$Id: BOTNET,v 1.1.1.1 2010/07/26 21:11:06 simple Exp $ Botnet Sharing and Linking Last revised: June 4, 2002 _____________________________________________________________________ Botnet Sharing and Linking The purpose of this document is to show you what a botnet is and how it could be useful to you. It also covers botflags userfile sharing. Contents: 1. Terms 2. What is a botnet? 3. Adding and linking bots 4. Using botflags 5. Making bots share user records 1. Terms The following are some common terms used in this document: Botnet A botnet consists of one or more bots connected together. Link Link is the term used to describe a bot connecting to another bot. Hub A bot is described as a hub-bot if one or more bots are linked to it. Leaf A leaf is a non-hub bot connecting to a hub-bot. A leaf has only one other bot connected to it, its hub. Leaf bots can be assigned the "l" botflag to prevent other bots from linking to them. Link Bot A link-bot is a bot that is linked to another bot. It may or may not be a hub-bot. Share Share is the term used to describe the sharing of user records. Share Bot A share-bot is a bot which shares user records with one or more linked bots. Aggressive Share Aggressive share is a term used to describe the direction of sharing user-files. Aggressive share bots will SEND userfiles to another passive bot. Passive Share Passive share is a term used to describe the direction of sharing user-files. Passive share bots will accept userfiles from an aggressive share bot. Example bottree: BotA |-+BotB `-+BotC BotB is linked to a master sharebot, BotA, and a slave sharebot, BotC. BotB shares passively with [receives from] BotA and shares aggressively with [sends to] BotC. Bot Flags Flags are attributes that determine what a bot can or is allowed to do. Flags can be either global (such as +s) or channel specific (such as |+s #lamest). See '.help botattr' for help with setting these flags. The following is a list of valid bot flags: s share aggressively (SEND userfile to a passive bot) p share passively (ACCEPT userfile from an aggressive bot) g global share (share all channels) h hub (automatically link to this bot) a alternate (automatically link to this bot if the hub bot can't be linked) l leaf (bot is not allowed to link in other bots) r reject (bot will not be allowed to link) i isolate (isolate the party line across a bot link) 0-9 user defined flags Address The physical address, containing the address and port of the bot. For example: lame.org:3333. You can change a bot's address with ".chaddr ". Relay Port The relay port number of the bot is defined in the config file. Note that you can define one port for bots and another for user connections. Relay A relay connection is used to relay (jump) to another bot via telnet or DCC chat. You can relay to another bot even if the remote bot is not linked. You can use ".relay " to relay to another bot. Port The telnet port is used by the bot to communicate with other bots and/or users. Note that you can define separate ports for user and bot connections. 2. What is a botnet? A botnet consists of one or more bots linked together. This can allow bots to op each other securely, control floods efficiently, and share user lists, ban lists, exempt/invite lists, and ignore lists (if sharing is enabled). 3. Adding and linking bots With the common terms out of the way, we can start with the process of linking two bots. Before you start, you need to know the address and port of each bot you wish to link. Here is an example scenario: BotA is on lame.org listening on port 3333, and BotB is on irc.org listening on port 4444. First, you have to add each Bot to the other's userfile. On BotA, you would type '.+bot BotB irc.org:4444'. If BotB is on a common channel with BotA, BotB's hostmask is automatically added. Otherwise, you have to add the hostmask manually with the '.+host' command. On BotB, you would type '.+bot BotA lame.org:3333'. At this point, you can link the two bots by typing '.link BotA' on BotB (or '.link BotB' on BotA). The bots will now give themselves random passwords which are *not* stored encrypted in the userfile. Note that you can link as many bots as you wish to your botnet. 