unstoppable botnet

1. botnet that cant be stopped
2. ----------------------------
3.  
4. On first run/installation(sending very few just to establish a host)
5. --------------------------
6. a) run upnp script to open port and web check/performance check : else die
7. b) web downloads MySql and installs silent MSIEXEC /qb /i %SystemDrive%\disks\sw\mysql\mysql_server.msi"
8. c) runs initial sql script for initial schema
9. d) installs IIS express 7 and installs ASP.NET website
10. e) installs metasploit / perl
11. f) sets itself as the host,and post hostname and flag as host in mysql db
12.  
13.  
14. Second run(send out as many as you want,host to connect to hard coded with the established host above (or if u have a few) in itself)
15. -----------
16. a) run upnp script to open port and performance check if it can host and flag itself to host if it can one as well at some point down the road if the main host drops
17. b) if it can dual host/client it installs web downloads MySql and installs silent MSIEXEC /qb /i %SystemDrive%\disks\sw\mysql\mysql_server.msi"
18. and runs sql script and IIS Express 7 : else just a client
19. c) installs metasploit / perl
20. d) reads registers with host(client only or both)
21. e) reads from host copies all hosts/clients locally in text file (very important for loss of host) this must run on a timely manner
22. f) reads command from host (whatever u intend to do)
23.  
24.  
25. Bot options
26. ------------
27. 1) self upgradable on command (controlled by version number to match compatibility with clients)
28. 2) all options are controlled by the coder, at the start basic DDoS weeeeeee
29. 3) any dual purpose clients copy db and asp files from current host on a set basis, if we lose our main host
30. 4) /bin folder for exe's dll's that cannot incorporate into its own source(outside material/scripts and self upgrade
31. 5) /metasploit for metasploit scripts
32. 6) /db for database on host capable clients
33. 7) /perl for perl scripts
34. 8) /www for asp.net sites on host capable clients
35. 9) /peers for txt file on all peers updated frequently
36.  
37.  
38.  
39. on loss of host
40. -----------------
41. 1) read most updated local txt file of peers and scan host bots until one accepts register
42. 2) bots that are host capable will self communicate to known host capable bots and one with most uptime will take over where everything left off
43.  
44.  
45. installation methods
46. ---------------------
47. 1) social engineering
48. 2) 0days
49. 3) I have one but im not tellin ;x but its why the .NET 2.0 restriction is required and i am doing it this way
50.  
51.  
52. Restrictions
53. ------------
54. 1) Win32 only, unless u are going to have a mono dropper, but the hosting, appache, will havev to be done yourself
55. 2) .Net 2.0 required on victim (or mono)
56.  
57.  
58.  
59. Comments?
60. cio@wow.com
61.  
62. Michael Evanchik
63. mcbain
64.  
65. free dolan
66.  
67.  
68. greets
69. -------
70. illwill
71. graf
72. koin
73. IRS
74. 0din
75. lynx