RAT (Remote Administration Tool)

Posted by Sharan R On 7:10 AM

In this post we will learn how to create Remote Administration Tool(RAT). But before we proceed let's discus some basic terminologies.

Trojan: Trojan horse or Trojan is a malware that appears to perform a desirable function for the user prior to run or install but instead facilitates unauthorized access of the user's computer system. It is harmful software/code that appears legitimate. They come packed with some other piece of code or software and hence users get tricked to run them. The term Trojan has been derived from the Trojan Horse from Greek Mythology.

Types Of Trojan:
1.Remote Access Tool (RAT)
2.Proxy
3.File Sending Trojan
4.Security Disable rs
5.Denial Of Service (DOS)
6.File Sending Trojans(FTP Trojan)
7.Destructive Trojans

Remote Access Tool(RAT): Remote Administration Tool also known as RAT is used to remotely connect and manage single or multiple computers. RAT is one of the most dangerous Trojan because it compromises features of all types of Trojans. It provides an attacker with nearly unlimited access to host computer along with Screen Capture, File management, shell control and device drivers control. RATs uses reverse connections to connect remote system and hence are more likely to remain undetected. They can hide themselves in process space of legitimate program and hence never appear in task manager or system monitors.

A Trojan generally has two parts Client and Server or Master and Slave. We can say Server is Slave and Client is Master. So a server side is installed on a remote host and the attacker manipulates it with client software. In olden days making a Trojan was a job of master programmer but now a days several Trojan building tools are available. Most of them usually have same kinda interface so its quite easy to use any Trojan client once you have used any one of them . Following is list of some well known Trojans and Trojan Building Tools,

1.Casa RAT
2.Back Orifice
3.Bandook RAT
4.Dark Comet Rat
5.Cerberus
6.Cybergate
7.Blackshades
8.Poison Ivy
10.Syndrome RAT
11.Team Viewer
12.Y3k RAT
13.Snoopy
15.5p00f3r.N$ RAT
16.NetBus
17.SpyNet
18.P. Storrie RAT
19.Turkojan Gold
20.Bifrost
21.Lost Door
22.Beast
23.Shark
24.Sub7
25.Pain RAT
26.xHacker Pro RAT
27.Seed RAT
28.Optix Pro RAT
29.Dark Moon
30.NetDevil
31.Deeper RAT
32.MiniMo RAT

If you think the list is very big then I must tell you it's not complete nor it covered 25% of RAT building tools.

Demonstration: How to create a RAT:Since there are several tools available and most of them have same kinda interface we can select any RAT building tool for demonstration. So here we select Cerberus Client to demonstrate working of RAT. Please note that using RAT for hacking is crime please take this demonstration for educational purpose only.

Type “Download Cerberus RAT” in Google search and download Cerberus RAT. Execute Cerberus file and launch program. Accept EULA and following interface will be launched in front of you.
To create server press new button.

As you can see there are several options are available in settings but for our demonstration we will use most common settings. In “Basic Option” type your IP address and then press “+”. In identification name of the server from which your client will identify to which server it's listening, this name is given for your client to identify connection. No need to specify what to put in connection password. Specify the port on which you'll like to listen. Please keep note of this port since you'll have to configure client settings to receive information on this port.
The next option is “Server Installation”. From “Directory Installation” you can select where and in which name folder your RAT server will be installed. In “File Name” option you have to specify name and extension of your server. Boot Methods gives you option to start your server as “System Service” or “User Application” take your pick or leave them untouched. “Anti-Debugging” function allows your RAT to bypass Virtualisation and Sandboxing.

From “Misc Options” you can activate key logging feature as well as you can select how your RAT can hide itself in another process.
Display Message” option gives you power to show custom message on victim's computer.
Black List Item” option allows to set logic for execution of your RAT server with respect to specific process and service. Mostly only advanced users use this feature.
Overview” allows you look of features of your RAT. Now select an icon and press create server to create server.

Now the add file function allows you to bind your RAT with any legitimate file most probable is an executable installation file. To avoid detection don't use custom message box and UN-check “Run in Visible Mode” option while creating server. 
Configuring To Listen On Client: To configure Cerberus to listen on specific port select options and put “Connection Password” and “Connection Ports” that were specified in Server. Wait for victim to execute server and then just right click on listening server and play with options.

