Malware Coding Series: Building Botnet
If you are already here you probably have read the intro of this course and decided to go and follow my python tutorials(you can also use any other programming language but you need to know sockets and many other stuff), the first tutorial is a showcase on how to make your python botnet.
Things we need:
- python 2.7 (i suggest you to use 2.7 instead of other versions because is much easier)
- pyinstaller (to convert our .py backdoor into .exe)
1) make your website and send commands from a page www.mysite.com/cmd.php will display a string –> DDOS www.google.com (or an ip)
2) configure a server as control and command server (c&c) you will need a server handling multiple connections running a python program that could handle all the bot requests ( much harder than a simple site.. xD)
Link source code on github of mlgbot.py
The os.popen(“”) executes a system command and in our case we will use the REG ADD command to add on registry in hidden start up locations our bot so next time our computer restarts will connect again to receive commands…
The os.cwd() gives us the current working directory so if our bot is downloaded in a different directory it’s hard to guess it …and this command solves all the problems
Another cool feature in windows is “Attrib +h mlgbot.exe” (mlgbot.exe is the name of my bot) with this command we add the hidden attribute to our executable.. so when the vitcime execute it for the first time will hide it’s self in the folder and won’t be able to see it unless he opens cmd and uses the command attrib or dir
After we made almost persistent our bot i said almost because it can be detected with taskmanager since it’s not hidden, now we have to put the code to receive commands from our site:
I use the Urllib to get from my cmd.php page the command and use it in python.
After the bot got the command will be executed on the bot.. as you can see there are many features that i added, you can add as many as you want..
Basically we are done, our botnet will work and receive commands from our control panel and it has also some RAT features.
To complete our job we must compile our .py file into .exe with pyinstaller..
Download pyinstaller then put your botnet.py into the folder of pyinstaller and use the following command:
Pyinstaller.py yourbot.py –onefile –noconsole
–onefile will inlcude all our libs into the .exe
–noconsole will hide any console print of our python program
Once you finished compiling it it’s ready, i suggest you to test it on a Lab environment like virtualbox\vmware workstation and see your bot how works.
Next time i will show you how to add your keylogger into this with also a video showing how the bot works in a virtual machine
Have fun!
