Home Kali Linux UBoat – A POC HTTP Botnet Project

UBoat – A POC HTTP Botnet Project

R K

August 25, 2018

UBoat HTTP is a POC HTTP Botnet designed to replicate a full weaponized commercial botnet.

UBoat Uses

Coded in C++ with no dependencies
Encrypted C&C Communications
Persistence to prevent your control being lost
Connection Redundancy (Uses a fallback server address or domain )
DDoS methods (TCP & UDP Flood)
Task Creation System ( Altering system HWID,Country,IP,OS.System )
Remote Commands
Update and Uninstall other malware
Download and Execute other malware
Active as well as Passive Keylogger
Enable Windows RDP
Plugin system for easy feature updates

Download

Bot
Panel

Also Read WAF-Buster : Disrupt WAF by abusing SSL/TLS Ciphers

Installation

Bot Compilation

Change the URL’s in gate.h including the fallback domain if you are intending to use it

Panel Setup

Installation :

Install lamp in unix / Xampp in Win Boxes
You need PHP 7.0 strictly don’t complain later
Install PMA because we are lazy ( thank me later )

Database Config :

Make a database named ‘uboat’
Rename uboat.sql located in /Panel/uboat.sql to uboat.sql.zip
Now import uboat.sql.zip in PhpMyAdmin to the database uboat you created

Panel Config :

Locate /Panel/private/config/config.php
Now edit it the url localhost/PHP/ with your C2 host url

** now look for the keyword “db” **

username :- your mysql user
password :- your mysql password
host :- leave it as it is
dbname :- It’s the database you created earlier remember ” uboat ” ?

Login Config :

Now choose a user/password credential for the login

Say for example :-

user :- root
password :- root Kay ?

For generating the password locate to /Panel/test.php

You can change the keyword root to your desired password We are using root since we chose to here :p

Visit www.url.com/Panel/test.php from your browser and copy the generated hash

You are almost done !!

Now open PhpMyAdmin and locate the table user in database you created uboat
Change the hash in the password column

** Yay everything done **

-> Now login by visiting http://url.com/Panel/login

Once you login you’ll get something like this

Credit : Souhardya Sardar, Tuhinshubhra & Team Virtually Unvoid Defensive

UBoat – A POC HTTP Botnet Project

UBoat Uses

Download

Installation

Bot Compilation

Panel Setup

Installation :

Database Config :

Panel Config :

Login Config :

APPLICATIONS

Shodanfy.py : Get Ports, Vulnerabilities, Informations, Banners

Learn Rust, One Exercise At A Time

Stegowiper : A Powerful And Flexible Tool To Apply Active Attacks For Disrupting Stegomalware

X-hackz : Your Gateway To Advanced Hacking Tools

HOT NEWS

httpgrep : Scans HTTP Servers To Find Given Strings In URIs

EVEN MORE NEWS

Bomber : Navigating Security Vulnerabilities In SBOMs

EmbedPayloadInPng : A Guide To Embedding And Extracting Encrypted Payloads In...

Exploit Street – Navigating The New Terrain Of Windows LPEs

POPULAR CATEGORY

PowerHuntShares : Audit Script Designed In Inventory, Analyze, And Report Excessive...

Flan : A Pretty Sweet Vulnerability Scanner

SSJ : Linux Distribution Gone Super Saiyan