by​ ​XKeyscore​ ​-​ ​Raidforums.

com ​ ​ ​ ​NOTE:​ ​ALWAYS​ ​RUN

CRACKED​ ​ITEMS​ ​IN
VIRTUAL​ ​MACHINE

How​ ​to​ ​make​ ​a​ ​mining​ ​botnet

About:
A botnet can be defined as a network of infected computers. It can be used for numerous
reasons in this guide I will be covering how to make money with it. I have been working with
botnets and on botnets for several years and I’m now here to share some knowledge. In this
tutorial I will only be explaining HTTP botnets, but that will be covered from start to end. Which
hopefully​ ​will​ ​give​ ​you​ ​the​ ​knowledge​ ​to​ ​make​ ​your​ ​own.

When​ ​categorizing​ ​botnets​ ​we​ ​will​ ​often​ ​and​ ​most​ ​likely​ ​hear​ ​about​ ​3​ ​types,​ ​if​ ​talking​ ​HTTP.

- Loader
- Stealer
- DDOS

Loader is made to hold the bots for the longest period of time possible, this often only allows
simple features as download & execute, update, uninstall and a simple botkiller. A botkiller is
used​ ​to​ ​remove​ ​all​ ​other​ ​malware,​ ​to​ ​make​ ​sure​ ​you​ ​get​ ​the​ ​most​ ​out​ ​of​ ​their​ ​pc.

Stealers are used to steal data, passwords, logins, credit cards, ftp clients basically everything
there is to steal (Of course depending on the botnet.) A very well known stealer could be
Neutrino​ ​HTTP.

DDOS botnets are typically the most known among the community and the reasons are good.
You have to option to make something go offline with a various of different ddos methods. This
can​ ​also​ ​be​ ​used​ ​for​ ​money​ ​if​ ​you​ ​make​ ​a​ ​ransom​ ​demand​ ​or​ ​rent​ ​it​ ​out.

Free​ ​Botnets
- Betabot is a strong multitask and native bot, this can be found cracked all over the
internet, but watch out for malware. This is one of the best choices to hold a good
amount of bots, it is featured with one of the best botkillers out in the public, AV Killer,
Persistence, Hosts file editor, few simple ddos methods overall a very nice and stable
botnet.
- Novobot​ ​is​ ​loader​ ​made​ ​in​ ​C++,​ ​very​ ​simple​ ​botnet.
- Gaudox ​is a freeloader, released by excr4sh. It has a decent crypter and is possible
one​ ​of​ ​the​ ​best​ ​choices​ ​if​ ​you​ ​need​ ​to​ ​hold​ ​a​ ​fair​ ​amount​ ​of​ ​bots
- Loki​​ ​is​ ​a​ ​very​ ​popular​ ​stealer
- OmegaNet ​is a botnet based of LiteHTTP (OPEN-SOURCE on github), it
differentiates from the original LiteHTTP by being classed as a multi-task botnet
instead​ ​of​ ​a​ ​loader.
- DiamondFox​​ ​is​ ​a​ ​multi​ ​task​ ​botnet,​ ​very​ ​good​ ​many​ ​people​ ​use​ ​it..
 by​ ​XKeyscore​ ​-​ ​Raidforums.com ​ ​ ​ ​NOTE:​ ​ALWAYS​ ​RUN
CRACKED​ ​ITEMS​ ​IN
VIRTUAL​ ​MACHINE

Paid​ ​Botnets
- Quant​ ​-​ ​Loader:​ ​https://forum.exploit.in/index.php?showtopic?=108142
- Neutrino:​ ​https://forum.exploit.in/index.php?showtopic?=78268
- Miner​ ​Bot:​ ​https://forum.exploit.in/index.php?showtopic?=125036
- Azourult​ ​-​ ​Stealer:​ ​https://forum.exploit.in/index.php?showtopic?=100
- Godzilla​ ​-​ ​Loader:​ ​https://forum.exploit.in/index.php?showtopic?=98946

Hosting
So, before you go out believing you can conquer the world with only the first page you are wrong. You
will have to read everything in this ebook to be successful. When making botnets there is a clear nono
that is using normal hosting. No, you can not use google vps, amazon vps or any of “normal” hosting
sites. You will be in need of a offshore / bulletproof server and domain, this will save you from a lot of
trouble​ ​in​ ​the​ ​future.

Offshore​ ​/​ ​Bulletproof​ ​hostings:

- Panamaserver.com
- Offshoreracks.com
- CCIHosting.com
- r01.ru
- nic.ru
- tonic.tu
- openleaf.net.ru​ ​(Most​ ​populare​ ​with​ ​beginers.)

When buying hosting i suggest you are purchasing with “Fast Flux”, It’s a proxy system that hides
your​ ​servers​ ​real​ ​ip.

