How To: Program Your Own Little RAT (Part 2) Getting the Client Working

Program Your Own Little RAT (Part 2) Getting the Client Working

OK, In my last Tutorial we made a Server for sending Instructions to a Client. This time we will build the Client. Fire up your favourite Python environment and get the Code here.

The Server Code

---Imports---
-socket is again for the connection
-time is for pausing the Client (You will see later why)
-random is for getting random things. This time we want some random integers (Again you will see later why)

---Variables---

-lHost is the Variable, where you have to put in your own IP. If you test the whole RAT on the same Computer (Server and Client running there) then you have to just leave the field blank.

-Port is again the Variable where you can change the connection port (Both Ports have to be the same in Server Code and Client Code)

---Functions---
This time we have 2 Functions.
-send(msg) This Function encodes the argument given with UTF-8 and then sends it to the Server

-getInstructions() is the Heart of our Client. This Function receives the messages from the Server and then check them for keywords like 'test'. Test is the first added "feature" of this RAT. It sends only a response to the Server saying that it's working. Here is the place to add features for yourself, like a shutdown, dowload or even a shell. Be creative and try different ideas.

---Connection---

The first 2 Lines sets up a ready Connection. The while-statement repeats a try to connect to the Server IP as long as it can't etablish a Connection. Here is the point, where I used random to generate a random waiting time between the tries of connecting to the Server. I thought that every random thing in this makes it harder to identify the RAT, but this could be rubbish. After the Connection is etablished the getInstructions Function is started and the Client is ready for receiving your Commands ;)

Conclusion

At this Point I say again, that this RAT is unstable and unfinished. You can use it at your own Risk, but I think you should just use it for researching purposes. Here you can see a simple Structure, which can be used in your own simple RAT. If you want to write your own, I also recommend to use another language like C or Rust. Python is not very useful for things like this. Have fun editing and testing the Code, you have all rights to use and share this, but I prefer to get a reference or something ;)

~Thogs

4 Comments

Which site is best for scanning the RAT file created?
I know virustotal.com, but it sends the files to AVs.

I recommend to never upload your viruses to any scanner. Try to find out the victims AV and just scan with that.

Ok sure. Thank you @Thogs

it wont connect ip is mine-I am server host and I dont understand what to put the port as...? so I left it as default - the port programm came with and it wont connect :C

Share Your Thoughts

  • Hot
  • Latest