This repo contains code for research purposes to use DNS as a C&C for malware.
Team Cyber Ghosts
Contestants:
- Alana Ribeiro
- Deividy Negri
- Jesse Jacoby
- Lucas Vaccaro
Configuration files for the DNS and FTP servers are under /config
. There is also an example of an internal network configuration using VirtualBox.
Malware source code is under /src/malware
.
Sorce code for the DNS side, including GUI, is under /src/dns_side
.
Python 2.7
py2exe module for creating an executable file.
pycrypto module for encryption.
Assuming there is a working local or virtual network (including DNS and FTP servers), execute the following files:
listen_malwares.py
on the DNS sideGUI.py
on the DNS side- Run the malware on the target machine (using Python or the executable file generated by py2exe)
Note: It may be necessary to change IP addresses and/or FTP configuration in the source code.