Setting​ ​up​ ​your​ ​VPS

Once you have purchase your hardware, you will begin to look at software. You should make sure you
get SSH, FTP and control panel details. SSH is used to execute all your commands and to control
your OS (Operating System). FTP is used to transfer files between you and your server. Control panel
is​ ​used​ ​for​ ​statistics,​ ​reinstalling​ ​server,​ ​reboot​ ​and​ ​for​ ​setting​ ​up​ ​your​ ​domains.

To access your SSH you are going to be needing Putty, which can be found here:
http://www.putty.org/ once you have downloaded you should use your login credentials to access your
servers.

Centos​ ​6​ ​SSH​ ​Installation

a. We will start out by updating our server and ​install wget and vim​. You will throughout
installation​ ​be​ ​asked​ ​to​ ​confirm,​ ​in​ ​that​ ​case​ ​you​ ​press​ ​“Y”​ ​and​ ​enter.

Execute​ ​these​ ​commands​ ​in​ ​this​ ​order.

- sudo​ ​yum​ ​update

- sudo​ ​yum​ ​install​ ​wget
- sudo​ ​yum​ ​install​ ​vim
 by​ ​XKeyscore​ ​-​ ​Raidforums.com ​ ​ ​ ​NOTE:​ ​ALWAYS​ ​RUN
CRACKED​ ​ITEMS​ ​IN
VIRTUAL​ ​MACHINE

b) After​ ​you​ ​have​ ​done​ ​that​ ​you​ ​will​ ​need​ ​to​ ​install​ ​Apache

Execute​ ​these​ ​commands​ ​in​ ​this​ ​order.

- sudo​ ​yum​ ​install​ ​httpd

- sudo​ ​service​ ​httpd​ ​start

Once​ ​you​ ​have​ ​done​ ​that​ ​simply​ ​proceed.

c) Now we will need to install PHP. In most scenarios we are going to be needing a fully update
PHP,​ ​so​ ​we​ ​will​ ​install​ ​it​ ​and​ ​then​ ​upgrade​ ​it​ ​using​ ​REMI​ ​and​ ​EPEL​ ​Repositories.
- sudo​ ​yum​ ​install​ ​php

Installing​ ​the​ ​repositories

- wget ​https://dl.fedoraproject.org/pub/epel-release-latest-6.noarch.rpm && rpm -Uvh

epel-release-latest-6.noarch.rpm
- wget ​http://rpms.famillecollet.com/enterprise/remi-release-6.rpm && rpm -Uvh
remi-release-6*.rpm

You will now need to enable the REMI repository globally. We will be needing VIM, the free text editor
we used before. (PRESS: Insert to edit and ESCAPE to go into command mode) Now go into
command​ ​mode​ ​and​ ​type​ ​this

- vim​ ​/etc/yum.repos.d/remi.repo

Now press insert and under the section [remi] and [remi-php56] change the following from 0 to 1:
enabled​ ​=​ ​0​ ​now​ ​press​ ​ESC​ ​again​ ​and​ ​type​ ​out​ ​the​ ​following​ ​command:

- :wq

We​ ​will​ ​now​ ​be​ ​upgrading​ ​our​ ​PHP:

- sudo​ ​yum​ ​-y​ ​upgrade​ ​php*

d) We​ ​will​ ​now​ ​be​ ​installing​ ​MySQL

- sudo​ ​yum​ ​install​ ​mysql​ ​mysql-server

Now​ ​we​ ​will​ ​run​ ​MySQL

- sudo​ ​service​ ​mysqld​ ​start

Using​ ​these​ ​commands​ ​you​ ​can​ ​check​ ​your​ ​MySQL​ ​version​ ​and​ ​upgrade

- yum​ ​-y​ ​update​ ​mysql*

- rpm​ ​-qa​⎜grep​ ​mysql

d.1) These may not be necessary, but a few botnets need more PHP libraries- This can be
achieved​ ​like​ ​so.
 by​ ​XKeyscore​ ​-​ ​Raidforums.com ​ ​ ​ ​NOTE:​ ​ALWAYS​ ​RUN
CRACKED​ ​ITEMS​ ​IN
VIRTUAL​ ​MACHINE

- sudo​ ​yum​ ​install​ ​php-mysql​ ​php-pdo​ ​php-common​ ​php-cli​ ​php-gd

e) You are almost done setting up your server, nice of you to make it this far! You will
now need to install Ioncube loader. You can download it of
https://ioncube.com/loaders.php I use Centos 6 64-bit, so i will use Linux 64-bit.
Checking through the link above, you will often get quite confused unless you know
what​ ​you​ ​are​ ​doing,​ ​therefore​ ​check​ ​your​ ​php​ ​version​ ​like​ ​so.
- ​ ​php​ ​-v

