Pitbull is a Perl script based bot used for creating DDoS attacks. The Perl script is inserted into the victim’s machine - typically a Linux server - where it runs under a bogus process name and connects to the “bot army".
The Pitbull bot receives commands (entered by the attacker) through a dedicated IRC channel. Bots are usually injected into the victim’s server by exploiting a known RFI vulnerability. Some Pitbull bot variants also include RFI tracking features in order to spread the bot into new victims.
The first Pitbull appeared in 2006, and the latest Pitbull variants were published quite frequently in different forums up until 2010. Below are the Pitbull variants that have been detected:
- PitBull Bot
- Hacke Bot
- W3tw0rk Bot
- M0f0 DDoS
All Pitbull variants share the same DDoS attack core and are capable of the following attack types:
- IP Flood
- HTTP Get \ Fllod
- TCP