nomorelies
Professional
what is a RAT?
a Remote Administrator tool, or RAT for short can be used to gain both authorised or unauthorised access to a remote compter. You need to make them install your stub, which can either be bind to another program to make it seem legit or you can make someone download (and run*) your stub out of pure stupidity.
computers will run the "client" software application, while the other computer(s)
operate as the host.
how does a RAT work?
A remote administration tool has a Executable file and client technology. The Executable file runs on a controlled host computer and receives commands from the client, which is installed on other remote host. A remote administration tool works in background and will hide for users. You can monitor user’s activity as well as do basicly everything they're able to.
as previously mentioned you can use remote admin tools to both get authorised access or unauthorised access.
a few programs you can use are
Illegal RATs:
so know that you know what a RAT is, how it operates and a few examples. let's get going with how to actually set up a RAT.
first you have to get a DNS for your RAT. I recommend using DuckDns but there are a few other options. make an account on http://www.duckdns.org/
After you make the account there, click on Add domain, this domain can be anything you want.
![[Image: rT0G7jI.png]](http://i.imgur.com/rT0G7jI.png "[Image: rT0G7jI.png]")
download the DuckDNS updater from
http://www.etx.ca/products/windows-appli...te-client/
After you do that, login to your duckDNS account and they should have an option for Select domains. Click that. Choose the domain you made. this will be useful later.
![[Image: 17l3yYO.png]](http://i.imgur.com/17l3yYO.png "[Image: 17l3yYO.png]")
note: the DNS won't be "http://test4gs.com" it will be "http://test4gs.duckdns.org".
quick tips:
![[Image: Oywy4cE.png]](http://i.imgur.com/Oywy4cE.png "[Image: Oywy4cE.png]")
(yes I'm cheap and using a cracked version of Imminent monitor 3.)
if you wanna crypt it with a crypter I suggest you leave all options empty and do it in the crypter instead to avoid clashes. if not although I suggest it, you should click the desidered boxes.
![[Image: lI2wFs5.png]](http://i.imgur.com/lI2wFs5.png "[Image: lI2wFs5.png]")
and after that you should build the stub. since you've read the start hopefully you should know that the stub is the client side of the RAT. now let's move on to the server. it's as simple as listening to the port you've opened for your client.
![[Image: 2Rk7RJj.png]](http://i.imgur.com/2Rk7RJj.png "[Image: 2Rk7RJj.png]")
Spreading.
this is the part that is most versatile. as you can both aim at what kind of audience you want. if you want an older audience (for the most part) you can go with spreading through chatroulette binding your stub to pictures of "yourself" as you're basically social engineering them to download your stub binded to pictures.
you can also spread it through YouTube. with this, you can aim for your audience to choose what kind of person you wanna spread to. simply binding it to a program
FAQ
Q - How do they spread?
A - Some RATs can spread over P2P file-sharing programs such as uTorrent while others can be spread through spam mail. the usual way to go through is binding it with software.
Q - How do I control the server?
A - Once installed, the RAT server can be controlled via a RAT client.
Q - How do I port forward?
A - Port forwarding is easy and important for RAT. Well, you need an open port because RAT connects through the open port and bypasses the firewall. Open your web browser and write your IP and connect to your rooter. open the port forward page and write the desired port you want and your IP.
(http://portforward.com/)
Q - How do I make my server FUD?
A - If you want to make your server FUD again, you will need crypter. Also, you can hex edit your server, but be careful some servers can crash after hex editing. Crypting is generaly the way to go.
Q - how do I keep my clients?
A - making sure your stub is always up to date. you generaly wanna re-crypt it again once it gets detected. just send the new stub to your client and run it.
