Today’s story delves into my exploration of creating a botnet using Python. The primary goal was to establish connections with multiple hosts simultaneously (potentially thousands or more) over the SSH protocol, utilizing default credentials. For instance, connecting to all Raspberry Pis with the default credentials “pi:password” or to various devices on the internet with “admin:admin.”

This project, undertaken as a Proof of Concept (PoC), was not tested on a large scale and was confined to my home lab environment, emphasizing its experimental nature.

I developed a Python script that allows users to connect to either a single host or multiple hosts defined in a text file. For example, one could utilize a list of public IPs (although it’s crucial to note the legal implications and ethical concerns — this should not be done) or a list of internal network IPs. Additionally, users must specify the username and password for connecting to the hosts. To expedite the process, I incorporated concurrent futures, enabling users to define the number of concurrent requests the script executes.

Below is the complete script of my botnet written in Python:

And here is an example of the script’s output. As demonstrated, I successfully established connections with two hosts. Subsequently, I interacted with all hosts simultaneously, creating a single text file. I also showcased interaction with a single host, executing the “pwd” command.

While the script may appear nothing special, it fulfilled my objective — connecting to multiple hosts over SSH simultaneously and executing commands across all of them.

This approach to creating a botnet reflects my exploration without prior experience in developing such scripts. I stress that I employed it solely for educational purposes and recommend the same to others. If you have any comments or suggestions, feel free to leave them below.