Review Article
DDoS-Capable IoT Malwares: Comparative Analysis and Mirai Investigation
Listing 3
CNC Server pretends to perform some masking operations.
| root/mirai/cnc/admin.go | | this.conn.Write(byte("rn033[ 0m")) | | this.conn.Write(byte("[+] DDOS | | | Succesfully hijacked connectionrn")) | | time.Sleep(250 time.Millisecond) | | this.conn.Write(byte("[+] DDOS | Masking | | connection from utmp+wtmp… rn")) | | time.Sleep(500 time.Millisecond) | | this.conn.Write(byte("[+] DDOS | Hiding | | from netstat… rn")) | | time.Sleep(150 time.Millisecond) | | this.conn.Write(byte("[+] DDOS | Removing | | all traces of LD_PRELOAD… rn")) | | for i ≔ 0; i < 4; i++ | | time.Sleep(100 time.Millisecond) | | this.conn.Write(byte(fmt.Sprintf("[+] | | DDOS | Wiping env | | libc.poison.so.drn", i + 1))) | | | | this.conn.Write(byte("[+] DDOS | Setting | | up virtual terminal… rn")) | | time.Sleep(1 time.Second) |
|
