Really? I'm helping him to build a botnet? All the information I've posted is available through this thing called a search engine. You might want to try one sometime.
How is it when someone posts a question about virii, botnets, anything considered by the individuals on this site to be the "dark side" and not part of "ethical hacking" they feel the need to immediately post something to that effect. What right do you or anyone on this site have to make the judgement that the person is intending to do something illegal. As proudindian posted, he is looking to learn. Whether or not this is the truth, I don't really care and neither should anyone else. Who are we to infer that he is lying and attempting to gather information for illegal purposes? He can easily google for anything he needs.
If all the people who post about how unethical some questions are, are so concerned about people using this information for anything but the ethical purposes, then perhaps they should take a different route and actually attempt to find out what person is looking to learn/do rather and explain the legal ramifications of such activites. Additionally, the information posted might enlighten some of the readers about the inner workings of that field/technology. Botnets in this instance.
Would it make a difference if proudindian had started his post with "I want to be an 'ethical' hacker and I'm interested in botnets, detecting and tracking them"? Also, perhaps english is not his first language. The reality is that whatever his motivations are we don't have the right to tell him otherwise. Perhaps if there is such a standard of ethics on this site then those persons who feel strongly enough should attempt to guide this person accordingly rather than making presumptions and accusations? Perhaps keeping them on this site is the first step rather than driving them away. I have yet to see anyone reference anything explaining the dangers of running a botnet.
here are a few examples:
http://www.sans.org/newsletters/newsbites/newsbites.php?vol=9&issue=47#sID200 - The FBI's Botroast.
http://www.securityfocus.com/brief/567 - Germany's 202(c) anti hacking law.
So I will continue to post on topics that people here consider unethical. Perhaps someone might learn something.
proudindian you seem to have the hang of winsock so perhaps this is too simple but here is a snippet of an IRC bot in perl. It will perform Google searches in the channel. It's not all the code but it gives you an idea. I wrote it using IO::Socket rather than POE::Component::IRC and Bot::BasicBot::Pluggable modules.
use strict;
use warnings;
use IO::Socket::INET;
use Switch;
my $server = $ARGV[0];
my $chan = $ARGV[1];
my $port = '6667';
my $nick = 'google-bot';
my $user = 'bot dbot bot bot';
my $owner = 'name';
my $pass = '***';
my $socket = IO::Socket::INET -> new (
PeerAddr
=> $server,
PeerPort
=> $port,
Proto
=> 'tcp',
Type
=> SOCK_STREAM,
Timeout
=> '10') || print "I died.\n";
print $socket "User $user\r\n";
print $socket "NICK $nick\r\n";
print $socket "privmsg nickserv IDENTIFY $pass\r\n";
print $socket "JOIN $chan\r\n";
print $ARGV[1];
my $a;
while ($a = <$socket>) {
if ($a =~ m/^\:(.*?)\!(.*?)\@(.*?) PRIVMSG (.*?) :(.*?)$/) {
my $unick = $1;
my $uident= $2;
my $uchost =$3;
my $uchannel =$4;
my $utxt = $5;
# String is parsed for the valid query.
if ($a =~ m/\!google/) {
if ($unick =~ $owner) {
my @query = split (" ", $utxt);
my $n = 1;
my $google_query;
my $query;
while ($query[$n]) {
$google_query .= $query[$n];
$google_query .= "%20";
$n++;
}
# Open socket to www.google.com.
my $result = IO::Socket::INET -> new ( PeerAddr => 'www.google.com',
PeerPort => '80',
Proto
=> 'tcp',
Type
=> SOCK_STREAM,
Timeout
=> '5') || print "An error occured.\n";
#Submit the search terms for the google query.
print $result "GET /search?num=5&hl=en&lr=lang=en&q=$google_query&btnG=SEARCH HTTP/1.0\n";
print $result "Host: www.google.com\n\n";
#Get the results from the search term and parse for valid urls. Also remove %20 from the search string when displaying it to the user.
my $get;
my @search = split ("%20", $google_query);
my $term = join (" ", @search);
while ($get = <$result>) {
$get =~ m!(<div class=g><h2 class=r><a href=\")((http\://|https\://|ftp\://)|(www.))+(([a-zA-Z0-9\.-]+\.[a-zA-Z]{2,4})|([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}))(/[a-zA-Z0-9%:/-_\?\.'~]*)?\"!;
print $get;
print $socket "privmsg $uchannel : Search Term: $term || Result : $3$4$5$8\n";
}
}
}
# basic check to see if port is listening on remote address. A simple connect scan.
if ($a =~ m/\!scan/) {
my ($ip, $tport, $res, $scan);
if ($unick =~ $owner) {
my @target = split (" ", $utxt);
$ip = $target[1];
$tport = $target [2];
$scan = IO::Socket::INET -> new ( PeerAddr
=> $ip,
PeerPort
=> $tport,
Proto
=> 'tcp',
Type
=> SOCK_STREAM,
Timeout
=> '3') || print " An error occurred. Die!\n";
if ($scan) {
$res .= "Open";
close ($scan);
}
else {
$res .= "Closed";
}
$res .="\n";
}
print $socket "privmsg $uchannel : Target: $ip : $tport || Result: $res\n";
}
if ($a =~ m/\!owner/) {
my @says = split (" ", $utxt);
my $say = $says[1];
if ($unick) {
print $socket "privmsg $uchannel :$owner is my master!\n";
}
}
Gates : Oracle version module for metasploit
Oct 2008 - Scooby Doo and the Crypto Caper : Skillz October 08 Winning Entry - Technical