RAT stands for Remote Access Trojan or Remote Administration Tool. It is one of the most dangerous virus out their over the internet. Hacker can use RAT to get complete control to your computer. He can do basically anything with your computer. Using RAT hacker can install key logger and other malicious viruses remotely to your computer, infect files on your system and more. In this post i will tell you about what hacker can do with your computer using RAT and tell you about some commonly use RAT by hackers.
What is RAT ?
What You Can do With RAT ?
Once a RAT is installed on any computer hacker can do almost anything with that computer. Some malicious task that you can do with RAT are listed below:
You are able to install any malicious software(keyloggers…)
Able to monitor the Chat windows
Turn off the system remotely
You can disable antivirus/registry/restore point
Stealing the passwords and License key of their software.
Able to access Control panel
You can add or remove any programs
Show Fake Error messages to victim
Format the Entire Hard drive.
Open FTP(File Transfer Protocol) and transfer files
Control Internet Browser
Are RATs Illegal?
Some RATs are legal, and some are not. Legal are the one without backdoor left, and they have ability to close connection anytime. Illegal are used for hacking and they can steal data (Credit Cards, Passwords, private data etc.).
Here is a list of some Legal and Illegal RATs:
- TeamViewer – Access any remote computer via Internet just like sitting in front of it – even through firewalls.
- UltraVNC – Remote support software for on demand remote computer support. VNC.Specializing in Remote Computer Support, goto my pc, goto assist, Remote Maintenance
- Ammyy Admin – Ammyy Admin is a highly reliable and very friendly tool for remote computer access. You can provide remote assistance, remote administration or remote
- Mikogo – Mikogo is an Online Meeting, Web Conferencing & Remote Support tool where you can share your screen with 10 participants in real-time over the Web.
- Cerberus Rat
- CyberGate Rat
- Sub Seven
How do I use these RATs?
For the legal RATs, for example, TeamViewer, give the other party your ID and password (the one who is getting viewed gives the other the information). The other connection then puts the ID. You then have many options to choose from, which are self explanatory (once connected).
For the illegal Rats, you need to portforward it to listen onto a port. You then need to build a server, spread it to others, they run your program, and they’re infected.
How do I port forward?
Port forwarding is easy and important for an illegal RAT. You need open port because RAT connects through open port and bypass firewall. Open your web browser and write your IP and connect to your router (write Username: Admin & Password: Admin), open port forward page and write port you want and your IP. Well that’s all you need to do and now you got open port.
How do I control server?
Once installed, RAT server can be controlled via RAT client. From IP list box you choose PC and connect.
Where and how do I spread?
There are few different ways to spread your server. You can spread on warez websites, P2P file sharing websites (uTorrent, Pirate bay etc.), YouTube, etc. Some people use custom made Auto-Spreaders programs to spread their server.
What’s reverse Connection?
A reverse connection is usually used to bypass firewall restrictions on open ports. The most common way a reverse connection is used is to bypass firewall and Router security restrictions.
Whats Direct Connection?
A direct-connect RAT is a simple setup where the client connects to a single or multiple servers directly. Stable servers are multi-threaded, allowing for multiple clients to be connected, along with increased reliability.
First of all you have to download Remote Administration Software and install in your system.Step 2:
Then you have to create a server using the RAT software. Here , server is our trojan that is going to bring control over the victims system.
Bind the server with any files(JPEG,doc,txt…). You can bind this using some binder. Most of RATs provides Binding option also.
Send this file to Victim. Once the victim open the file, the server will start to run. It will disable Antivirus, registry,…depending on your configuration.
Find the IP address of the Victim(there is different methods to find IP address, read my previous articles). Once you got the IP address, using your Remote Administration Tool, you can connect to the Remote System.
Now World is under your control.
Connections in RATs
In Direct connection, Our system(Remote administration tool installed) is client and the victim system act as server. Our system connects to the Remote System and take control over the system. You have to find the IP address of Victim and connects to the system. Some high secure Firewalls will block the Connecting to the system on Open ports.
In a Direct connection, client connects with Server using the Open port of Server.
In reverse connection, client open the ports and server connects to the open port.
I think you confused little bit , right? In simple words,
Victim computer connects automatically to our computer in reverse connection (in Direct connection, we have to connect to victim system using their IP address).
