A simple setup that demonstrates concept of zombie computer and using it for dos.
- Two machines with python3 installed (here one windows, other kali linux)
- Zombie systems are generally part of botnet but for this simple demo, there is only 1 zombie system.
- This is more like a python reverse connect script. Treat it like one.
- Host a sample website where there is a link to download the Zombie.py baiting victim.
- Send the file through email.
- Clone/Download the repo
- Copy the Zombie.py to victim machine. (here windows)
- Place the Controller.py in attacker machine.
- Place the server file on either a third machine(if possible) or on the attacker machine.
- Now, we will use zombie to dos the server flask file. So, run the server file first. Open it in browser and its displays instantly.
- Run the Zombie script on victim.
- Run the Controller script on attacker machine.
- Check for status of Zombie system using 'c' or 'C'.
- Start the attack by entering 'a' or 'A'.
- Open the server url in browser and eventually loading of page slows down and at a point complete connection is refused.
- Turn off your AV/Firewall or make firewall rules for ports needed.
- IP/Port forwarding (For example, through ngrok)
- Editing SOURCE/TARGET ip/port.
- Implement more than one zombie hosts using Mininet. (I haven't explored it completely, dont know if its possible.)
- Using an .exe file instead of Zombie.py script on victim. (on windows) // I did this using pyinstaller. I had to use freeze_control() to run multithreads properly.
- Improving the Controller.
- Adding functionality of poping up ads or sending emails through victim.
- Privilege Escalation if needed.
Dont judge me for using Bandicam :P
Note: This was for previous version. Command execution is shown in screenshot, video yet to be updated. ![Video for Demo]