Jump to content

Botnet tutorial?

will-wtf

By will-wtf
in Security

 Share

Recommended Posts

will-wtf Newbie

will-wtf

Posted
Posted

If anyone has a botnet tutorial that is good can you please link it, or post it up.

Just curious and I have looked for one, I'm fairly sure there are some herders here, pm me if you are not willing to publicly post it up.

Will

Link to comment
Share on other sites
digininja Grand Master

digininja

Posted
Posted

Funny you should ask, I got some spam yesterday trying to lease me a botnet.

If you want to see how easy they are to use have a look at the recent bbc click episode where they hire one, the interface looks very simple to use.

Link to comment
Share on other sites
DingleBerries Newbie

DingleBerries

Posted
Posted

Step 1. Find some bot source code.

Step 2. Mod source code to point to your server, IRC/Web/ICQ.

Step 3. Make sure bot is contacting home.

Step 4. Bind that to another program.

Step 5. ????

Step 6. Profit

The principal around bots is not complicated, the inner workings and source is what makes them interesting. After you get your hands on some sauce then you can start with all the complicated things, keylogger, inform other bots, crypt traffic.

Play with this:

Simple IRC bot http://www.osix.net/modules/article/?id=780

Mod the code in order to execute system function when a command is sent via irc. You can also build in other classes and what not. Im not going to go into spreading your bots because that is illegal and should be self explanatory.

Link to comment
Share on other sites
moonlit Newbie

moonlit

Posted
Posted

Uh... what?

You're seriously asking for a tutorial on how to build a botnet?

Seriously?

Go do your own research or go and fuck yourself. There's no way in hell I'm going to sit and watch a thread on how to build a botnet. Do you have any idea how much of a problem that could cause? Some kid comes running in, reads the topic, then has this awesome plan for world domination and we helped cause it?

I don't usually feel the need to be this much of an asshole about topics but this is a really really bad idea.

Link to comment
Share on other sites
dr0p Newbie

dr0p

Posted
Posted

It's a lot better if you program your own botnet because you get to choose exactly what features it has, how it spreads, etc. plus you also get to deal with managing hundreds to thousands of simultaneous connections. And no, I'm not endorsing using botnets for malicious purposes in any way but they're a fun project to experience and learn about.

Link to comment
Share on other sites
Destro Newbie

Destro

Posted
Posted
Uh... what?

You're seriously asking for a tutorial on how to build a botnet?

Seriously?

Go do your own research or go and fuck yourself. There's no way in hell I'm going to sit and watch a thread on how to build a botnet. Do you have any idea how much of a problem that could cause? Some kid comes running in, reads the topic, then has this awesome plan for world domination and we helped cause it?

I don't usually feel the need to be this much of an asshole about topics but this is a really really bad idea.

Moonlit nailed it on the head. That wat your going to get when you ask that.

cheers,

Destro

P.s. The documentary isn't on building so if you want to take over the world LOL dot bother

Link to comment
Share on other sites
will-wtf Newbie

will-wtf

Posted
  • Author
Posted

I wasn't looking at taking over the world and all that crap, I just wanted to see the processes that the bbc cut out of their production, and look at some interesting code that I could not get my hands on, suprisingly google wasn't giving me any luck, and bhf was down for maintenance.

@moonlit; kids are kids, and if they managed to get the damn thing together, then even so it wouldn't be fud, and this is quite topical at the moment with the new conficker variable, a BBC production made on it.

Link to comment
Share on other sites
digininja Grand Master

digininja

Posted
Posted

I think the bit the BBC missed out was the actual hiring of the botnet. All they got once they'd hired it was that nice GUI that allowed them to control the bots, they weren't actually buying source code.

If you've got the patience for a long read this is a very good paper on conficker and gives a few examples of source code - http://mtc.sri.com/Conficker/addendumC/

Link to comment
Share on other sites
underhole Newbie

underhole

Posted
Posted

I'm going to have to agree with moonlit on this one. There is no way this should even be an open thread, if your truly interested go look it up and actual learn the stuff. If you really did want to know about it you would research the hell out of the topic not just as for a tutorial. On the other hand if your just looking to make a botnet to show off to your friends then asking for a quick tutorial would be your best bet. To bad you will never get it here, or any other place I can think of.

Link to comment
Share on other sites
digininja Grand Master

digininja

Posted
Posted

I'd say that this is part of research. If I'm interested in a particular topic I'd do some googling but I'd also ask various peer groups if they had any useful links or information on the topic.

Maybe the question was worded a bit badly but this to me is part of "research the hell out of the topic".

