I saw many people asking for a Tutorial about writing their own Remote Administration Tool, so I now introduce you in a basic kind of RAT. This program is not for real use, but for learning how you could write this kind of tool. It will be basicly coded and not very refined. I used Python 3, so you have to install it if you want to use this program unchanged. Also this RAT is for Windows and almost all features won't work under Linux.
Ok, the RAT works with 2 different parts. The first is for sure the malicious one, which you have to put on the victims computer and the other one will control the victims computer. From now on I will call the first part "client" and the second one "server".
I assume for this tutorial that you know how RATs generally work and how to program with Python. Python is a great language for beginners, so I think nobody will get problems with understanding the Code, but if you want to learn Python, just search on Null-Byte for "Python Tutorial". You will find many ressources on that.
The Server Code
You can find the full Source here. I will try to explain the Source.
---Imports---
-Socket is required for networking
-os is required for clearing the terminal (Will be seen later)
---Variables---
-port is for selecting the connection port. You can use everyone you want, but I recommend to use one, which is probably not obtrusive/blocked.
---Functions---
-We got only one Function at the moment, which is used for clearing the terminal (Just an esthetic feature ;) )
---Starting Server---
serversocket = socket.socket(socket.AFINET, socket.SOCKSTREAM)
This sets up a TCP Socket connection.
host = socket.gethostname()
serversocket.bind((host, port))
serversocket.listen(1)
These lines starts the listening of the Server. The last line specifies to allow only 1 connection, which is Ok at the beginning of our little RAT, but can be modified later.
clear()
Clears terminal.
print
Should be clear, isn't it?
clientsocket, addr = serversocket.accept()
Waiting for incoming Connection.
print("Connection from: " + str(addr))
Printing out the Connection Details.
msg = inpu()
Getting the instruction, which will be send to the Client.
if msg == "help":
clear()
print("-+-+-+-+-+HELP+-+-+-+-+-")
print("Test Connection: 'test'")
input("\nPress ENTER to continue")
Just a Help Window. You can see just one Instruction at the Moment, which we can use after setting up the Client.
else:
msg = msg.encode("UTF-8")
clientsocket.send(msg)
msg = clientsocket.recv(4096)
print(msg.decode("UTF-8"))
Every Message, which is not 'help' will be send to the Client, then the Server waits for the response and prints it out. The message is encoded with UTF-8, because bytes are required for sending over networks.
Conclusion
Now we've got a working Server for sending and receiving Instructions. You can see, that it's not pretty good coded, but for learning some basics it's good enough :) I hope you learned something about the basics of programming a RAT. Please give response whether I explain more detailed or what I should add as feature to the RAT. In the next Part we will setup the Client, the heart of our RAT, but for all who don't want to wait and want to test it out now, this will help you out ;) Just change the lHost Variable to the IP of your Servers computer and start trying.
~Thogs
Comments
No Comments Exist
Be the first, drop a comment!