OKAY. NOW TO HACK A SYSTEM there are two types of RAT’S
a) IN THIS TYPE OF RAT WE NEED VICTIM’S IP TO HACK HIS SYSTEM
EX: PRO RAT
b) IN THIS TYPE OF RAT WE DON’T NEED VICTIM’S IP TO HACK HIS SYSTEM
EX: DARK COMET RAT
NOW I WILL LET YOU KNOW HOW TO CREATE RATS OF BOTH KINDS 🙂
NOW TYPE ONE
A) HERE WE USE PRO RAT TO HACK SYSTEMS
Hi guys..today i am going to show you how to set up ProRat and how to hack a computer using it. Well, i am going to finish up RAT setup articles with this. I will give the counter measures in my next article.
procedure to setup ProRat
STEP 1. First of all Download ProRat ( FROM NET AT UR OWN RISK AS MOST OF THEM HAVE BACKDOOR).
Crypter Software – To disable antivirus detection (You can Downland Crypter Software from net and use in virtual machine or at own risk )
STEP 2. Open up the program and You should see the following window.
STEP 3. Click on the “Create” button in the bottom. Choose “Create ProRat Server“.
STEP 4. Next put your IP address so the server could connect to you. You need not enter your IP address manually, you can do this by just clicking on the little arrow. it automatically fills your IP address.
Next put in your e-mail so that when and if a victim gets infected it will send you an email.
STEP 5. Now Open General settings. This tab is the most important tab. In the check boxes, we will choose the server port the program will connect through, the password you will be asked to enter when the victim is infected and you wish to connect with them, and the victim name. As you can see ProRat has the ability to disable the windows firewall and hide itself from being displayed in the task manager. Just follow the steps as shown in the figure.
STEP 6. Click on the Bind with File button to continue. Here you will have the option to bind the trojan server file with another file. You can select an image, text file or pdf file, So as to make the victim trust your file.
STEP 7. Click on the Server Extensions button to continue. Here you choose what kind of server file to generate. I prefer using .exe files.
STEP 8. Click on Server Icon to continue. Here you will choose an icon for your server file to have. The icons help mask what the file actually is.
STEP 9. After this, press Create server, your server will be in the same folder as ProRat. Start giving this file to your victim. When the victim double click the file, his computer will be in your control.
STEP 10. Now the hacker has lot of options to choose from. He can do many funny things with the victim’s computer.
NOTE: In this tutorial, i put the victim’s IP as 127.0.0.1 as i am testing it on my computer. Inorder to hack a remote computer, you need to get the IP address of your victim. After the creation of rat use to to crypt it to spread 🙂
thus we create rats using PRO RAT
NOW ITS TIME FOR TYPE TWO :
Hack a Remote Computer Using Ardamax Keylogger
Things we Need : –
1. Ardamax keylogger Download (from net and use in virtual machine or at own risk )
2. Ftp account – You can create a free ftp account from www.drivehq.com
3. Crypter Software – To disable antivirus detection (You can Downland Crypter Software from net and use in virtual machine or at own risk )
1. After installing Ardamax keylogger, select and right click Ardamax keylogger icon from your tasks bar. Now select enter registration key , then put in the name and the serial number which you will get from the downloaded software folder
2. Now right click Ardamax keylogger icon and select remote installation, click next two times check all the boxes as shown then finally click next
4. Now enter your ftp account details which you created earlier in my case in enter Ftp host –ftp.drivehq.com ,remote folder -/logs ,user – test, Finally click next
6. If you’ve done all the steps correctly, you should get a server file (keylogger file ) , But this server file can be easily detected by anti -viruses , So to bypass anti viruses we need to bind and crypt the file ,So to do this open your crypter software (which you downloaded earlier) Now select file 1 as the server file (key logger file which you created) and then select file 2 as any application, select a good application(select a PDF file for best performance)finally click Crypt file, Now you will get a crypted server file ( key logger file ) which is FUD ( I.e ) Fully undetectable by anti viruses
7. Now send the fully undetectable Server file(keylogger file ) to your victim via email or upload it to any site and ask the victim to download the file.Once the victim clicks the application .Ardamax keylogger will automatically install and will send logs(containing facebook password email passwords ,chat logs ..etc) to
your ftp account .You can view your victims logs by going to your ftp account
This is just for educational purpose only. Using RAT to control unauthorized system is completely a crime. So Please don’t try to do. (Discussing or Reading about thief technique is not crime but implementing)
soon I will post on ” how to find whether you are a victim of a rat or not and how to hack a hacker ”