How To: Introduction to Botnets and RATs : Part 1

Introduction to Botnets and RATs : Part 1

Introduction to Botnets and RATs : Part 1

Hello everyone. I'm Calypsus and i've been around for a while learning from various tutorials, expanding my knowledge and this is one of the best platforms for newbies to sharpen the skills. Today i decided to register myself and contribute to this wonderful community. Since this is my first post, any kind of feedback is appreciated.

Botnets :

Image via netdna-ssl.com

A botnet is a collection of compromised machines for the use of (Distributed) Denial of Service (DoS/DDoS). Consider this as an army of compromised systems used to create havoc.

The botnets are usually controlled by IRC channels and HTTP protocols. The systems are compromised and then used for massive DDOS on websites or trigger a 0day exploit.

RATs :

Image via gfi.com

RAT - Remote administration tool. A RAT is malicious malware software that runs on your computer. It gives access to a hacker when he wants to steal information from you or install other malicious software. Basically, if a RAT is installed in the system, the hacker has complete power over it. He can either keylog the passwords or steal confidential information.

The RATs are usually detected by antivirus unless its crypted or binded with other files. There are some legal RATs like Teamviewer which help in numerous ways and then there are several illegal RATs which help in all kind of malicious activities, some notable ones are ZeuS, Spynet.

What's in the Box of This Series :

I'll be doing tutorials on howto create RATs, host them and infect the systems with it. I'd like to end this tutorial with a quote of Edward Snowden - "I would rather be without a state than without a voice"

19 Comments

Welcome to Null Byte.

I'm glad someone is making a series on Botnets without going into the illegality of it.

-Phoenix750

Well, illegality is a very broad term. We can always cover it up with a note 'Educational purpose only'.

all right for a first post :) looking forward to this series.

Thank you.

Fantastic! I have been waiting to here about this kind of stuff. I need to get updated.

-Smith

i would be glad if you tackle on how to stay safe using botnets.

Looking forwards to this series, I think botnets are something that everyone wants to know about yet is a difficult topic to discuss because of the legalities of it all.

Cheers,
Washu

I see botnets portrayed in the media as bad/evil programs. but is there ever an instance where a botnet is not-evil?

or are botnets only used for evil things?

Botnets may or may not be evil, but they are illegal. It is illegal to infect PCs without knowledge of users.

But companies exist that have high-speed systems to check if your server is vulnerable to (D)DoS attack. Wouldn't call it a botnet, though.

-The Joker

They are used for what you call 'evil'. But not only for evil. For example, they can be used to accelerate the gpu speed in the case of rendering a video or even to crack an encryption. There are loads of uses, but as usual the hypocritical media portrays the negative part.

Good tutorial, but your definitions are too limited.
An example can be that botnets can be used for a load of purposes, rather than just DDoSing websites.

-The Joker

From hacker's point of view, it's used mainly for DDoSing. Hence i didn't cover the other portions. Anyway, i appreciate the feedback. Thank you.

If I've got a custom made rat and a listener. How can I configure the listener to accept connections from more than one connection(in python). I understand I can use the threading module however, the way I would do it is to create hundred or so threads and have them listening. This is inefficient if there are only a few infected computers. Is it possible to to create a threads based on the need?

I'm not sure if i understand your query. As i understand, you can create a loop which will create a separate thread for every incoming connection from victims. Hope this helps.

This is exactly what I wanted to know. Could you plz show me some code. I dont know how I can use the threading module to do this.

will sure be reading rest of the parts. post soon ;)

Share Your Thoughts

  • Hot
  • Latest