-
Notifications
You must be signed in to change notification settings - Fork 5
/
README.txt
97 lines (69 loc) · 2.59 KB
/
README.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
#-----------------------------------#
# #
# Copyright (C) 2016 Azril Rahim #
# #
# azrilazam@gmail.com #
# #
#-----------------------------------#
INTRODUCTION
============
GOZDGA is Qt C/C++ implementation to generate GameOver Zeus (GOZ)
possible C2, P2P BOTS domain name based on Domain Generated
algorithm. The codes is taking the reversed engineer SEED value
from GOZ family codes
The codes should produced significant possible results to
immediate variants of GoZ family Malware.
GoZ DGA is generated against date input. GoZ generates about
10000 domain per day. Using GOZDGA, a specific domains list can
be produced on targeted date.
REQUIREMENT
-------------
TIG is a cross platform application that runs on MAC, WIN32/64, UNIX,
OS2 and LINUX. It is a C/C++ application that is coded entirely on
C++ Qt framework. For 64bit compatiblity, all compiliation for TIG
requires the following minimum specifications library to be installed
*Qt 5.4 (https://www.qt.io/download-open-source/)
INSTALLATION
-------------
Compilation
-----------
1. Please ensure all the dependencies libraries specified in the
requirement sections are properly installed
2. Extract all the files in the desired working directory.
e.g: /home/user/project/GOZDGA
3. The create a proper make file for compilation, you need to access
to the qmake command that comes with Qt framework. qmake command
must be issued inside the GOZDGA work directory.
%> cd /home/user/project/GOZDGA
%> /<qt install dir>/bin/qmake
4. After the qmake process is finish, you can called the make command
to complete the compilation
%> cd /home/user/project/GOZDGA
%> make
5. After a successful compilation, a TIG file will be created.
To invoke GOZDGA application:
%> cd /home/user/project/GOZDGA
%> ./gozdga
COMMAND LINE ARGUMENTS
----------------------
n=: number of domain to be generated (e.g 1000)
f=: output filename if the result need to be write to a file
d=: past, present or future date that DGA to be generated
format: DD-MM-YYYY
EXAMPLE
-------------
1. Display result on screen
%> ./gozdga n=1000 d=12-04-2016
2. Save result on a file
%> ./gozdga n=1000 d=12-04-2016 f=./result.txt
OUTPUT
-------
The output will be a single domain per line
e.g
gdgdhdddjkdgh.com
jdyeeje7653dfg.net
...
...
MAINTAINER
----------
* Azril Rahim <azrilazam@gmail.com>