Coded professionally in C++, Beta Bot is the product of nearly a year and a half of hard work, long nights, and uncanny dedication. With the goal of creating a bot with a very diverse list of functioning features for a more than fair price, we’ve searched high and low, talking to everyone possible to create the most appealing and useful bot possible. All of our features work fully (except maybe the experimental Ruskill), nothing included is useless dead weight, and everything should prove to work very efficiently and effectively Beta Bot - Main Features █ Disable Anti Virus Using multiple methods removal methods, Beta Bot is able to remove or disable over 30 different Anti Viruses from user mode. On Vista and 7, elevation is required for this function to work properly. To help achieve maximum efficiency, Beta Bot has incorporated a custom ‘social engineering’ tactic (written in 12 languages) to trick the user into elevating the bot. Th is method has proven to roughly 80% effective when attempting to elevate privileges. A complete list of AV’s killed is shown here: (Click to View) █ Bot Persistence Beta Bot protects all bot resources (Process / Files / Start Up) from removal or termination. Four different layers of protection shield your bot, and files can be considered extremely secure and highly resilient to removal. In the unlikely case the bot is somehow terminated, it will automatically be restarted. █ Bot Killer The next-gen Bot Killer in Beta Bot will successfully kill and remove all major malware you may come across when working with Install Shops and Pay Per Install ventures. The Bot Killer scans process and start up locations for suspicious entries. All injected code and crypted files using RunPE methods with be terminated. However, removal of the physical source of injected code from the disk is not always possible. █ System Wide Userkit (Ring3 Rootkit) The use of a System Wide Userkit in Beta Bot greatly reduces the ability o PC users and usermode programs from removing the bot. Using hooking technology never before seen in usermode malware, Beta Bot is able to intercept any NT system service calls sent to block or modify access to any resources it chooses. This feature is to obviously hinder the effectiveness of bot removal. Additionally, Beta Bot is able to remove consistently 3rd Party hooks on critical functions and also restore its own hooks. █ Custom Injection Techniques Beta Bot incorporates three unique and custom methods of injection, including a new zombie process method. The bot is able to bypass even the most sophisticated Anti Virus Proactive Defenses and Firewall Restrictions. █ Proactive Defense Mode Allows you to toggle whether or not Beta Bot actively defends against other bots installing and/or injecting into processes. When enabled, any bot reliable on a RunPE will be blocked from working. Most, if not all, injection me thods are blocked as well. It even has the ability to block some bots before they can even install. Beta Bot - Additional Features - Multi Server Support for up to 16 different servers. Different configurations are possible for each individual server. - Four different DDoS methods. Uses local information to attempt to randomize headers in HTTP Floods. UDP Rapid Connect/Disconnect HTTP GET Slowloris - Experimental Ruskill Using an active Sandbox-like, Beta Bot will attempt to sequester specified programs and roll back any changes made by them after running. This feature is currently in development and may not work on some bots. - Form Grabbers When specified sites are detected, Beta Bot will pull any relevant forms as they are sent, and export details to the main panel. The use of wildcard masks are supported when specifying target URLs. FireFox (Normal and SSL) Internet Explorer (Normal and SSL) Internet Explorer Formgrabber uses different locations for hooks when available to avoid conflicts with other 3rd party Formgrabbers. - DNS Blocker + Redirector Without touching the HOSTS file, Beta Bot is able to block domains or redirect them. Entries are specified in the panel and formatting when doing so is identical to the HOSTS file format. - USB Autorun When enabled, Beta Bot will add itself to any USB drive inserted into the machine using LNK-File swap techniques. - SOCKS4 Server Turn your bots into dedicated SOCKS4 proxies. Supports UPnP. - FTP/PuTTY Stealer Collects and organizes FTP logins from a large list of FTP clients as well as harvests live FTP logins as they happen in real time. The PuTTY Stealer works the same, collects logins live as they connect to SSH daemons via PuTTY. - Various Rudimentary Antis To help maintain the integrity of Beta Bot and to protect various pieces of vital code, Beta Bot makes use of multiple anti debugging and anti dumping methods. - Download / Update / Uninstall / etc Basic commands expected of all bots. - Additional User Accounts Ability to create additional user accounts to access your panel. Fully customizable access levels. Beta Bot - Recent Updates and Changes 1. Improperly functioning update command where not all previous injected instances unloaded,resulting in old autorun value being set sometimes. Updated bots would also not check back in until reboot - FIXED 2. Botkiller causing explorer.exe to not start on reboot on some XP systems and systems where bot ran elevated. - FIXED 3. Fixed Disable proactive defense for process ... in download task. Originally only disabled it for that process very briefly, then it would be turned back on. Now it stays off for that specific processes lifetime. (Please note new processes created by this process will have proactive defense turned on). -FIXED 4. Some misc. crashes on XP - FIXED 5. Minor tweaks to userkit made. Other improvements made 1. Changes to the download command: - Downloader now uses an alternate folder to download file to if normal one is inaccessible for whatever reason. - User agent based on current IE setting is used. If not available, defaults to a static, hardcoded agent string. - Disable proactive defense for current download.. is now more functional 2. Small addition to persistence to block another method of preventing bot from running. Beta Bot - Requirements In order to successfully host Beta Bots Panel, your Web Server needs the following: ✓ ionCube loader 5.4 ✓ MySQL ✓ PHP 5.4.x+ ✓ PHPMyAdmin to import CSV for GeoIP Beta Bot - Rules of Ownership • Do not distribute an uncrypted binary. Always encrypt it first. • You may not sell your binary. If you purchase a binary from another user, you will not be supported. • We are lenient on our rebuilds, but if we suspect abuse we will not hesitate to stop updating you and drop supporting you completely. Proactive defense: If you are selling bots, or even plan on installing other bots, turn this OFF and keep it OFF! Its sole purpose is to prevent other bots and similar tools (RATs/etc) from running or even installing. Leaving this on or constantly toggling it on and off will probably result in poor execution rates. Also, on the download task page, you can also chose Disable proactive defense for new process to allow file to run if there are persisting issues. Duplicate bots: On some computers, the UUID for the machine is not properly saved, or the machine is possibly restored periodically, which results in the bot coming back with a different UUID on reboot. The issue with this has not yet been pinpointed, but the thing to remember is that you are not losing any bots. The only thing that this means is your Total bots stats may slightly increase over time. Formgrab filters: Use wildcards always, as it does a comparison based on the URL. For example, to capture from any page on somesite, do *somesite*. USB Spread: Leaving USB spread on will probably increase the speed of detection of the file for obvious reasons. DNS Modification: The DNS modification list supports maximum of 1024 hosts. Botkill notes: Only the first betabot copy on the system is most protected. If you install another copy of betabot, that copy can be killed and removed by the first copy, but NOT the other way around.
Posted on: Wed, 08 Oct 2014 07:19:45 +0000
Trending Topics
Recently Viewed Topics
© 2015