What is it?
Botnet Genie is a tool for creating bots and managing them through an orchestrator (also called C&C for "Command and Control"). Unlike traditional bot editors, the bots created with Botnet Genie can be grouped into botnets, providing scalability and flexibility for various applications.
Each bot runs within an isolated environment managed by the orchestrator, ensuring consistent behavior and modular deployment. This design streamlines the management and control of large-scale botnets while maintaining system stability and security.
The Editor
Bots are created using the editor, a development environment that allows you to:
- Write and edit Lua scripts to define bot behaviors and tasks.
- Manage data collections to store and organize bot-related information.
- Work with each bot’s private file system.
- Debug and test bots before deployment to ensure reliability.
Orchestrator Protection Zone
The orchestrator sets boundaries to protect the host system. Bots can interact only with the orchestrator’s designated directories and ports; they are prohibited from accessing the user’s file system or applications, aside from approved tools such as Nmap and certain DOS/Shell utilities.
This design prevents any bot action from compromising the client’s computer. Bots operate within their own private file systems, accessible and modifiable only via Lua scripts. This isolation provides a secure environment for bot operations without affecting the host system.
The C&C (Orchestrator)
The orchestrator acts as the application container, keeping the bots created by the editor running continuously. It is designed to remain active indefinitely, requiring no manual shutdown.
It can handle multiple bots at once, providing fine-grained control over their execution. If the user needs system resources, bots can be paused—similar to pausing a download.
As the central execution manager, the orchestrator lets users monitor control panels, webviews, and bot logs. Ultimately, it oversees bot execution and orchestrates their tasks efficiently.
Difference Between Botnet Genie and a Traditional Botnet
The bots of Botnet Genie are built to avoid targeting or damaging the host PC. Unlike malicious botnets, Botnet Genie bots are installed with explicit user consent, supporting a lawful and ethical approach to botnet operations.
Bots can function independently or in combination with other bots, depending on user needs.
Each bot is designed to respond to a specific port command, generating a digital key that links the machine to its assigned tasks. This key establishes a unique signature.
The digital key also includes a client name, acting as a digital fingerprint. This signature makes Botnet Genie bots identifiable and detectable, reinforcing transparency and accountability.
The Hacker Bot Concept
A hacker bot is a program designed for a specific task, often related to hacking activities such as brute-force attacks or DDoS. These bots are typically developed, installed, and scheduled (often using CRONTAB) to repeatedly perform their designated tasks.
Botnet Genie employs a similar scheduling technique, but only for ethical purposes such as intelligence gathering and data analysis.
Using Lua
The trigger system uses Lua 5.3 for scripting, chosen for its ease of learning and adequate performance. Botnet Genie also provides a variety of built-in tools, including a webview, encryption utilities, and network modules. (Refer to the “Tools Overview” section for details.)
The Lua engine itself is implemented in Java, ensuring reliable integration within the application.
Creating a Bot
A new bot is created through the editor, which lets you add tools and write scripts. You can define the bot’s behavior, configure its environment, and integrate the necessary functionalities.
Transforming a Bot into a Botnet
To convert a single bot into a botnet, add the Starchain tool. Starchain propagates data collection updates across connected bots, handling data synchronization and connection phases.
For a fully operational botnet, you may also implement task or job-sharing logic, including flags to indicate when a data segment is being processed. This ensures smooth collaboration and workload distribution.
Data Sharing and Collection Synchronization
Starchain collections synchronize automatically across the botnet, simplifying botnet creation. With automatic updates and effective data handling, you can easily maintain consistency among multiple bots.
Importing and Exporting a Bot
-
Exporting: Create a
.bot.boxpackage file via the editor. Optionally, secure it with an encryption key. -
Importing: From the orchestrator, import the
.bot.boxfile generated by the editor to quickly deploy or share bots.
Tools Overview
Botnet Genie provides multiple built-in tools for Lua 5.3, along with a JSON library for structured data. The table below summarizes each tool and its primary use case:
| Tool | Description | Use Case |
|---|---|---|
| Robot | Provides high-level utility functions and AI-related commands. | Timestamping, bot control, AI integration, pause functionality |
| Starchain | Transforms a single bot into a botnet by synchronizing data collections. | Data sharing, inter-bot communication |
| Navigator | A Webview tool, based on webkit, for loading and manipulating websites and displaying information. | JavaScript execution, HTTP requests, data visualization |
| FileSystem | A private file system. Accessible only by the bot. Internal, encrypted, and compressed | Data, file storage and file management |
| Timer | Runs tasks at specified intervals or after delays. | Timed script execution, coordination |
| Crontab | Schedules scripts based on standard crontab rules. | Task scheduling at fixed intervals |
| Encryption | Encrypts and decrypts data using RSA, AES, DES, or DESede. | Data encryption/decryption |
| Socket | Enables TCP/IP client and server connections. | Network communications (client/server) |
| Telnet, SSH & FTP | Allows the bot to automate remote connections. | Automating remote shell or ftp interactions |
Planned tools: Discord API, Telegram API... and more...
Artificial Intelligence
- Legal Compliance: Integrated AI features help with following legal requirements, supporting ethical project objectives.
- Testing: Experiment with AI through the built-in chatbot (with the Lua documentation).
- Code Assist: The editor offers AI-powered code suggestions.
- Lua: Acces to a IA from the lua session.
The Robot tool can call an AI using the ask() command. This AI can analyze text, emotion, and topics, as well as perform translations. Future updates will include image analysis.
Tip: For more convenient parsing, request AI output in JSON format.
Debug and Spy (Global Watch)
The Spy feature displays global variables from the active LUA session. These variables refresh after each script execution. Note that local variables are not listed.
Most tools provide gauges or informational panels that update automatically during execution, making it simpler to observe and debug bot behavior.