Question 1
Lets say we send a payload to 1000's of people who run it... how do you manage 1000's of pc's in the botnet??
Question 2
How do these big botnets survive??
I mean that if however a security guy or cyberpolice got hold of a mass payload... then dont they track it down?? Then how do these botnets survive??
Forum Thread:
Gaining Access into the Victim's Whatsapp on Android
12
Replies
Forum Thread:
Whatsapp Hack?
19
Replies
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
2
Replies
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
Metasploit Error:
Handler Failed to Bind
41
Replies
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
Forum Thread:
How to Run and Install Kali Linux on a Chromebook
18
Replies
Forum Thread:
How to Find Admin Panel Page of a Website?
13
Replies
Forum Thread:
can i run kali lenux in windows 10 without reboting my computer
4
Replies
Forum Thread:
How to Hack School Website
11
Replies
Forum Thread:
Make a Phishing Page for Harvesting Credentials Yourself
8
Replies
How To:
Crack SSH Private Key Passwords with John the Ripper
How To:
Dox Anyone
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
How To:
Brute-Force Nearly Any Website Login with Hatch
How To:
Use SQL Injection to Run OS Commands & Get a Shell
How To:
Scan Websites for Interesting Directories & Files with Gobuster
How To:
Set Up a Headless Raspberry Pi Hacking Platform Running Kali Linux
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
How To:
Crack Shadow Hashes After Getting Root on a Linux System
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
Tutorial:
Create Wordlists with Crunch
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
How To:
DDos a Website Like a Pro (Windows Only)
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
How To:
Exploit EternalBlue on Windows Server with Metasploit
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
How To:
Enumerate SMB with Enum4linux & Smbclient
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
How to Hack Wi-Fi:
Stealing Wi-Fi Passwords with an Evil Twin Attack
5 Responses
THANKS ;);)
Peer-to-peer botnets are hardly new. The Alureon / TLD4 botnet, for example can survive indefinitely if it loses contact with its C&C network. These networks are difficult to detect. They use network traffic that looks, at least on the surface, like SSL-based web requests—except that they use their own embedded encryption. The anonymity and stability of those networks make them very profitable for botnet operators. In some cases, they even sell access to their anonymizing network as one of their services to help others conceal themselves in other criminal activities—like a malign version of the Tor Network.
Thanks but im pretty new.. and I didnt understand that :P
Most botnets use custom payloads and controllers; this reduces the detectability by a long way.
Essentially there are two main heads to a typical Botnet, a Command and Control Server (CnC), this will send commands to the botnet, in a big one probably via some custom p2p network.
And the clients or (bots). These read the commands and then execute them. One example of that would be to execute a DOS attack to a specified server, or package up their users cookies from their browsers and send back to home.
CnC servers are generally the places where people get caught, the secret is to use a P2P network like MR NAK UP3NDA. A P2P network is extremely resilient as it doesn't rely on a single CnC server, yet passes instructions to others, the only thing stopping any random person dropping in their own instructions is the fact they don't know the format and code, and perhaps a GPG encryption on the commands.
Share Your Thoughts