toughbunny Posted October 22, 2014 Share Posted October 22, 2014 Hi guys, So I was reading around, and I found this article on the internet that looked really cool, and like a fun project: http://www.darkreading.com/cloudbot-a-free-malwareless-alternative-to-traditional-botnets/d/d-id/1297878 I was wondering, exactly what does this do and how would I carry it out? Would I still need to do the whole signup process and just avoid clicking the activation link? Once I had tons of free space on different servers, how would I control it? Are we talking about VPSs, or VMs, or just domains? How would I use this to " supercompute", as they say, or mine for bitcoins? Thanks! P.S. I attached a framework from the Github of the researchers that would enable this automated signup, but I don't know how to use it. Has anyone had any experience with this framework, or something similar? Quote Link to comment Share on other sites More sharing options...
digininja Posted October 22, 2014 Share Posted October 22, 2014 The article details how it was done in the "How it's done" and "Benefits for the attacker" sections. It doesn't give code but tells you how to go about setting it up. If you want to do this as a fun learning experience, read through it and take on each step at once, start with the Gmail to POST section then move on to the next. Quote Link to comment Share on other sites More sharing options...
toughbunny Posted October 23, 2014 Author Share Posted October 23, 2014 Hi, I just don't get the point of this. I still have to sign up and do everything except for click on the activation link for all of these cloud services. Also, are the intended cloud services application hosting, or VPSs? And how would I control them all together, assuming I did sign up for enough?] Sorry about the newb question! Quote Link to comment Share on other sites More sharing options...
digininja Posted October 23, 2014 Share Posted October 23, 2014 The way they describe it you would need to manually register however you could probably automate that if you wanted multiple accounts with the same service. They are signing up for VPSs Controlling them is discussed in the benefits section, they use a python script to automate sending commands to them over SSH. Quote Link to comment Share on other sites More sharing options...
toughbunny Posted October 23, 2014 Author Share Posted October 23, 2014 Hi again, Here is a more detailed article: http://www.deepdotweb.com/2014/08/08/mining-cryptocurrency-free-cloud-botnet/ I don't get the point of registering all kinds of free domains and MX records of all you need is to sign up with free vps services. Also, they make it seem like you might not need a full vps. If not, what kind of services would they be using? Sorry if I am asking really obvious questions. Also, how would you receive mail to your own domain with the google mail handler? Thanks! Quote Link to comment Share on other sites More sharing options...
toughbunny Posted October 31, 2014 Author Share Posted October 31, 2014 Hi Guys, So I found this slideshare: http://www.slideshare.net/rob.ragan/cloudbots-harvesting-crypto-currency-like-a-botnet-farmer (which is actually the presentation from blackhat in case you didn't open it) and I was trying to follow the "instructions" and ran into a few problems. First of all, I got a few domains with freedns.afraid.org, and pointed those to mandrill servers. I then added a route from the mandrill servers to the google app that I attached in the first post. Now when I sign up for it, the email gets processed when I say my email si *@appname.appspotmail.com (the google app), but not when my email is on one of the freedns domains. Anybody use mandrill? Secondly, there seems to be a list of cloud services that you can use on two of the pages, and on some of the last pages about controlling the botnet they say to use fabric, an ssh framework. The problem is that I don't know how I would ssh into any of theses cloud services that they referred to (e.g. cloud9, sourcelair...) Does anyone know how I would set up fabric between all these services? Thanks again! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.