In my scenario i have installed PHP 5.6, which will mean i download the file called:
ioncube_loader_lin_5.6 and upload it to my server. Now this can be done with SSH, but for
the simplicity we will use FTP. Simply download a ftp client (etc. Filezilla) and login with your
credentials the rest should be easy for you as it will be extremely obvious. Now upload the
file you just downloaded to /usr/lib64/php/modules/ioncube_loader_lin_5.6.so You will now
need​ ​to​ ​use​ ​VIM​ ​again​ ​for​ ​editing​ ​php.ini,​ ​it​ ​can​ ​be​ ​found​ ​under​ ​/etc/php.ini

​ ​Execute​ ​the​ ​following​ ​command​ ​in​ ​ssh​ ​again

- vim​ ​/etc/php.ini

Press insert and add the following to the top of the file. It is just a path to Ioncube loader. It is
crucial​ ​that​ ​the​ ​version​ ​of​ ​Ioncube​ ​loader​ ​and​ ​php​ ​is​ ​the​ ​same!!

Add​ ​this​ ​line:

- zend_extension​ ​=​ ​/usr/lib64/php/moduels/ioncube_loader_lin_5.6.so

When that has been done we will restart apache and mysql to check if you have
installed​ ​it​ ​correctly.

- service​ ​httpd​ ​restart

- service​ ​mysqld​ ​restart
- php​ ​-v

f) You​ ​will​ ​now​ ​need​ ​to​ ​run​ ​a​ ​MySQL​ ​installation​ ​script.
- mysql_secure_installation

This will allow us to setup a new root password to your MySQL, if any other questions
pop​ ​up​ ​simply​ ​type​ ​yes.

Log​ ​into​ ​MySQL:

- mysql​ ​-u​ ​root​ ​-p

Create​ ​a​ ​new​ ​database:

- create​ ​database​ ​WhatEverYouCallIt

 by​ ​XKeyscore​ ​-​ ​Raidforums.com ​ ​ ​ ​NOTE:​ ​ALWAYS​ ​RUN
CRACKED​ ​ITEMS​ ​IN
VIRTUAL​ ​MACHINE

Create​ ​a​ ​new​ ​user​ ​with​ ​privileges​ ​and​ ​refresh

- CREATE​ ​USER​ ​'USERNAME'@'LOCALHOST'​ ​IDENTIFIED​ ​BY​ ​'PASSWORD';

- GRANT​ ​ALL​ ​PRIVILEGES​ ​ON​ ​WhatEverYouCallit​ ​.​ ​*​ ​TO​ ​'USERNAME'@'LOCALHOST';
- FLUSH​ ​PRIVILEGES;

You have now successfully setup a Centos 6 VPS with environments suited for the botnet. If
you​ ​will​ ​like​ ​a​ ​Centos​ ​7​ ​version​ ​I​ ​will​ ​make​ ​that​ ​as​ ​soon​ ​as​ ​anybody​ ​need​ ​it​ ​:)

Making​ ​money
So, when all of that has been said and i went a bit off topic- Let’s get into the money making of it.
You​ ​should​ ​now​ ​have​ ​a​ ​botnet​ ​setup​ ​and​ ​ready​ ​to​ ​go.​ ​So,​ ​how​ ​do​ ​i​ ​make​ ​money?

When you have everything setup, you need to build your stub (The infected file / Trojan). To build
the stub open up your builder, each botnet has a different builder. If you are using a cracked
botnet be careful, it may be backdoored!!!! Building the stub should be very easy, most botnets
come with instructions on how to do it- Usually you only need to fill in spaces. Once you have
done that, you will need to encipher your stub. After you have done that, you can start spreading.
I​ ​won’t​ ​be​ ​covering​ ​that,​ ​so​ ​find​ ​some​ ​leak​ ​of​ ​books​ ​from​ ​HF​ ​:)​ ​I​ ​may​ ​link​ ​some​ ​if​ ​many​ ​need​ ​it.

You are now far enough in this process to give yourself a clap on the shoulder, you did good so far. I
don’t believe you already have a silent miner before reading this, but find one on the various of
different forums A silent miner is simply Crypto Mining Malware. Cryptocurrency mining is a
computationally intensive task which requires powerful resources from specialized hardware and
dedicated processors- Which has a significant electricity costs and the invest in hardware is simply to
much to avoid costs of expensive hardware, we will infect multiple systems and consume the users'
CPU and GPU power. . You will be charged for these, but they usually only cost around $20-30-
Which is a very cheap expense. If you have bought it, ask the seller if it is FUD (Fully Undetectable) if
it is carry on, if it isn’t encipher the build you got. Now comes the really easy part, login to your botnet
find​ ​tasks​ ​and​ ​upload​ ​the​ ​FUD​ ​silent​ ​miner​ ​build.

Many people would go for the most logical way, which is to mine bitcoin. But the most profitable is
Monero​ ​(XMR).

You​ ​are​ ​now​ ​making​ ​money!​ ​Keep​ ​spreading​ ​and​ ​if​ ​you​ ​need​ ​help​ ​message​ ​me​ ​:)