Welcome back to another security tutorial my botnet masters! Before we begin, I would like to assume that everyone knows creating a botnet and or a command and control server for live use with malware on the internet is ILLEGAL. I do not host any of these files on my site nor wrote any of the code. The information you will find is online with a simple google search (sort of).
This information is very interesting from an analytical point of view for a security analyst but obviously shouldn't be applied unless you want to learn to code some malware, infect the world and get yourself arrested. If that's your thing, then good luck.
In this tutorial we will focus on a python command and control server. I found a interesting youtube video that shows proof of concept for one.
You can head on over to https://www.youtube.com/watch?v=7nrtGiDLmOo and check it out
The server and client Python script can be found on Pastebin here,
Server script : http://pastebin.com/yWraDA4P
Client script: http://pastebin.com/G8ga524L
Now, this obviously is a proof of concept code, so how would you go about applying other functions in the server/malware? Well that question you'll have to figure out for yourself with some coding knowledge, BUT you can check out this article on how to modify registry keys in a proof of concept malware.
You can also check out this article on Nullbyte which shows you how to create an encryption program with python. Did someone say ransomware code in the making?! Hopefully not....
Putting all these pieces together can give you some understanding of how malware and a command and control server can work and the scripting that goes on behind the malware.
"Hey man, so looking at the proof of concept code it cool and all, but I don't quite get it, or how do they put all this together." Well never fear confused malware tester!
We can head on over to https://github.com/jekil/awesome-hacking/tree/master/Malware/Source%20Code and download actual malware code that has been released!
SAY WHAT???? YES, this GitHub is hosting malware source code like Tinynuke, Zeus, Android malware and Fancybear etc. You can go in and check out the code all you'd like.