Review Article
DDoS-Capable IoT Malwares: Comparative Analysis and Mirai Investigation
Listing 3
CNC Server pretends to perform some masking operations.
root/mirai/cnc/admin.go | this.conn.Write(byte("rn033[ 0m")) | this.conn.Write(byte("[+] DDOS | | Succesfully hijacked connectionrn")) | time.Sleep(250 time.Millisecond) | this.conn.Write(byte("[+] DDOS | Masking | connection from utmp+wtmp… rn")) | time.Sleep(500 time.Millisecond) | this.conn.Write(byte("[+] DDOS | Hiding | from netstat… rn")) | time.Sleep(150 time.Millisecond) | this.conn.Write(byte("[+] DDOS | Removing | all traces of LD_PRELOAD… rn")) | for i ≔ 0; i < 4; i++ | time.Sleep(100 time.Millisecond) | this.conn.Write(byte(fmt.Sprintf("[+] | DDOS | Wiping env | libc.poison.so.drn", i + 1))) | | this.conn.Write(byte("[+] DDOS | Setting | up virtual terminal… rn")) | time.Sleep(1 time.Second) |
|