This document describes the botnet mode feature being implemented in OWASP OWTF. Botnet mode provides anonymity when scanning by routing traffic through TOR nodes or proxies. In TOR mode, each request passes through the TOR network for anonymity but it is slow. Proxy list mode uses different proxies for each request for speed, supporting automatic or manual proxy lists. ProxyMiner mines proxies from websites and ProxyManager handles the proxy list, removing dead proxies. Beautiful Soup and MiTM Proxy are used for implementation.
2. Table of Contents
●
What is Botnet Mode
●
How it works
●
TOR mode
–
–
●
Advantages
Disadvantages
Proxy List mode
–
ProxyMiner
–
ProxyManager
–
Advantages
–
Disadvantages
–
Proxy List mode Diagram
●
Behind The Scenes
●
Sources
3. What it Botnet Mode?
The main purpose of this feature is to detour potential ip-filtering
that defenders might attempt in order to prevent our scan.
When it is enabled it applies anonymity to all tools that are used
from OWTF.
4. How it Works
Botnet mode works in two different ways.
●
TOR mode
–
●
Each Http request will pass thow TOR
Network[1].
Proxy List mode
–
Each Http request will pass throw a different
proxy.
5. TOR mode
●
Starts TOR daemon.
●
Every request passes throw TOR network.
●
●
User can configure in how many time to automatically change
his IP address.
User can configure after how many request wants to change his
IP address.
6. TOR mode Advantages
●
High level of anonymity.
●
Good option for professional testing without privileges.
8. Proxy List mode
●
Each Http request will pass throw a different proxy.
●
Support public and private proxy lists.
●
The proxies could be imported as a list.
●
●
The proxies also could be fetched automatically with the
ProxyMiner* from the web.
Recovery support for dead proxies.
*ProxyMiner(Described in the next slides)
9. ProxyMiner
ProxyMiner is a feature that searches on the web for proxies
and passes them to ProxyManager(next slide). By the time you
have enabled Botnet mode, ProxyMiner will ask user if he
wants to start the mining process before the scanning process
begins.
●
It runs continuously and mines proxies(optionally).
●
It has a big list of websites that contain proxies.
●
Handles dead proxies.
10. ProxyManager
Proxy manager handles all proxies that are passed from
ProxyMiner or imported from a list.
●
It is responsible to handle dead proxies.
●
It sorts proxies by speed or country.
●
It puts dead proxies in a blacklist.
●
It keeps Statistics about proxies.
11. Proxy List mode Advantages
●
High speed scan.
●
Provides better anonymity level than using a simple proxy.
●
You can have proxies list automatically.
●
If you don't trust ProxyMiner's proxies you can import your
proxy list.
12. Proxy List mode Disadvantages
●
Proxies mined from the web are not confidential.
14. Behind the Scenes
●
●
For the Data mining process i will use Beautiful Soup(python
library[2]). Beautiful soup is implemented in both python 2.7 and
python 3 so it is a great choice for future plan of porting owtf to
python 3.
The data structure for the proxy list will be the following:
(ip, port, speed, country, type,send_requests, user, password)
●
The implementation will use the MiTM proxy[3].