- Back to Home »
- Hacking »
- Ares - Python Botnet and Backdoor
Posted by : Beauty Cyber Squad Official
Thursday, December 12, 2019
Ares is made of two main programs:
Command and control server, which is a Web interface for managing agents and agent programs, that runs on compromised hosts and ensures communication with CNC
Web interfaces can be run on servers running Python. You need to install the cherrypy package. The client is a Python program intended to be compiled as a win32 executable using PyInstaller. it depends on the request, pythoncom, pyhook python modules and PIL (Python Imaging Library).
currently supporting :
- Remote cmd.exe shell
- Persistence
- File upload / Download
- Screenshot
- Key Logging
Installation Server :
To install a server, first create a sqlite databe
cd server/
python db_init.py
if it's not installed, install the cherrypy python package.
then discharge the server with the command:
python server.py
By default, the server listens on http: // localhost: 8080
agent
the agent can be launched as a python script, but it is ultimately intended to be compiled as a win32 executable using PyInstaller.
First, install all dependencies:
requests
pythoncom
pyhook
PILL
then configure agen /setting.py according to your needs:
ERVER_URL = URL of the CNC http server
BOT_ID = name (unique) of bot, leave blank to use hostname
DEBUG = must debug message to be printed to stdout?
IDLE_TIME = time of inactivity before going in standby mode (Agents check CNC for commands much more frequently when standby).
REQUEST INTERVAL = interval between each query to CNC when active
Finaly, use PyInstaller to compile the agent into a single exe file:
cd client /
PyInstaller --onefile -
noconsole agent.py