Forum Thread: RATs and Hidden Folders Questions.

This post are some questions I had about the following video that I was watching on YouTube about removing RATs.

  1. I was watching this video:

and from 18:46 - 23:53 he explains that the RAT basically created a folder that was not able to be accessed unless you knew the path. I was wondering how to do that.

  1. I was also wondering if there was any trusted versions of RATs ( preferably Dark Comet ) on the web.
  1. Someone in the comments explained how RATs install on different hierarchical protection domains a.k.a. protection rings. The ones demonstrated in the video install on ring 3 or the ring for applications. He also explained how some RATs install on ring 1 or the device driver ring and some even install on ring 0 or the kernel ring. I was wondering how one would do this.

Thanks for your time.

3 Responses

I don't know a way how you could hide a RAT in such a folder, but you can put it inside a "hidden folder" in windows, like C:/ProgramData, i know poor example.

I also don't know about a trusted version of DarkComet, mainly because i don't have much to do with such "mainstream" RATs.

Probably through an exploit, but i don't know that either..

-phil

I've decided not to use RATs anymore and as for the hidden folder thanks to CRACKER | HACKER I know that to hide a folder. I should make a post on that in the How-To section.

maybe go into youtube, and leave a comment on his video. Im sure he know how to, since he did it. Maybe e-mail him.

Share Your Thoughts

  • Hot
  • Active