PDA

View Full Version : Botnets



Silent
04-27-2006, 01:22 AM
Greetings

I go on IRC chat client a lot. and the administration there wants me to learn alot about botnets, how to hack into them ect. However I looked on google and yahoo and couldnt find anything on how to hack into them. I would like to know if any of you could help me with that? I would appreaite it! thanks

Cordailly,
Silent

Halla
04-27-2006, 02:59 AM
you want to hack into a botnet? :confused:

Maybe you arent too clear on what a botnet is. A botnet is a net (a crapload) of bots (programs). generally speaking each bot is on a seperate machine, running a program or waiting for a command to run a program and idling on an irc channel in silent hope for a command from its ******.

Get *000 or so and you can pack a pretty good punch. Get *0-*00,000 and you got yourself an army.

So... what?
you have this lil application embedded in something you put on limewire or whatever, or even just go around and straight up intall it on public terminals all over the damn place and have it spread or what have you. in any case, next thing you know you have these PCs running the program, and so they are "checking in" to a particular irc channel you told them to and wait for your command.... perhaps its for a massive spam send, a DDOS attack or to use the combined computing power to crunch numbers and determine the weather sequences in Denmark and make predictions. whatever.

I believe !R was the "infamous" botnet command. (you old schoolers prob know what Im talking about... shields up! ;) )

so how do you hack a botnet? depends on what you mean by hack. If you mean to assume control over an existing one, good luck kiddo. Either start tracing each PC and gaining control over each individual one manually...(yeah right).. or get access to one, look up the program, see what its waiting for, and then either emulate it or add a 'patch' to switch controls (that oughta piss off the owner! lol) depending on the levels of accessability the owner had in their software to begin with.

Its an interesting situation, its been around for years and aint goin anywhere either imo. Check out honeypots too. Thats how alot are taken out.

If you chill in IRC alot, come scope out my sites channel, its pretty cool.
SERVER: irc.2600.net
CHANNEL: #infoleak

Hope that helped.

Ezekiel
04-27-2006, 06:46 AM
By "hacking" into botnets I assume you mean getting into a pass protected channel where the bots are reporting to? How hard it would be to do this depends on the ********* capabilities of whoever created the bot. First thing you have to do is get the actual piece of malware that is being sent out to people. Sometimes just from viewing the executable in a hex editor you can see the plaintext irc server, channel, and password stored in it, but most of the time it is slightly harder than that. What you have to do is find an old computer you have NOTHING important or personal stored on, and possibly limit it's bandwidth somehow to prevent any DoS attacks from your computer. Then, place the malware (the irc bot) on it and execute it, while you are also running a packet sniffer. Then you will see the server, channel and password it is connecting to. Of course, if the bot uses encryption then it is a lot harder to figure out what is happening. Then, once you have the server, channel and password, you could join and change your name to one that is similar to other bots, so they think you ARE a bot, allowing you to monitor the channel for a while before taking it down however you feel necessary, and you could steal the bots and redirect them to your own channel.

Silent
04-27-2006, 03:39 PM
Greetings

I dont know there really weird there because hes like tell me how you get a password from a bot net and dont google it tell me fast. I work with normal bots. all i do is /query Nick Login My nick and pass thats all i do. I dont use some sceam to get there passwords.. :confused: I guess im just an idoit. you guys have helped. and i will go into that channel today sometime.

Halla
04-28-2006, 01:53 PM
"hes like tell me how you get a password from a bot net and dont google it tell me fast"

That guy sounds like a real dope/wannabe trying to act "leet".

Next time he says something like that ask him what the hex value in a cisco IOS's bootp would be to skip the NVRAM and bring you right to Flash and what that would do for you... and dont google, tell you real fast.

(its 0x2*42 and the point is to bypass the routers password protection)

just because you're not skilled in one dept doesnt mean you arent skilled. Dont ask a rocket scientist about Voltaire... he may be able to get you to the moon but he aint gonna know philosphy, know what I mean?