This project was an educational exercise for Fullstack Academy's Cyber Security Bootcamp.
Please visit: https://youtu.be/DDlEXH1aIiU
-
README.md
You're here now.
-
GUI.py
Running this both starts a python server on port 8080 and launches a graphic user interface to issue commands to "victim" machines. Inputting the UID (an integer) of a specific machine will instruct that machine. Inputting
any
for the UID will instruct all active machines. -
Instructions_editor.py
Python script that the GUI calls to edit a file hosted on the server called
instructions.txt
. -
ServerStart.py
Python script that the GUI calls to launch the server. This script also sets up a directory called
server
and pupulates them with the filesbotnames.txt
,logs.txt
, andinstructions.txt
. -
editbotname.py
ServerStart.py calls this script to maintain a roster of machines listed on
botnames.txt
. The script updates the list as machines send a POST request to the server with their UID. -
EasyBot.py
This script reads the crontab and adds two cronjobs (if they aren't already present) that ensure that this script is ran every day at noon and that a function called
instructions()
is ran every minute. It then creates a directory called.bot
in the/tmp
directory if it doesn't already exist.A file called
name.txt
is written to the.bot
directory. The script checks the pagebotnames.txt
and assigns itself a UID based on the last listed integer on the page. For example if the last integer is 5, then the script will write 6 into thename.txt
file.The
instructions()
function sends a GET request toinstructions.txt
. If the machine finds instructions withany
or its UID on the page, it will execute those instructions and send a time stamped output with its UID to the server. If there are no instructions for the machine, then it will send a time-stamped message to the logs saying that it is online. All GET and POST requests are documented on the serverside inlogs.txt
.
-
In EasyBot.py, replace the
{IP}
tag where it is present with the IP address of the machine hosting the server. -
EasyBot.py is self-contained and can be installed anywhere on the 'victim' machine.
-
GUI.py, Instructions_editor.py, ServerStart.py, and editbotname.py all need to be present in the same directory to function properly.
This is for educational purposes only. Feel free to test this on your own network and change the code to fit your needs, but we do not condone this being used for any unauthorized or illegal activites.