UBoat : HTTP Botnet Project

UBoat is a POC HTTP Botnet designed to replicate a full weaponised commercial botnet.

What is a Botnet ?

When the HTTP protocol was born in 1999, no one ever thought it will be used by one of the most dangerous Cyber threats called Botnet. A bot is an application that can perform and repeat a particular task faster than a human. When a large number of bots infect different targets (e.g. Computers and Mobile Devices) and connect to each other, they form a network of bots or BotNet. A botnets consists of three main elements: the bots, the command and control servers (C&C), and a sophisticated attacker known as a botmaster who designed and control the botnet.

The first generations of botnets use the Internet relay chat or IRC and the relevant channels to establish a central command and control mechanism. The IRC bots follow the PUSH approach as they connect to selected channels and remain in the connect mode. They connect to the IRC servers and channels that have been selected by a botmaster and waits for commands. Although the IRC botnets are easy to use, control and manage, they suffer from a central point of failure.

Features

  • Coded in C++ with no dependencies
  • Encrypted C&C Communications
  • Persistence to prevent your control being lost
  • Connection Redundancy (Uses a fallback server address or domain )
  • DDoS methods (TCP & UDP Flood)
  • Task Creation System ( Altering system HWID,Country,IP,OS.System )
  • Remote Commands
  • Update and Uninstall other malware
  • Download and Execute other malware
  • Active as well as Passive Keylogger
  • Enable Windows RDP
  • Plugin system for easy feature updates

Also Read – LinPwn : Interactive Post Exploitation Tool

Getting started ?

  • Download the bot by clicking here.
  • Follow the wiki here.

Screenshots

Disclaimer

This project should be used for authorized testing or educational purposes only.

The main objective behind creating this offensive project was to aid security researchers and to enhance the understanding of commercial HTTP loader style botnets . I hope this project helps to contribute to the malware research community and people can develop efficient counter mesures 🙂

Usage of uboat without prior mutual consistency can be considered as an illegal activity. It is the final user’s responsibility to obey all applicable local, state and federal laws. Authors assume no liability and are not responsible for any misuse or damage caused by this program.

Download
R K

Share
Published by
R K
Tags: BotnethttpUBoat
6 years ago

Recent Posts

ROADTools: The Modern Azure AD Exploration Framework

ROADTools is a powerful framework designed for exploring and interacting with Microsoft Azure Active Directory…

16 hours ago

How to Enumerate Microsoft 365 Groups Using PowerShell and Python

Microsoft 365 Groups (also known as M365 Groups or Unified Groups) are at the heart…

16 hours ago

SeamlessPass: Using Kerberos Tickets to Access Microsoft 365

SeamlessPass is a specialized tool designed to leverage on-premises Active Directory Kerberos tickets to obtain…

2 days ago

PPLBlade: Advanced Memory Dumping and Obfuscation Tool

PPLBlade is a powerful Protected Process Dumper designed to capture memory from target processes, hide…

2 days ago

HikPwn : Simple Scanner For Hikvision Devices With Basic Vulnerability Scanning

HikPwn: Comprehensive Guide to Scanning Hikvision Devices for Vulnerabilities If you’re searching for an efficient…

3 days ago

Comments in Bash Scripts

What Are Bash Comments? Comments in Bash scripts, are notes in your code that the…

1 week ago