This project encapsulates the successful completion of a Network Security Bot, the bot should be completed and demonstrated to be fully functionable and stable before purchase; the produced source is to be unique and all copyright of source will belong to us.
The bot should be able to perform the following:
Access a C&C Server (PERHAPS through the IRC protocol)
Will allow a system information command, detailing which operating system, as well as specifications of the sysem.
Execute Password 'Stealing' Commands (IE/Firefox)
Execute Product/CD Key Stealing Commands
Enable/Disable a keylogging command
Infect any attached USB drive/s
Infect any possible network resource/s through as many methods as possible (HTTP/RAR/MSN/AIM/Skype, etc)
Offer an authentication process (Login/Logout)
Offer an update/remove function (To obtain new binary/Remove the bot)
Emulate a Denial of Service (DoS) attack on the chosen 'target IP' through at least 2 protocols:
The bot should be able to connect via the chosen protocol to the configured C&C server efficiently. Meaning no dropped connections after any of the above commands are executed by the controller.
We understand that many of these 'bot sources' are released in the wild (and questionable) corners of the internet, we will not accept any of these public sources for the following reasons:
The malicious and 'detected' signatures applied to these sources - Our source requires that the bot remains 'Fully UnDetected' during scan/runtime of the bot's compiled executable.
The instability of such sources - Many of these sources are unstable when executing some of the simplest of commands, the bot will be deemed incomplete if instability is shown during demonstrations/on-hand testing of the produced bot.
The bot structure - Alot of the bot sources released are blatant copies of predecessors, resulting in a very unoriginal 'strain'; this is not what we are looking for.
The security bot should first be demonstrated before any payment is made.
The compilable source will then be exchanged.
A on-hands testing period will then ensue testing the bot for stability.
If there are any signs of the bot being incomplete - completion will be requested.
This bot is to be used in controlled conditions (legal) to demonstrate the security vulnerabilities currently existant in Windows Systems. The bot will be demonstrated to audiences throughout Europe, programming credit will be given (if requested).