Forum Thread: How to Stay Anonymous While RATting (Level: Paranoid)

Hello my curious community members!

This is my first post here. I noticed anonymity is a big topic here last few weeks. Today i will present you how paranoid blackhat hackers with large botnets stay anonymous and teoretically safe. I will post more about RATting since its not covered here by others ( who are doing really great job educating this community, big up OTW,phoenix,crackerhacker etc..).

So lets start... This is case study, so i do not tell anyone to do this, but how others do this.

Preparation:

  1. Get an old notebook, from second hand and not providing seller your personal info. You dont need a high-end machine since RAT software is just "executing commands".
  1. Get a good VPN operating under the jurisdiction of Sweden, Iceland or Seychelles, since this coutries has no data retention laws and good privacy laws. (pay with bitcoin since some vpn providers store payment info).
  1. get an Alfa AWUS036H with 5dBi or more antena range.

Technique:

Buy some laptop from second hand and make sure the seller knows sh.t about you (ensure no cameras involved).

Encrypt the drive! (this is important!). Fire up kali or whatever system u use to hack. Spoof mac adress. Important thing is to have a good wifi reciever (alfa is the best thing you can go with or something with packet injection). Crack some wifi in range (im sure there is a lot of them in range).. When you succesfully hack a wifi network, next target is router.

Most of people dont change router passwords. Did you changed yours??

After getting an acces make sure you disable router logging and additionaly make a port forwarding but its not really neccesary since we will use portforwarding thorough our VPN service.

Now fire up tor, proxychains etc. and disable webRTC (in browser config or get plugin) and use incognito mode.

With tor and (or) proxychains running make an email account. With this email get a VPN, set portforward (nvpn is a good way to go, but its ur choice) and get no-ip service (noip.com).

Now you just set the things up. Since most RATs are for windows, fire up windows, spoof mac adress, connect to a cracked wifi, connect to VPN and start NO-IP client. Than make a RAT server and stub with no-ip dns and spread.

NOTE: Do not ever, never, start no-ip client before VPN (they propably keep logs)!!!!

If you do things right (you might add an extra twist if you are really mega paranoid) you will for 99,99% wont get caught.

Scenario of law:

Victim calls police. Law force gets an no-ip record from ur trojan. No-ip leaks and ip adress which is your VPN (its a good from time to time to change VPN's ip since u use no-ip dns host, it is no problem,) VPN leaks ip and it leads to the router. Router has no records(or spoofed mac so no support from manufactures), so there is only social factor, that your neighbour can say, it could be only the that wierdo from across the street. Raid comes up... drive is very well crypted and it could take years to crack....

Thanks for reading... expect more things from me and sorry for mistakes, alcohol is my enemy right now.

But remember, this is case study and curiosity is your best friend. Most of things i mentioned is covered here on null byte.

Topic Related Links:

Full Disk Encryption With TrueCrypt

Choosing Wirelles Adapter

Spoofing MAC

How To Hack a Wi-Fi

Proxychains, TOR, VPN etc...

23 Responses

i guess you pressed "submit" too early?

-Phoenix750

yeah gimme a minute :)

guys, don't give him negative kudos because he pressed the wrong button! it happens to us all!

-Phoenix750

wasn't me, it was an alcohol :D sry for misclick, working on tut right now....

Dont worry. I gave +1 :)

thanks u might change it after reading... still work in progress... let me smoke a cigarette :)

how would you forward a port through VPN, except hijacking the VPN server?

-Phoenix750

Some VPN services allow portfofarding in their client zone. Even if u have shared IP.

It's true. PIA has a port-forwarding option.

+1. I really enjoyed this tutorial. This will be a good place to direct newbies. If only there were links in the post to the different parts (like encrypting HD, setting up a VPN in Kali, Cracking WPA and router, etc..).

Pretty sure my vpn provider (private internet access ) has this feature. Haven't got around to trying it for this yet. Used it at school to get around the torrenting/port blocks. Worked well.

Good point. I will update ;)

Nice tut?? But is it possible without 'purchasing' anything??

Well for security you need to pay something.

  1. Noone said you cant use your notebook, but another one adds an extra layers to security and you can just throw it up when get paranoid (i cant imagine throwing up my loved 2500$ dell xps) :)
  1. There are also free VPNs, but they are limited with speed and i doubt they wont give you up when law force shows up or let you portforward.
  1. You dont have to buy Alfa to crack wifi. OTW covers the topic very well here: here

How about not using a vpn but another wifi and proxychains??
Or a cafe??

Nice post 1DAL. I enjoyed reading this, thank you for posting. :)

Very nice post on something I thought I should be looking into next. Now to set up proxy chains...

You should've reccomended Tails! Thats secure and anonymous by design, you could simply boot from it every time, and keep a separate encrypted drive.

https://tails.boum.org/

But it doesnt have the tools as much as kali...

Well yeah, you certaily are right but this is how to stay anonymous while RATting and most RATs are for Windows.

Lol this is great. I always wanted to know how they do it.

Do I have to use a Alfa AWUS036H or can I use one that I found: Card King KW-3016N?

Share Your Thoughts

  • Hot
  • Active