Skip to content

Latest commit

 

History

History
28 lines (22 loc) · 799 Bytes

README.md

File metadata and controls

28 lines (22 loc) · 799 Bytes

enemy SSH/Telnet IoT botnet

ssh/telnet self replicating "flame" botnet, features:

  • UDP/TCP/ICMP Flooding methods
  • mirai syn scanner ran if root
  • qbot scanner ran if non root
  • skidripped tor cnc from zbot
  • custom string encoding (char map lightaidra based)
  • custom botkiller strings for memory scanning
  • 1s sleep on botkill
  • custom passlist for ssh
  • custom tor cnc for onion that broadcasts loader server

EXPLOITS

  • liferay
  • sonicwall
  • huawei (not working)

SPECIAL METHODS

  • blacknurse
  • DNS request flood (with random dns request id per packet)

TODO

  • lateral movement accross current ip range

I ASSUME NO RESPONSIBILITY FOR ANY DAMAGES CAUSED BY THIS PROGRAM, SOURCE CODE, OR ASSOCIATED FILES POSTED.

THIS IS POSTED UNDER APACHE LICENSE AND IS ALSO CONSIDERED ART.