Torhoo onion mirror : torhoocc3yugradvhrppml2fin4xob7kgg7uf42s4xk7p6r5vzy62ead.onion

I want to build a small botnet as a hobby project. Help me! : hacking | Torhoo darknet markets

I'm interested in building a small, botnet as a hobby project, a dozen devices at max. I think I could implement the command and control (C2) component of the system on my own, but I'm unsure about the initial compromise phase. I can work my way through a terminal and write python but I don't have the expertise to discover zero-day vulnerabilities so what are my options? Look for CVE's on shodan, could that even work in this day and age?

I want the path of least resistance. Nothing fancy, capability, perhaps around 2-3 GB of bandwidth and I'd be happy. I'd like to explore a relatively simple and low-risk design, without over complicating things with advanced features or vulnerabilities. Just to get this off my bucket list.

/u/bqwey

1 points

1 week ago

You can easily get thousands of IOT devices on shodan/censys even with older CVE's.

The hardest part would be building the implants and maybe achieving persistence. Most IOT have very unusual cpu architectures and ancestral kernel versions.

/u/Leary 🍼

1 points

1 week ago

Building implants for an IoT botnet like that is the easiest part as modifying Mirai or one of its forks would be more than enough to do the stuff OP mentioned. Most IoT botnets don't employ any kind of persistence mechanisms anyway as more often than not the filesystems of IoT devices are read-only.

Spreading your implant and maintaining the network are the actual hard parts as you have to find one or more reliable hosting providers that'll be willing to ignore the abuse reports caused by your C2 traffic (and port scanning if you want to scale things up).

/u/bqwey

1 points

1 week ago

What is hard about building is that you can not use fancy syscalls on these devices. Chances are you will find one with Linux 2.X.

Spreading is hard, but OP said he just want a few dozen of bots, so I've put worm functionalities aside. And Mirai/Qbot has disgusting source code, personally I would not even waste time by modifying it, and instead just write from scratch

/u/Leary 🍼

1 points

1 week ago

I wouldn't touch Mirai either (though it's arguably a handy template, even Chinese APTs use it), but OP specifically wanted "the path of least resistance" and if he only knows a little bit of Python there's no way he's writing anything from the ground up.

To be fair, I don't even see why we're arguing about this as the original post doesn't seem to make a whole lot of sense with the little specs OP gives. If he truly wants just a dozen bots to get "around 2-3 GB of bandwidth", it'd just be easier to abuse some VPS providers with free-to-use plans and route your traffic through them. You're not going to perform any kind of denial of service attacks with a network of that size anyway.

/u/bqwey

1 points

1 week ago

You're right, the IOT world might not be what OP is looking for. I doubt 200mb executable from pyinstaller would work on these environments

/u/bqwey

1 points

1 week ago

Hosting challenges also does not apply to OP, but you should not take any hosting provider seriously, even the so called "bulletproof hosting"; Always treat the C2 as disposable. And for that there are many techniques such as P2P, DGA and even Tor.

/u/lemonDragon

1 points

1 week ago

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

technically you don`t need zero days to get bots. You can use social engieering to get people to run you`re malware. also check out www.exploit-db.com -- you can



find poc of exploits. maybe look into using discord or telegram for a c&c. telegram would be better IMO. u are not really gonna find a zero day unless you look into services yourself. also you can find examples of RATS based on python on github or hybrid-analysis.com


maybe make a site for a popular  open sourced software and edit the opensourced software to download your payloaad. try to get the fake site ranked on google or another good way that is semi ssaturated is using torrents. good luck


-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQQhYtiuwyCguivkIiUJL6pY9kBN1gUCaG7lYwAKCRAJL6pY9kBN
1r9mAP94/Px5OFMien5bHViTjA4k0vXcZwV7pclLwTWAExACngD/ZVWbzGMMxZc2
UuPdhgQm7kf0hHCM01FjU3ManNAIUgM=
=PBSD
-----END PGP SIGNATURE-----

/u/learner000 📢 🍼

1 points

1 week ago

Thank you. It will be task to bypass windows defender.

/u/rmrf P sudo rm -rf /*

1 points

1 week ago

Everyone will give you dumb advice.

Just go to hackforums or cracked if you want easy installs and setup. These are both forums that are heavily infiltrated by federal agents so be cautious. There are so many people who will get you bots, probably a few hundred but they will die quickly.

If you want the approach you are really trying to get to you have to develop a binary, find a way to spread it, and then be undetectable. This will be difficult by yourself. Do what all the other low skill people do and make something in kali then share it on a torrent site to get some hits.

/u/learner000 📢 🍼

1 points

1 week ago

Thank you for the reply. Would a metasploit payload and a custom crypter or encoder do the job?

/u/rmrf P sudo rm -rf /*

1 points

1 week ago

A lot of metasploit and empire payloads are detected by AV. If you are just testing then this might be okay depending on what your custom crypter looks like. The problem is that the payload will still be detected afterwards.

Many people will just take similar ideas from metasploit and rewrite to avoid detection which is still very easy now. The crypt I would just suggest to go on russian forum and pay someone about 40 to 50 euro to do it for you. They will run it on malware scans that wont report to AV so you will know it is actual FUD. Trying to make yourself is a lot more effort. If you are going to continue it long term you have to recrypt your malware as detections go up.