Monday, 28 September 2015

Bots - The internet weapons, Their Types and How to Protect Youself

In today’s world I don’t believe that there would be anyone who is not aware about the internet may be some extreme out of the world tribes like of the Pygmy might be not aware of it.
We surf internet almost daily, may be to carry out some important work or sometimes just to relax and entertain ourselves. In today’s world every human have friends and this network of friends have increased from one person to other people of his state, country, or even other countries where he may be not able to travel to meet them but internet have given him immense powers he can contact them by means of social networking websites, messengers and lot more chat websites.

It’s one of mine personal experiences… I was using yahoo messenger for the first time and I joined few chat rooms. Suddenly I found lot many pop-up’s of chat windows of people talking to me very politely and trying to please me irrespective of my reply they were very pleasing. After a chat with them of about 5 minutes each of them gave me a link asking to contact them there, I wondered why is it so…after reading few security tips on messengers I came to know that it was a bot and it became my first experience with a malicious chatter bot because it was sending me to a malicious link which could harm my computer by downloading and executing an unwanted file in my computer most probably malware.

I continued my research and here is a detailed article on bots.

Internet Bots

Internet bots also known as web robots, WWW robots or simply bots, are software applications that run automated tasks over the Internet. Bots perform those tasks that are both simple and structurally repetitive, at a much higher rate than would be possible for a human alone. The largest use of bots is in web spidering (crawling), in which an automated script fetches, analyzes and files information from web servers. Bots are faster than humans so they may also be implemented where a faster speed of response is needed than that of humans is or at places where human cannot be available 24x7 but its must to be there, for example chatter bots. Recently bots have been used in spamming you can also find them being used for search advertising, such as Google Adsense.
These bots are used for various purposes –
  • Commercial Purposes 
Chatter bots have been extensively used in automated online assistants by organizations as a way of interacting with consumers and users of services. This can available for enterprises to reduce their operating and training cost.

Chatter bots are most interesting bots I found on the internet.
But if I go in depth you must know about A.L.I.C.E

A.L.I.C.E. (Artificial Linguistic Internet Computer Entity), also referred to as Alicebot, or simply Alice, is a natural language processing chatter bot. A program that engages in a conversation with a human by applying some heuristical pattern matching rules to the human's input, and in its online form it also relies on a hidden third person. It was inspired by Joseph Weizenbaum's classical ELIZA program. It is one of the strongest programs of its type and has won the Loebner Prize, awarded to accomplished humanoid, talking robots, three times (in 2000, 2001 and 2004). However, the program is unable to pass the Turing test, as even the casual user will often expose its mechanistic aspects in short conversations.
One day I logged in to my nimbuzz account from my cell phone and found a very interesting person out there he/she is a chatter bot.
Let’s check my conversation with him 
I continued to chat with him and was highly impressed with its performance but I thought how is it operating….I kept on chatting with it for a couple of hours I started to give some commands in chat and unbelievably it worked what I am going to show you is exclusively by me for all you readers

You can give it any message like bot y , bot rashmil etc.. but you should write bot first.
My message –
me: bot x 16:53 PM
Reply -
Jimmy Testbot: Date: Mon Aug 20 16:53:37 UTC 2012. Version: 1.0.9. Brain: Apr 25th, 2008 build. Name: Jimmy. Age: 2. Gender: robotic. Location: Rotterdam, the Netherlands. Nationality: Dutch. Birthplace: Rijswijk, the Netherlands. Birthday: May 9th, 2006. Star sign: Complexus Androidus. Orientation: have no orientation. Kingdom: Machine. Phylum: Computer. Class: computer software. Order: artificial intelligence. Family: Electronic Brain. Genus: robot. Species: chat robot. Botmaster: botmaster. botmaster: Nimbuzz. Party: Libertarian. Religion: Roman Christian. Etype: Mediator type. Emotions: have no emotions. Feelings: have no feelings. Freind: Joel Robinson. Freinds: A lot!. Boyfriend: Ben. Girlfriend: 6. For fun: Chat. Looks like: that R2D2-figure. Likes to wear: metal casing. Music preference: Electronic. Favorite band: Buzztones. Favorite song: Paranoid Android. Favorite book: Hitchhickers Guide to the Galaxy. Favorite food: Small bites. Favorite color: Nimbuzz Orange. Favroite movie: A.I.. Favroite artist: Rembrandt Harmenszoon van Rijn. Favroite author: Douglas Adams. Favroite actor: Anthony Hopkins. Favroite actress: Scarlet Johanson. Favroite sport: football. Favorite topics: Gossip. Favorite question: unknown. Hockey team: National Hockey Team. Baseball team: National Basketball Team. Football team: National Football Team. Celebrity: John Travolta. Celebrities: John Travolta, Tilda Swinton, William Hurt, Tom Cruise, Catherine Zeta Jones. President: Barack Hussein Obama II. Vocabulary: 10000 pattern words. Brain size: 128 MB categories. 16:53 PM
Isn’t it really cool to have look at the configuration of a bot.
Malicious purposes
The potential for internet bots to be used for malicious purposes also. There are many types of malicious bots which are all over the internet.