Q - what's the diffrance between an illegal RAT and legal RAT
A - nothing major sets a legal RAT apart from a illegal RAt. as stated nanocore (legal) can be modifired to work malisously and Imminent Monitor (illegal) can be used for a company CEO to monitor your workers.
you need to have consent from the owner of the computer for it to be legal. otherwise it's mostly illegal.
a Remote Administrator tool, or RAT for short can be used to gain both authorised or unauthorised access to a remote compter. You need to make them install your stub, which can either be bind to another program to make it seem legit or you can make someone download (and run*) your stub out of pure stupidity.
computers will run the "client" software application, while the other computer(s)
operate as the host.
how does a RAT work?
A remote administration tool has a Executable file and client technology. The Executable file runs on a controlled host computer and receives commands from the client, which is installed on other remote host. A remote administration tool works in background and will hide for users. You can monitor user’s activity as well as do basicly everything they're able to.
as previously mentioned you can use remote admin tools to both get authorised access or unauthorised access.
a few programs you can use are
Illegal RATs:
- Imminent Monitor
- Babylon
- Poison Ivy
- NjRat
- Darkcomet RAT
- Teamviewer
- NetWire RAT
- Darkcomet 5.4 Legacy
- Ultra VNC
- Nanocore
- Mikogo
so know that you know what a RAT is, how it operates and a few examples. let's get going with how to actually set up a RAT.
first you have to get a DNS for your RAT. I recommend using DuckDns but there are a few other options. make an account on http://www.duckdns.org/
After you make the account there, click on Add domain, this domain can be anything you want.
download the DuckDNS updater from
http://www.etx.ca/products/windows-appli...te-client/
After you do that, login to your duckDNS account and they should have an option for Select domains. Click that. Choose the domain you made. this will be useful later.
note: the DNS won't be "http://test4gs.com" it will be "http://test4gs.duckdns.org".
quick tips:
- always run your DNS with a VPN, although no VPN provider will go to jail for you, it's a extra layer of security.
- don't brag about how many clients you have. this goes under opsec and common sense as you don't wanna make yourself a target.
(yes I'm cheap and using a cracked version of Imminent monitor 3.)
if you wanna crypt it with a crypter I suggest you leave all options empty and do it in the crypter instead to avoid clashes. if not although I suggest it, you should click the desidered boxes.
and after that you should build the stub. since you've read the start hopefully you should know that the stub is the client side of the RAT. now let's move on to the server. it's as simple as listening to the port you've opened for your client.
Spreading.
this is the part that is most versatile. as you can both aim at what kind of audience you want. if you want an older audience (for the most part) you can go with spreading through chatroulette binding your stub to pictures of "yourself" as you're basically social engineering them to download your stub binded to pictures.
you can also spread it through YouTube. with this, you can aim for your audience to choose what kind of person you wanna spread to. simply binding it to a program
- Minecraft tools. (force-op, hack clients, crackers, etc)
- Dos tools aiming for low-life skids. (Low orbit ion cannon etc)
- gamer cheats on popular games such as CS: GO, LoL, etc.
FAQ
Q - How do they spread?
A - Some RATs can spread over P2P file-sharing programs such as uTorrent while others can be spread through spam mail. the usual way to go through is binding it with software.
Q - How do I control the server?
A - Once installed, the RAT server can be controlled via a RAT client.
Q - How do I port forward?
A - Port forwarding is easy and important for RAT. Well, you need an open port because RAT connects through the open port and bypasses the firewall. Open your web browser and write your IP and connect to your rooter. open the port forward page and write the desired port you want and your IP.
(http://portforward.com/)
Q - How do I make my server FUD?
A - If you want to make your server FUD again, you will need crypter. Also, you can hex edit your server, but be careful some servers can crash after hex editing. Crypting is generaly the way to go.
Q - how do I keep my clients?
A - making sure your stub is always up to date. you generaly wanna re-crypt it again once it gets detected. just send the new stub to your client and run it.
Q - what's the diffrance between an illegal RAT and legal RAT
A - nothing major sets a legal RAT apart from a illegal RAt. as stated nanocore (legal) can be modifired to work malisously and Imminent Monitor (illegal) can be used for a company CEO to monitor your workers.
you need to have consent from the owner of the computer for it to be legal. otherwise it's mostly illegal.
