QuasiBot - Webshell Manager aka HTTP Botnet QuasiBot is a complex webshell manager written in PHP, which operate on web-based backdoors implemented by user himself. Using prepared php backdoors, quasiBot will work as C&C trying to communicate with each backdoor. Tool goes beyond average web-shell managers, since it delivers useful functions for scanning, exploiting and so on. It is quasi-HTTP botnet, therefore it is called. All data about bots is stored in SQL database, ATM only MySQL is supported. TOR proxy is also supported, the goal was to create secure connection between C&C and backdoors; using SOCKS5, it is able to torify all connections between you and web server. All configuration is stored in config file. QuasiBot its still under construction so i am aware of any potential bugs. You will need any web server software; tested on Linux, Apache 2.2 and PHP 5.4.4. How it works? quasiBot is operating on web-shells delivered by user, each backdoor is being verified by md5 hash which changes every hour quasiBot (C&C) -[request/verification]-> Bots (Webshells) -[response/verification]-> quasiBot (C&C) -[request/command]-> Bots (Webshells) -[response/execution]-> quasiBot (C&C) Backdoors consists of two types, with and without DDoS module, source code is included and displayed in home page; Connection between C&C and server is being supported by curl, TOR proxy is supported, User Agent is being randomized from an array quasiBot (C&C) -[PROXY/TOR]-> Bots (Webshells)
Posted on: Sun, 03 Aug 2014 18:08:41 +0000
Trending Topics
Recently Viewed Topics
© 2015