Jump to content

Cloudbot


toughbunny

Recommended Posts

Hi guys,

So I was reading around, and I found this article on the internet that looked really cool, and like a fun project: http://www.darkreading.com/cloudbot-a-free-malwareless-alternative-to-traditional-botnets/d/d-id/1297878

I was wondering, exactly what does this do and how would I carry it out? Would I still need to do the whole signup process and just avoid clicking the activation link? Once I had tons of free space on different servers, how would I control it? Are we talking about VPSs, or VMs, or just domains? How would I use this to " supercompute", as they say, or mine for bitcoins?

Thanks!

P.S. I attached a framework from the Github of the researchers that would enable this automated signup, but I don't know how to use it. Has anyone had any experience with this framework, or something similar?

Link to comment
Share on other sites

The article details how it was done in the "How it's done" and "Benefits for the attacker" sections. It doesn't give code but tells you how to go about setting it up.

If you want to do this as a fun learning experience, read through it and take on each step at once, start with the Gmail to POST section then move on to the next.

Link to comment
Share on other sites

Hi,

I just don't get the point of this. I still have to sign up and do everything except for click on the activation link for all of these cloud services. Also, are the intended cloud services application hosting, or VPSs? And how would I control them all together, assuming I did sign up for enough?]

Sorry about the newb question!

Link to comment
Share on other sites

The way they describe it you would need to manually register however you could probably automate that if you wanted multiple accounts with the same service.

They are signing up for VPSs

Controlling them is discussed in the benefits section, they use a python script to automate sending commands to them over SSH.

Link to comment
Share on other sites

Hi again,

Here is a more detailed article: http://www.deepdotweb.com/2014/08/08/mining-cryptocurrency-free-cloud-botnet/

I don't get the point of registering all kinds of free domains and MX records of all you need is to sign up with free vps services. Also, they make it seem like you might not need a full vps. If not, what kind of services would they be using? Sorry if I am asking really obvious questions. Also, how would you receive mail to your own domain with the google mail handler?

Thanks!

Link to comment
Share on other sites

Hi Guys,

So I found this slideshare: http://www.slideshare.net/rob.ragan/cloudbots-harvesting-crypto-currency-like-a-botnet-farmer (which is actually the presentation from blackhat in case you didn't open it) and I was trying to follow the "instructions" and ran into a few problems. First of all, I got a few domains with freedns.afraid.org, and pointed those to mandrill servers. I then added a route from the mandrill servers to the google app that I attached in the first post. Now when I sign up for it, the email gets processed when I say my email si *@appname.appspotmail.com (the google app), but not when my email is on one of the freedns domains. Anybody use mandrill? Secondly, there seems to be a list of cloud services that you can use on two of the pages, and on some of the last pages about controlling the botnet they say to use fabric, an ssh framework. The problem is that I don't know how I would ssh into any of theses cloud services that they referred to (e.g. cloud9, sourcelair...) Does anyone know how I would set up fabric between all these services?

Thanks again!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...