UBoat is a POC HTTP Botnet designed to replicate a full weaponised commercial botnet.
What is a Botnet ?
When the HTTP protocol was born in 1999, no one ever thought it will be used by one of the most dangerous Cyber threats called Botnet. A bot is an application that can perform and repeat a particular task faster than a human. When a large number of bots infect different targets (e.g. Computers and Mobile Devices) and connect to each other, they form a network of bots or BotNet. A botnets consists of three main elements: the bots, the command and control servers (C&C), and a sophisticated attacker known as a botmaster who designed and control the botnet.
The first generations of botnets use the Internet relay chat or IRC and the relevant channels to establish a central command and control mechanism. The IRC bots follow the PUSH approach as they connect to selected channels and remain in the connect mode. They connect to the IRC servers and channels that have been selected by a botmaster and waits for commands. Although the IRC botnets are easy to use, control and manage, they suffer from a central point of failure.
Features
Also Read – LinPwn : Interactive Post Exploitation Tool
Getting started ?
Screenshots
Disclaimer
This project should be used for authorized testing or educational purposes only.
The main objective behind creating this offensive project was to aid security researchers and to enhance the understanding of commercial HTTP loader style botnets . I hope this project helps to contribute to the malware research community and people can develop efficient counter mesures 🙂
Usage of uboat without prior mutual consistency can be considered as an illegal activity. It is the final user’s responsibility to obey all applicable local, state and federal laws. Authors assume no liability and are not responsible for any misuse or damage caused by this program.
Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…
MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…
"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…
CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…
The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…
The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…