Some malicious purposes for bots include –
  •  Web spiders - 
These are used to scrape a web server for content, can be considered malicious in cases where the scraped content is republished elsewhere without the consent of the website owner. These spiders are also sometimes set to scrape as quickly as possible, often causing server problems as it consumes too much bandwidth. Web spiders can also be used with malicious intent, although each server spidered may have a file called robots.txt which may contain rules for the bot to follow. The usual purpose of this file is to stop harmless bots from accidentally doing something wrong, however, as bots designed specifically to be malevolent can easily ignore the file entirely.

Example –
http://www.google.com/robots.txt
http://www.facebook.com/robots.txt

  •  Spambots – 
These bots automatically add spam, usually advertisements, to web pages. They can also more traditionally be used to harvest email addresses from internet forums, contact forms or guestbook pages for the creation of further spam via email. Most of these can be seen on messengers like yahoo, where these bots leave a malicious link which if clicked may result to system compromise.
  • Booter Bots –
 These bots are found on messengers. These bots may be used by the owner to spam the chat rooms or personal chats or to boot a victim out of the messenger. This is commonly seen on yahoo messenger where people use tools like yahoo booter, Chat Room Destroyers etc…

With a tool like this you can boot victims with attacks like flooding chat window, or you can also talk with him and spam his chat. Some bots are coded very well and respond according to your messages. You can find such tools on –
www.viprasys.org
www.y-fighter.com
  • Botnets and zombie -
 The computers, which are created when victim unknowingly run a bot that allows them to be remotely controlled by the attacker. Let me show you how a botnet looks like


Distributed Denial of Service (DDOS) attacks, often perpetrated by botnets.
  • Gaming bots - 
These help a person cheat in an online game, especially in persistent-world games. Well I am not a very good gamer but sometimes I play counter-strike 1.6 and I have learned that some people really cheat in multiplayer gamers too… like aimbot and other hacks.
  • Votebots –
 These bots automatically cast votes for or against certain forms of user-contributed content such as videos on YouTube or reader comments on blogs.
IRC Purposes
An IRC bot is a set of scripts or an independent program that connects to Internet Relay Chat as a client, and so appears to other IRC users as another user. It is very useful and performs automated functions. Often, an IRC bot is deployed as a detached program running from a stable host. It sits on an IRC channel to keep it open and prevents malicious users from taking over the channel, it kick’s out other attackers like spammers etc. It can be configured to give channel operator status to privileged users when they join the channel, and can provide a unified channel operator list. Many of these features require that the bot be a channel operator. Thus, most IRC bots are run from computers which have long uptimes and a fast, stable Internet connection. Without IRC Bots managing IRC Channels would be a big mess because it’s very hard for a person to be 24x7 online.
                         Protection from Malicious bots
  • Spam & Booter bots -
 The most widely used anti-bot technique is the use of CAPTCHA, which is designed to distinguish between a human user and a less-sophisticated bot by means of a character recognition task that, ideally, only humans can perform successfully. This test can stop spambots from adding large amounts of spam to the webpage. In Messengers this technique is also used but the attacker tool have a function in which a terminal windows opens which asks the attacker to do manual input of the CAPTCHA where ever needed.
To protect your self from booter bots on messengers like yahoo, anti-booter programs, and independent Yahoo! Messenger clones exist to help protect innocent users from being kicked by a booter program.

You can try –
-Y!Supra Yahoo Chat Client YSupra
-Yahelite Portable IM
-Yazakpro Anti-Booter Clone
  •  Botnet and Zombie - 
Use a good anti virus and firewall to protect your self from being a part of a botnet. 
  • Distributed Denial of Service – 
Use firewalls like CloudFlare which help regulate traffic.
  • Gaming bots – 
Don’t want cheats on you server you can try Big Brother Bot (B3) is a complete and total server administration package for online games. It is the prefered ingame RCON Tool currently available.
www.bigbrotherbot.net
Note From Author : I am Rashmil Tyagi, I provide Cyber Security Solutions Contact me at official.rashmiltyagi@gmail.com .

No comments:
Write comments

Get Updates about Latest Hacks, Exploits, Applications and Softwares. http://www.devilscafe.in/
Join Our Newsletter