Tuesday, October 17, 2017
Home / Programming / C++/C / 3vbot Full C++ Source

3vbot Full C++ Source

Features:

    Support for unlimited number of Servers
    Server Connection Handler, will loop through servers list (if more than 1) until it can connect somewhere. – Helps not lose your bots!
    SSL Support – ON DEMAND, CURRENT VERSION INCREASES SIZE A BIT
    File Peristence
    Registry Persistence
    Sister thread for survival – Contrary to popular belief on the “noobishness” of this method, I’ve found that it works just fine.
    MD5 Based Management that helps manage bigger networks
    No issues with any OS post XP/2K3 (Haven’t tested with Win2k), does not raise any popups, UAC elevation prompts, or anything. Installs fine under Vista/7
    USB Spreading
    No Ping Timeouts, or losing bots from connection issues – A specific handler coded to handle ping timeouts, inability to contact servers, server crashes, so if the connection drops (in the event of a ping timeout, slave’s internet went off), bot will recover A.S.A.P
    Anti’s – A constantly implemented ANTI list. Not a copy paste job, I coded all VM anti’s myself and I am using my own methods to detect VM’s and scanners. You won’t lose infections because this bot’s anti is not wrong when it detects something.
    UDP / TCP DDoS – A non resource whore DDoS for your needs.
     for new infection at the start of the nickname for new bots, and [NU] for new bots coming from USB infection.
    Botkiller! Attempts to kill other bots on the system! My method :$

Commands:

 

  • [*]Download – Downloads a file from the internet, and executes it if desired. [!download url 1/0] (1 = exec, 0 = not) – *Does not use crappy URLDownloadToFile
  • [*]Update – Updates the bot to a newer version. [!update url] – *Bots that fail will retry before say they failed **The bot WILL NOT QUIT OR UNINSTALLunless the update was successful!
  • [*]Uninstall – Uninstalls the bot from the system [!uninstall] – *THIS WILL ERASE THE BOT COMPLETELY FROM THE TARGET SYSTEM. CARE!
  • [*]Visit – Visits a web location, with the page visible to the computer or not [!visit url 1/0] (1 = visible, 0 = invisible)
  • [*]Sort – Sorts the bots based on their country, and each individual bot will join the channel of his country (#chn, #bra etc.) [!sort <password>] – * The <password> field is there in case the country channels are password protected
  • [*]USort – Makes the bots leave the country based channel they joined [!usort]
  • [*]USB – Starts the USB spreading. [!spread.usb] – *FUD Autorun.inf, NO MORE LOOPS OR ERROR MESSAGES!. For those of you that are tired with bots popping errors on slave computers because they cannot access drives that don’t exist or are unavailable. This infects the drive -THE MOMENT- it is entered on the computer, before it is visible to the user!
  • [*]USB-Stop – Stops infecting through USB [!spread.usb.stop]
  • [*]Version – Prints out the bot version [!version]
  • [*]Silence – Silences the bot, they do not print out messages anymore [!silence]
  • [*]Uptime – Shows bot uptime [!uptime]
  • [*]DDoS – UDP & SSYN DDoS. [!ddos.tcp ip port seconds delay] [!ddos.ssyn ip port seconds] [!ddos.stop] – *ip -> target ip/hostname **port target port ***seconds for how long ****delay delay in milliseconds between each packet. 1000msec = 1 second. The lower this value is the more resources the ddos will consume. Values lower than 20ms (sometimes 100) may cause you to lose some bots if the network connection is slow. (!ddos.stop stops any ongoing DDoS attacks)
  • [*]Botkiller – [!botkiller] attempts to kill other bots on the system

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

iCrypt v1.3 Source Released

ACiiiD from a popular malware programming forum, Opensc.ws, has released a crypter project that was started …

  • zen

    umnm…so where is the download?

    • Zher0

      We had an update and removed downloads, will update asap.

  • zen

    would be interested in checking this out…curious if its a copycat or not–lemme know when you add it. …also, you tagged with C# …?

    thanks for responding!

    • Zher0

      Fixed.