Link to comment
Share on other sites
will-wtf Newbie

will-wtf

Posted
  • Author
Posted
I'm going to have to agree with moonlit on this one. There is no way this should even be an open thread, if your truly interested go look it up and actual learn the stuff. If you really did want to know about it you would research the hell out of the topic not just as for a tutorial. On the other hand if your just looking to make a botnet to show off to your friends then asking for a quick tutorial would be your best bet. To bad you will never get it here, or any other place I can think of.

where did you get the conclusion that i was going to "show off to my freinds" exactly underhole?

Link to comment
Share on other sites
moonlit Newbie

moonlit

Posted
Posted

Look, you know as well as we do that you're not the only person here, we don't know your intentions or anyone else's. I appreciate that you want to learn but really as was mentioned earlier, if you really want to learn then do proper research not just ask for a tutorial. I know for a fact that the basics aren't hugely technical so it's not that difficult to get the essential info down. This isn't anything personal and I'm not saying you are going to try and launch your own botnet or whatever but you can't exactly blame us for being against handing you the howto.

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted

Setup a honeypot, then let it get infected. Isolate it and see what and where traffic is tryign to go, work the rest out yourself. While I don't think discussion about botnets in general is bad or even new ground, asking where to get one or how to make one is research you usually need to do on your own. Not something you ask for in an open public forum, but maybe private talks with key people. Just use your head when asking a question, and think about what is acceptable. If its borderline offensive or illegal to that respect, don't post it on a forum.

Link to comment
Share on other sites
DingleBerries Newbie

DingleBerries

Posted
Posted

I get my samples from here. Be warned those are REAL viruses. Some of the conflictor packages, especially the newer ones, can tell if they are running in a vm... and other have been engineered not to talk to anyone but the person who uploaded it, research purposes. Never the less it is a great place to go if you are trying to get infected.

LINK http://www.offensivecomputing.net/

Link to comment
Share on other sites
LauBen Newbie

LauBen

Posted
Posted

will-wtf, I understand that we all have to start somewhere when it comes to new things, and I am sure you never intended to do anything illegal with the knowledge you were looking to gain.

However, as you can tell just posting a statement asking "If anyone has a botnet tutorial that is good" is not going to help you learn, and will (as is the case here) most likely p$%s people off :)

Anyway in an attempt to help you out I will start you off on the road to knowledge town:-

1- Google it - Google has a huge amount of very good information on Bot's and Botnets, from both sides of the camp (black and white)

2- Believe it or not Youtube has some videos showing how easy it is, and also providing a basic overview of what is involved.

3 - Have a look on Wikipedia, this will provide you with a load of good links and detailed information on the history of Botnets.

Oh and before you think I am being a dick with my answers, I had to present to around 60 people earlier this month on all types of new (I know Botnets are not new before any one start :) )malware and provide a live demo of how they are made and spread, and the 3 items here provided me with a wealth of info to start and grow my presentation.

Link to comment
Share on other sites
underhole Newbie

underhole

Posted
Posted
Maybe the question was worded a bit badly but this to me is part of "research the hell out of the topic".

If you where going to use a forum like this for research purposes you would come to the forum with questions and points of clarification, not asking for a generic over arching tutorial.

where did you get the conclusion that i was going to "show off to my freinds" exactly underhole?

It is just one of multiple easily drawn conclusions that happens when some one posts asking for a simple answer to a some what complex issue.

Even if you didn't want to research you could at least come to this board with a post like "Hey I have googled around and found out x. I still don't get y. Do you guys have any tips or good links?"

Link to comment
Share on other sites
will-wtf Newbie

will-wtf

Posted
  • Author
Posted

We already got around the point that I worded the Question very badly I thought, thanks for the info guys, I have found out most of what I wanted to. Dingleberries thanks for all that, digininja, the article on Conficker C was a long read, but answered about 80% of what I was asking, great read guys.

^_^

Link to comment
Share on other sites
  • 2 weeks later...
MuNk Newbie

MuNk

Posted
Posted

here is some basic on information.

Botnets, mass majority these days are built by kids and are base on the same old source-code (reptile,shadow), granted there are the exceptions like conflicker.a/b/c which is 100% private/custom code.

all botnets require a C&C (Command and Control), there are different types. most commonly used are IRC/HTTP , yes there are a few who use unique methods, ive seen one that was half udp half http.

to build a bot is not a complex thing, anyone who can learn to make one, spreading/infection methods are the hard and most interesting parts, followed by how they keep the files undetected.

last and most importantly NOT ALL botnets are used for DDoS, some are built as spamming networks, some work as HTTP servers for illicite content, some are proxybots (yes bot that install sock4/5 on your machine), there is other that are used for cracking password (distributed computing) but very few of them around or ever has been. then there are ones who do all of that and DDoS.

This is about all you really need to know about botnets.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...