Pitbull is a Perl script based bot used for creating
DDoS attacks. The Perl script is inserted into the victim’s machine - typically
a Linux server - where it runs under a bogus process name and connects to the
“bot army".
The Pitbull bot receives commands (entered by the attacker)
through a dedicated IRC channel. Bots are usually injected into the victim’s
server by exploiting a known RFI
vulnerability. Some Pitbull bot variants also include RFI tracking features in
order to spread the bot into new victims.
The first Pitbull appeared in
2006, and the latest Pitbull variants were published quite frequently in
different forums up until 2010. Below are the Pitbull variants that have been
detected:
- PitBull Bot
- PitBull Bot
- PitBull Bot
- Hacke Bot
- W3tw0rk Bot
- M0f0 DDoS
All
Pitbull variants share the same DDoS attack core and are capable of the
following attack types:
- IP Flood
- HTTP Get \ Fllod
- TCP