Following is video demonstration to above procedures and methods described to create RAT using Cerberus Client.


Now when next time we will discus RAT we will take a look on how you can counter and prevent yourself from RAT attack. Please give us your comments it'll help us improve. Have a nice time and keep visiting.

6 comments

  1. Osama Inayat Said,

    Thnx and if u are free thean i need a help related to this i getting difficulties

    Posted on August 13, 2014 at 6:17 AM

     
  2. Osama Inayat Said,

    Thnx and if u are free thean i need a help related to this i getting difficulties. that how to get port?whch send us information

    Posted on August 13, 2014 at 6:40 AM

     
  3. No Name Said,

    Selling USA FRESH SSN Leads/Fullz, along with Driving License/ID Number with good connectivity.

    **PRICE FOR ONE LEAD/FULLZ 2$**

    All SSN's are Tested & Verified. Fresh spammed data.

    **DETAILS IN LEADS/FULLZ**

    ->FULL NAME
    ->SSN
    ->DATE OF BIRTH
    ->DRIVING LICENSE NUMBER
    ->ADDRESS WITH ZIP
    ->PHONE NUMBER, EMAIL
    ->EMPLOYEE DETAILS

    ->Bulk order negotiable
    ->Minimum buy 25 to 30 leads/fullz
    ->Hope for the long term business
    ->You can asked for specific states too

    **Contact 24/7**

    Whatsapp > +923172721122

    Email > leads.sellers1212@gmail.com

    Telegram > @leadsupplier

    ICQ > 752822040

    Posted on October 9, 2020 at 7:09 PM

     
  4. No Name Said,

    Selling USA FRESH SPAMMED SSN Leads/Fullz, along with Driving License/ID Number with EXCELLENT connectivity.

    **PRICE**
    >>2$ FOR EACH LEAD/FULLZ/PROFILE
    >>5$ FOR EACH PREMIUM LEAD/FULLZ/PROFILE

    **DETAILS IN EACH LEAD/FULLZ**

    ->FULL NAME
    ->SSN
    ->DATE OF BIRTH
    ->DRIVING LICENSE NUMBER WITH EXPIRY DATE
    ->ADDRESS WITH ZIP
    ->PHONE NUMBER, EMAIL, I.P ADDRESS
    ->EMPLOYEE DETAILS
    ->REALTIONSHIP DETAILS
    ->MORTGAGE INFO
    ->BANK ACCOUNT DETAILS

    >All Leads are Tested & Verified.
    >Invalid info found, will be replaced.
    >Serious buyers will be welcome & I will give discounts for bulk orders.
    >Fresh spammed data of USA Credit Bureau
    >Good credit Scores, 700 minimum scores
    >Bulk order will be preferable
    >Minimum order 20 leads/fullz
    >Hope for the long term business
    >You can asked for samples, specific states & zips (if needed)
    >Payment mode BTC, PAYPAL & PERFECT MONEY

    Email > leads.sellers1212@gmail.com
    Telegram > @leadsupplier
    ICQ > 752822040

    ''OTHER GADGETS PROVIDING''

    >SSN Fullz
    >Dead Fullz
    >Carding Tutorials
    >Hacking Tutorials
    >SMTP Linux Root
    >DUMPS with pins track 1 and 2
    >Sock Tools
    >Server I.P's
    >USA emails with passwords (bulk order preferable)

    **Contact 24/7**

    Email > leads.sellers1212@gmail.com
    Telegram > @leadsupplier
    ICQ > 752822040

    Posted on February 2, 2021 at 5:22 PM

     
  5. Mr Gori Said,

    Awesome ideas. Lots of innovative ideas and technologies are going to be introduced. Thanks for sharing this awesome blog

    Posted on July 5, 2021 at 2:41 AM

     
  6. Mr Gori Said,

    https://allcracksoft.org/darkcomet-rat-crack-remote-administration-tool/

    Posted on July 5, 2021 at 2:42 AM