HACK A SYSTEM USING RAT’S

Hi friends this is Mystry . This is my first post to hack a system using RATS.
so what do RAT  mean ?

RAT stands for Remote Access Trojan or Remote Administration Tool. It is one of the most dangerous virus out their over the internet. Hacker can use RAT to get complete control to your computer. He can do basically anything with your computer. Using RAT hacker can install key logger and other malicious viruses remotely to your computer, infect files on your system and more. In this post i will tell you about what hacker can do with your computer using RAT and tell you about some commonly use RAT by hackers.

 What is RAT ?

As i have told you in my introduction paragraph RAT is Remote Access Trojan. It is a piece of software or program which hacker uses to get complete control of your computer. It can be sent to you in form of images, videos or any other files. There are some RAT that even your antivirus software can not detect.  So always be sure about what you are downloading from the internet and never save or download files that anonymous user send you  over the mail or in chat room.

 

 What You Can do With RAT ?

Once a RAT is installed on any computer hacker can do almost anything with that computer. Some malicious task that you can do with RAT are listed below:

You are able to install any malicious software(keyloggers…)
Able to monitor the Chat windows
Turn off the system remotely
You can disable antivirus/registry/restore point
Stealing the passwords and License key of their software.
Able to access Control panel
You can add or remove any programs
Show Fake Error messages to victim
Control Printers
Format the Entire Hard drive.
Open FTP(File Transfer Protocol) and transfer files
Control Internet Browser
more fun…

 

 Are RATs Illegal?

Some RATs are legal, and some are not. Legal are the one without backdoor left, and they have ability to close connection anytime. Illegal are used for hacking and they can steal data (Credit Cards, Passwords, private data etc.).

Here is a list of some Legal and Illegal RATs:

Legal:

    • TeamViewer – Access any remote computer via Internet just like sitting in front of it – even through firewalls.
    • UltraVNC – Remote support software for on demand remote computer support. VNC.Specializing in Remote Computer Support, goto my pc, goto assist, Remote Maintenance
    • Ammyy Admin – Ammyy Admin is a highly reliable and very friendly tool for remote computer access. You can provide remote assistance, remote administration or remote
    • Mikogo – Mikogo is an Online Meeting, Web Conferencing & Remote Support tool where you can share your screen with 10 participants in real-time over the Web.

Illegal:

    • Spy-Net
    • Cerberus Rat
    • CyberGate Rat
    • Sub Seven
    • Turkojan
      • ProRat
    • Ardamax

How do I use these RATs?

For the legal RATs, for example, TeamViewer, give the other party your ID and password (the one who is getting viewed gives the other the information). The other connection then puts the ID. You then have many options to choose from, which are self explanatory (once connected).

For the illegal Rats, you need to portforward it to listen onto a port. You then need to build a server, spread it to others, they run your program, and they’re infected.

How do I port forward?

Port forwarding is easy and important for an illegal RAT. You need open port because RAT connects through open port and bypass firewall. Open your web browser and write your IP and connect to your router (write Username: Admin & Password: Admin), open port forward page and write port you want and your IP. Well that’s all you need to do and now you got open port.

How do I control server?

Once installed, RAT server can be controlled via RAT client. From IP list box you choose PC and connect.

Where and how do I spread?

There are few different ways to spread your server. You can spread on warez websites, P2P file sharing websites (uTorrent, Pirate bay etc.), YouTube, etc. Some people use custom made Auto-Spreaders programs to spread their server.

What’s reverse Connection?

A reverse connection is usually used to bypass firewall restrictions on open ports. The most common way a reverse connection is used is to bypass firewall and Router security restrictions.

Whats Direct Connection?

A direct-connect RAT is a simple setup where the client connects to a single or multiple servers directly. Stable servers are multi-threaded, allowing for multiple clients to be connected, along with increased reliability.

How to work with RATs ?
Step 1:

First of all you have to download Remote Administration Software and install in your system.Step 2:
Then you have to create a server using the RAT software. Here , server is our trojan that is going to bring control over the victims system.

Step 3:
Bind the server with any files(JPEG,doc,txt…). You can bind this using some binder. Most of RATs provides Binding option also.

Step 4:
Send this file to Victim. Once the victim open the file, the server will start to run. It will disable Antivirus, registry,…depending on your configuration.

Step 5:
Find the IP address of the Victim(there is different methods to find IP address, read my previous articles). Once you got the IP address, using your Remote Administration Tool, you can connect to the Remote System.

Now World is under your control.

Connections in RATs
Direct Connection:
In Direct connection, Our system(Remote administration tool installed) is client and the victim system act as server. Our system connects to the Remote System and take control over the system. You have to find the IP address of Victim and connects to the system. Some high secure Firewalls will block the Connecting to the system on Open ports.

Reverse Connection:

Reverse connections is for bypass the Firewall Restrictions on Open ports. Firewall Restrict the Open ports but not the outgoing traffics.
In a Direct connection, client connects with Server using the Open port of Server.
In reverse connection, client open the ports and server connects to the open port.

I think you confused little bit , right? In simple words,
Victim computer connects automatically to our computer in reverse connection (in Direct connection, we have to connect to victim system using their IP address).