4. Using botflags Botflags are needed to assign special functions and tasks to your bots. Bot flags are set with the '.botattr' command. See '.help botattr' for help with this command. The following is a list of botflags and their functions: "h" (hub) If you want your bot(s) to automatically link/relink, you can assign the +h botflag each bot's hub. Note that if you set multiple bots +h, the bot only attempts to link to one. "a" (alternate) If your bots are, for some reason, unable to link to their hub, they will attempt to connect to an alternate hub. You can assign a bot as an alternate hub by giving it the +a botflag. "l" (leaf) This flag, assigned to a link bot, will prevent the link bot from linking other bots to your botnet. "r" (reject) If you assign this flag to a link bot, the link bot will not be allowed to link to the botnet. "i" (isolate) This flag isolates a link bot's partyline from the rest of the botnet. Anything said on the link bot's partyline won't appear on the rest of the botnet. "s" (SEND userfile to) +s Giving a link bot this flag will make the bot share aggressively with the link bot. See 'Aggressive Share' in section 2 of this document for more information on aggressive sharing. |s +s bots need this flag for each channel you want to share. "p" (ACCEPT userfile from) Giving a link bot this flag will make the bot share passively with the link bot. See 'Passive Share' in section 2 of this document for more information on passive sharing. "g" (global share) This flag allows the sharing of all channels with a link bot. "0-9" (user-defined) These 10 flags are user-defined can be used by scripters. 5. Making bots share user records Before you start preparing your bots for sharing, make sure that you've loaded the transfer and share modules. You also have to ensure that each channel you wish to share is set +shared (see '.help chanset' and '.help chaninfo'). By using specific botflags, you can cause your bot to share aggressively with some link bots, and passively with others. For sharing to work, flags must be set properly on both the passive and the aggressive bots. An aggressive bot will not share userfiles with another aggressive bot; a passive bot will not share userfiles with another passive bot. First off, let's say we have two bots we want to link. We will call one Lamestbot, and the other Lameshare. The first thing that needs to be done is each bot needs the other bot added to its user record. Your botnet should have a hub bot. This will have them connect automatically whenever they are started. Without a hub, you would have to manually link them with the .link command. For this situation we will make Lamestbot the hub for our small botnet. Let's also use a channel called #eggdrop as the one we want to share user channel flags with. Do the following: On Lamestbot: .+bot Lameshare eggdrop.com:3333 (This command adds a user record to Lamestbot for Lameshare. Lameshare is running from eggdrop.com and is on port 3333. If Lameshare were to have a separate port for users/relays we would just add a '/' and the port number, i.e. 3333/5555.) .botattr Lameshare +s (This tells us that Lamestbot will only send user files to Lameshare; Lameshare will not send them to it.) .botattr Lameshare |s #eggdrop (this sets up sharing of the channel flags for #eggdrop between the bots. Without this, they will not share channel flags only global flags for the users.) On Lameshare: .+bot Lamestbot best.com:3333/5555 (Again this will add a user on Lameshare called Lamestbot with the domain of best.com. The bot has two ports, 3333 for bot communications and 5555 for users/relays.) .botattr Lamestbot +hp (This command sets Lamestbot as the hub and also as a passive share, which means Lameshare will accept user files from Lamestbot. .botattr Lamestbot |s #eggdrop (This sets #eggdrop as a share channel.) Our botnet: Lamestbot `-+Lameshare Let's add a third bot called beldin to this scenario: On Lamestbot: .+bot beldin llama.com:3333 .botattr beldin s|s #eggdrop (Notice how i piped (the | character) the channel flag also saving time.) Also note that you don't have to add beldin on Lameshare. Since they are already sharing, it was added automatically. The one thing that you should note is that no bot flags will be shared. If you set beldin as +s (Aggressive share) on the hub (Lamestbot) he will not be set on the other bots as that. The same with the channel +s flag. All other flags will be shared such as the o, f, etc. Now that we have three bots, we can also set up one as an alternate hub. The alternate hub is the bot that the bots will auto-connect to in the event the hub goes down or is unreachable. Let's make beldin an alternate hub for our little botnet. On Lameshare: .botattr beldin +a That's all there is to it. Again, since bot flags are not shared, you would have to add the bot flag +a for beldin on them all. The only ones you would not have to do this on are beldin and the hub (Lamestbot). Of course, if you had more bots, you would have to add beldin as a +a on them, but you would not do it on the hub or beldin. Our botnet: Lamestbot |-+beldin `-+Lameshare _____________________________________________________________________ Copyright (C) 1999 - 2010 Eggheads Development Team