, dir /s and netstat. Let me know if you want anymore. To trick scammers into using it, delete the original CMD and rename it to cmd. Read the README file, it has all the details. I’ll just say, oone of them crashes your computer so don’t test it on your actual pc, but the nocrash one is fine to use. Updated link. The old one had a positive-false detection.

pokeping · 16 July 2017 14:46

hmmm

bandbgamesroom · 16 July 2017 22:31

@scambaiter633#9594 not working apparently it’s dangerous

Flame · 16 July 2017 23:14

It was a virus.

SystSupport · 17 July 2017 00:57

Dammn. He was trying to rat us

scambaiter633 · 17 July 2017 00:58

@bandbgamesroom#9687 it’s not

scambaiter633 · 17 July 2017 00:58

@FuelDaFlame#9688

@scraps210#9693 I wasn't try it on a VM

scambaiter633 · 17 July 2017 00:59

@scraps210#9693 in fact I’ll post the script

scambaiter633 · 17 July 2017 01:00

For everyone saying it’s ‘dangerous’ -it’s not, all it is is some batch script. I will post it so you know.

scambaiter633 · 17 July 2017 01:04

@scraps210#9693 it’s not a rat

scambaiter633 · 17 July 2017 01:25

So I’ve checked the files and googled the program, and they say it’s a false-positive. I’ll upload it to a different file host and try it there. Sorry for the inconvenience.

scambaiter633 · 17 July 2017 01:38

Script: Fakecmd.bat (.exe once converted)

@echo off

:Ask

set INPUT=

echo Microsoft Windows [Version 10.0.10586]

echo (c) 2015 Microsoft Corporation. All rights reserved.

echo.

set /P INPUT=“C:\Users\user\Desktop>”: %=%

If /I “%INPUT%”==“tree” goto tree

If /I “%INPUT%”==“dir /s” goto dir

If /I “%INPUT%”==“netstat” goto net

start
exit
:tree
color c
echo SCAMMER FOUND
echo SCAMMER FOUND
echo SCAMMER FOUND
echo SCAMMER FOUND
echo SCAMMER FOUND
echo SCAMMER FOUND
echo SCAMMER FOUND
echo SCAMMER FOUND
PING 127.0.0.1 -n 2 > nul
echo.
Echo get ready...
set loopcount=99999999
:loop
start rand.bat
set /a loopcount=loopcount-1
if %loopcount%==0 goto exitloop
goto loop
:exitloop
pause
exit
:dir
color c
echo SCAMMER FOUND
echo SCAMMER FOUND
echo SCAMMER FOUND
echo SCAMMER FOUND
echo SCAMMER FOUND
echo SCAMMER FOUND
echo SCAMMER FOUND
echo SCAMMER FOUND
PING 127.0.0.1 -n 2 > nul
echo.
Echo get ready...
set loopcount=9999999
:loop
start rand.bat
set /a loopcount=loopcount-1
if %loopcount%==0 goto exitloop
goto loop
:exitloop
pause
exit
:net
color c
echo SCAMMER FOUND
echo SCAMMER FOUND
echo SCAMMER FOUND
echo SCAMMER FOUND
echo SCAMMER FOUND
echo SCAMMER FOUND
echo SCAMMER FOUND
echo SCAMMER FOUND
PING 127.0.0.1 -n 2 > nul
echo.
Echo get ready...
set loopcount=99999999
:loop
start rand.bat
set /a loopcount=loopcount-1
if %loopcount%==0 goto exitloop
goto loop
:exitloop
pause
exit

Script: rand.bat (stays .bat)
@echo off
:top
set /a rand1=%random% %% 16
set /a rand2=%random% %% 16
set HEX=0123456789ABCDEF
call set hexcolors=%%HEX:~%rand1%,1%%%%HEX:~%rand2%,1%%
color %hexcolors%
echo SCAMMER DETECTED
set /a rand1=%random% %% 16
set /a rand2=%random% %% 16
set HEX=0123456789ABCDEF
call set hexcolors=%%HEX:~%rand1%,1%%%%HEX:~%rand2%,1%%
color %hexcolors%
ping -n 0.25 500.0.0.1>nul
goto top

Flame · 17 July 2017 14:40

Next time upload a virus total. Also instead of “C:/Users/user” use C:/Users/%username%. %username% is an environment variable for the current user’s name.

scambaiter633 · 18 July 2017 10:43

@FuelDaFlame#9728 Ok cool thanks.