OKAY. NOW TO HACK A SYSTEM there are two types of RAT’S

a)  IN THIS TYPE OF RAT WE NEED VICTIM’S IP TO HACK HIS SYSTEM

EX: PRO RAT

b)  IN THIS TYPE OF RAT WE DON’T NEED VICTIM’S IP TO HACK HIS SYSTEM

EX: DARK COMET RAT

 

NOW I WILL LET YOU KNOW HOW TO CREATE RATS OF BOTH KINDS  🙂

NOW TYPE ONE

A)  HERE WE USE PRO RAT TO HACK SYSTEMS

 

Hi guys..today i am going to show you how to set up ProRat and how to hack a computer using it. Well, i am going to finish up RAT setup articles with this. I will give the counter measures in my next article.

procedure to setup ProRat

STEP 1. First of all Download ProRat ( FROM NET AT UR OWN RISK AS MOST OF THEM HAVE BACKDOOR).
Crypter Software – To disable  antivirus detection (You can Downland Crypter Software from  net and use in virtual machine or at own risk )   

STEP 2. Open up the program and You should see the following window.



STEP 3. Click on the “Create” button in the bottom. Choose “Create ProRat Server“.

STEP 4. Next put your IP address so the server could connect to you. You need not enter your IP address manually, you can do this by just clicking on the little arrow. it automatically fills your IP address.
Next put in your e-mail so that when and if a victim gets infected it will send you an email.

STEP 5. Now Open General settings. This tab is the most important tab. In the check boxes, we will choose the server port the program will connect through, the password you will be asked to enter when the victim is infected and you wish to connect with them, and the victim name. As you can see ProRat has the ability to disable the windows firewall and hide itself from being displayed in the task manager. Just follow the steps as shown in the figure.

STEP  6. Click on the Bind with File button to continue. Here you will have the option to bind the trojan server file with another file. You can select an image, text file or pdf file, So as to make the victim trust your file.

STEP  7. Click on the Server Extensions button to continue. Here you choose what kind of server file to generate.    I prefer using .exe files.

STEP  8. Click on Server Icon to continue. Here you will choose an icon for your server file to have. The icons help mask what the file actually is.

STEP  9. After this, press Create server, your server will be in the same folder as ProRat. Start giving this file to your victim. When the victim double click the file, his computer will be in your control.

STEP  10. Now the hacker has lot of options to choose from. He can do many funny things with the victim’s computer.

NOTE: In this tutorial, i put the victim’s IP as 127.0.0.1 as i am testing it on my computer. Inorder to hack a remote computer, you need to get the IP address of your victim. After the creation of rat use to to crypt it to spread 🙂

thus we create rats using PRO RAT

 

NOW ITS TIME FOR TYPE TWO :

B)

Hack a Remote Computer Using  Ardamax Keylogger

 

Things we Need : –
1. Ardamax keylogger  Download (from net and use in virtual machine or at own risk )

2. Ftp account – You can create a free ftp account from www.drivehq.com

3. Crypter Software – To disable  antivirus detection (You can Downland Crypter Software from net and use in virtual machine or at own risk )   

Procedure :-

1. After installing  Ardamax keylogger, select and right  click Ardamax keylogger icon from your tasks bar. Now select enter registration key , then put in the name and the serial number which you will get from the downloaded software folder

                                                    

2.  Now right click Ardamax keylogger icon and select  remote installation, click next two times check all  the boxes as shown then finally click next


3. Now click enable and enter a password so that no one can open the keylogger then click next  three times, check “send logs every ” and set your time say 5 min , Then select delivery method as Ftp, finally click next



4. Now enter your ftp account details which you created earlier in my case in enter Ftp host –ftp.drivehq.com ,remote folder -/logs ,user – test, Finally click next


5.  Now check all the boxes and click next, set your time for capturing the screen shots, then click next, If you want you can also change the icon by selecting change icon as shown. Finally select next and click finish



6.  If you’ve done all the steps correctly, you should get a server file (keylogger file ) , But this server file can be easily detected by anti -viruses , So to bypass anti viruses we need to bind and crypt the file ,So to do this open your crypter software (which you downloaded earlier) Now select file 1 as the server file (key logger file which you created) and then select file 2 as any application, select a good application(select a PDF  file for best performance)finally click Crypt file, Now you will get a crypted server file ( key logger file ) which is FUD  ( I.e ) Fully undetectable by anti viruses 

                                                                             
7.  Now send the fully undetectable Server file(keylogger file ) to your victim via email or upload it to any site and ask the victim to download the file.Once the victim clicks the application .Ardamax keylogger will  automatically install and will send logs(containing facebook password email passwords ,chat logs ..etc) to
your ftp account .You can view your victims logs by going  to your ftp account  

 
THUS THE RATS ARE CREATED AND USED TO TAKE OVER CONTROL ON VICTIM’S COMPUTERS
This is a simple and a very effective method of hacking a remote computer.If you have any doubts please be free to post a comment

 

 

Note:
This is just for educational purpose only. Using RAT to control unauthorized system is completely a crime. So Please don’t try to do. (Discussing or Reading about thief technique is not crime but implementing)

soon I will post on ” how to find whether you are a victim of a rat or not   and  how to hack a hacker

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s