Skip to Main Content
Malicious Bots
book

Malicious Bots

by Ken Dunham, Jim Melnick
August 2008
Intermediate to advanced content levelIntermediate to advanced
168 pages
4h 55m
English
Auerbach Publications
Content preview from Malicious Bots
Technical Introduction to Bots  85
is converts to “wait 30.” Multiple commands look like this:
d2FpdCAzMA0KdGlkIDE5NQ0Kcmd0dHAgMTA=
is converts to the following:
wait 30
tid 195
rgttp 10
Haxtor (aka “Prg,” “NTOS,” and “WSNPoem”) uses encrypted communica-
tions between a bot and the Web-based C&C. e snippet below shows standard
ping-pong-type connection status events with three dots, followed by encrypted
communications (trimmed significantly here):
...
...
...
..........o.:p.1.....MR.Sd
...P....
...0......xNca.p......I..!l...w.gy..$~ov.Q.|c..d$....]..
a.y....Z.......%..v#...
......+..(..+<~......0..
N..x.pcY.$....h...v$.0XT.{f....yg(....Y_......:...\.....
G..VP.....Q...u...mg({‘.....$.S.......9.5G.4.E..k..;..kn-
....v.....j7gQ.B..~.)...._<..=U..bH.w..1^..}. ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Detecting and Combating Malicious Email

Detecting and Combating Malicious Email

Julie JCH Ryan, Cade Kamachi

Publisher Resources

ISBN: 9781420069068