OrionBot is the deployed binary of a centralized and versatile remote administration tool, making use of the Tor network to communicate with its respective server.
- Customizable icon and install name
- Startup options: Automatic, Task, Registry, Startup folder
- Persistence
- Reinfection
- Base creation (hidden)
- Tracking of Spreading Vectors
- Anti-Virtualization
- Anti-Debugging
- Execution Delay
- Disabling Windows Defender
- Elevation
- Melting
- Torified or Standard traffic
- Encrypted and dynamic Resources
- Polymorphism
- Basic (bot-specific) information
- Information gathering
- System information
- Software information
- Passwords (LaZagne parser)
- Discord Token grabbing
- Files: Download, Upload, List, Open remotely
- Power: Shutdown, Reboot, Lock, Sleep, Wake
- Execution: Local File, Remote File, Command
- Elevation: Simple, Disguised, Silent
- Toggle Windows Defender protection
- Crypto mining
- Spreading
- MessageBox
- Abort command
This section covers the recommended software and dependencies needed to compile and debug the project.
Delphi environment:
- RAD Studio 10.3+
- LockBox 3.7 for the encryption routines
- DProcess for high-level process management (included)
- LaZagne for password recovery (runtime)
- Nanominer for crypto mining (runtime)
Clone the repository using
git clone https://github.com/Raffy27/OrionBotOpen Bot.dproj or the source file (Bot.lpr) in your IDE.
If you're using RAD Studio, switch to the Debug Build Configuration and build the project.
Make sure the DEBUG directive is defined and the Dbg procedure in Basics.pas is working as intended.
To debug in-place (do not create a base, etc.) add a Config.ini to the current directory of OrionBot, essentially simulating a post-install second start. You can get a valid configuration file by building a new binary with OrionPanel and then extracting it from the Resources.
You can use ResourceHacker to edit/extract binary Resources.
You can use DebugView to see debug messages logged by OrionBot. A useful filter file can be found here.
For active releases and pre-compiled binaries, see Releases. For usage with the entire project, see the instructions provided in OrionServer.
This project is licensed under the MIT License - see the LICENSE file for details. For the dependencies, all rights belong to their respective owners. These should be used according to their respective licenses.