FN SECURE: Chapter 10 : RATs (Hacking on Server's PC)

Call Us For Workshops Or Seminars.. In Your University, Colleges, or Schools.
Email Us At : vicky@globallyunique.in

Save as PDF

Chapter 10 : RATs (Hacking on Server's PC)



Introduction :

A Remote Administration Tool (known more commonly on the Internet as a RAT) is used to remotely connect and manage a single or multiple computers with a variety of tools, such as:
  • Screen/camera capture or control
  • File management (download/upload/execute/etc.)
  • Shell control (usually piped from command prompt)
  • Computer control (power off/on/log off) 
But this can also be misused. It is used only on one servers means you can use RAT on all the computers connected to your LAN system . Usually in schools/universities hostels where there is a net system using LAN.You can use RAT there to hack the system of ur friend sitting in any other room .....

RAT Trojan Horses :

Many trojans and backdoors now have remote administration capabilities allowing an individual to control the victim's computer. Many times a file called the server must be opened on the victim's computer before the trojan can have access to it. These are generally sent through email, P2P file sharing software, and in internet downloads. They are usually disguised as a legitimate program or file. Many server files will display a fake error message when opened, to make it seem like it didn't open. Some will also kill antivirus and firewall software. RAT trojans can generally do the following: Download, upload, delete, and rename files
  • Format drives
  • Open CD-ROM tray
  • Drop viruses and worms
  • Log keystrokes, keystroke capture software
  • Hack passwords, credit card numbers
  • Hijack homepage
  • View screen
  • View, kill, and start tasks in task manager
  • Hide desktop icons, taskbar and files
  • Print text
  • Play sounds
  • Randomly move and click mouse
  • Record sound with a connected microphone
  • Record video with a connected webcam
Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack. They usually do disruptive things like flip the screen upside-down, open the CD-ROM tray, and swap mouse buttons. However, they can be quite hard to remove.

Popular RAT Software :


  • Shark
  • Bifrost
  • Bandook
  • BO2K
  • ProRAT
  • SpyRAT
  • HackRAT
  • Netbos
  • Optixe
  • AutoSpY
  • Nclear
  •  Amituer
  • Bandk
  • Yuri RAT
  • Y3k RAT
  • slha RAT
  • Openx RAT
  • Poison Ivy RAT
  • Mosucker
  • SubSeven RAT
  • Nuclear RAT
  • NetBus RAT
  • ProRAT
  • megapanzer
  • LanHelper
But i suggest using optix pro

so a short tutorial on how to use optix for you guys..

How to use it ?


So a short tutorial on how to use optix for you guys..

1) INTRO :


It isnt that hard to use.The Program used to build server files are :

.ClientClient.exe = Client
.BuilderBuilder.exe = Builder


WARNING: DO NOT RUN THE FILE(s) THAT YOU CREATE WITH BUILDER.EXE - THESE
FILES ARE THE ONES INTENDED TO RUN ON THE REMOTE COMPUTER THAT YOU WANT.TO REMOTELY ADMINISTRATE, NOT YOUR OWN!!!!

2) Quick Start Tutorial:


1) Open Builder
2) Click"Build/Create Server:" button
3) Save Server as "server.exe"
4) Click UPX Packing
5) Click OK
6) Run Server.exe on the computer you wish to administrate (WARNING: NOT ON YOUR OWN COMPUTER!!!)
7) Open Client
8) Type in IP Address of other computer
9) Hit the Green Button in top-right hand corner to connect!

To find out exactly how to use a particular part of the program, simply
hover your mouse button over the face of a button, control etc. and a
"help hint" will appear instructing you as to the purpose of that
particular field/button etc.

UPX Packing is automated in the server build process if you wish to pack
your file!

to get an up-2-date copy of BlackFire's cgi logger (cgi notification)
go to:


However a new logger (alternativecgilogger.zip) is also provided in
this version. Advanced users check it out!

3) FEATURE LIST :


v1.33 - Client Side :

COMPATIVBLE WITH ALL PAST SERVER VERSIONS! in a limited way! (own risk)
Client SOCKS 4/5 Support
Power Options - logoff,suspend,reboot,shutdown etc.
Server Information - Get info about builder settings
File Manager
Process Manager
Windows Manager
Registry Manager
FTP Manager
SOCKS 4/5 Server
Remote IP Scanner
Port Redirect
Application Redirect
Service Manager
Message Box
Matrix Chat (Client-2-vic)
Client-2-Client chat
Computer Information
Get Passwords - (RAS/Cached - 9x and AIM)
Online Key Logger - (now window titles)
Screen Capture with left click mouse manipulation
Keyboard Manipulation - (more advanced)
Cam Capture
SendKeys - old version of SendKeys for older servers
Humor normals - Flash keyboard lights, Monitor on/off, Disable keyboard/mouse etc.
Humor Screen Printer - print text to their screen!

v1.33 - Server Side :

COMPATIBLE WITH ALL PREVIOUS CLIENT VERSIONS! in a limited way! (own risk)
Configurable:
Notification Information Separators
IP Address Separator
Info included in any Notification
Idenfitication Name
Server Port
Server Password
Fake Error
Server Icon
Registry Run startup
Registry RunServices startup
win.ini startup
system.ini startup
s7 special method startup!
Server File Name
Start Directory (windir/sysdir)
Melt Server
Unlimited ICQ Number Notification
Unlimited CGI Script Notification
Unlimited IRC Server/channel Notification
Unlimited PHP Script Notification
Unlimited SMTP Notification
Toggling killing of in-built exe/service list for firewalls
Toggling killing of in-built exe/service list for Anti-Virus
Toggling killing of in-built exe/service list for packages classifed as both anti-virus and firewall!
Unlimited Number of custom exe's to kill
Unlimited Number of custom services to kill
Easily Automated UPX Packing if needed.
Option for unpacked or packed server with your own packer if wanted (instructions clear) 

Hope u like it Comments are welcome

Leave a Reply

Save this Page

Download as PDF