How to Write a Java Based Backdoor(RAT)

Welcome to my tutorial where Voidx and I will be expanding on my previous article to provide more clarity into the logic of the code.

My code can be found here -> http://pastebin.com/2nYicFPM

*****************************

Index:

$->Keyword

!->Start of code

^->End of code

*****************************

Keywords:

continue-> This key work is used to indicate that if the program does catch any errors to ignore them.

static->This key word is used to indicate that the variable is related to a type not a particular instance of the variable.

private->This indicates that the particular variable can only be accessed by class or method which created it.

************DISCLAIMER************

Voidx nor me is responsible for anything done with the backdoor.*

******************************

Public Class RAT

Okay now we will start on the actual code.

As you see we have declared a lot of variables here. We have done this as these variables are imperative for the RAT, the inclusion of the variables in the class RAT means that we have access to these variables from every method the class RAT holds. I have done this as the code can be highly customized now. Let's go over the variables.

Socket

!private static Socket s^ creates a private type Socket named s. This is the most important variable in the code as it is necessary to receive the input.

Scanner(Getting the input)

!private static Scanner sc^ is used to create a variable named sc of the type Scanner. In Java Scanner is used to read input into a buffer. This is imperative as later we will ask our sc to get the input stream of the Socket s we created just before.

PrintWriter

Surely you are getting what private static are doing by now, so from now on I will only talk about what these do. PrintWriter lets us write information to the Socket.

!int length^

This is used to calculate the amount of arguments passed on to the backdoor later.

ProcessBuilder

This type lets us execute commands.

BufferedReader

This type is used to get the output of the command run by ProcessBuilder ps.

!String line^

Declares a String called line.

We will see about this later

!String stdout^

Declares a String called stdout.

We will also see this later

Public Static Void Main(String Args[])

This method is the method that will be run upon execution, this is indicated by the method name being main. It also takes in an array of String with the array name being args. The Strings can be accessed by args0, args1..., Okay let's start.

Now we declare on a host name as this backdoor is DNS based. Meaning that it resolves a Domain name like www.example.com and turns that to an IP before connecting. 'localhost' means your own computer.

Then we declare what port we want our backdoor to connect to.

Now we need an String of the ip of the hostname. In this case we want "localhost" ip address as a String. Therefore we call the resolve method and pass in the DNS name we want to resolve into an ip.

******************************

Now head over to Voidx's tutorial to figure what the method resolve does.

https://null-byte.wonderhowto.com/how-to/create-rat-java-part-1-method-resolve-0167859/

******************************

Now we declare a variable of type int and name 'stat'.

The do-while loop is used try to connect to the ip address. The method returns an integer(1 if successful) that is why we had to declare an int called stat. The next line !while(stat!=1) says that if the method is successful(i.e. returns 1) to stop.

******************************

Head over to this article to find out what the connect method does->

Sorry not yet finished

******************************

Done now we are conneted to the server. We then use System.gc() to do a garbage collection. If you don't know what this is don't worry.

Remember the PrintWriter and Scanner we declared before as pr and sc,well we are now assigning the values of pr and sc into the ouput of the Socket named s and the input of the Socket named s.

Next we specify the Delimiter. Th Delimiter is used in order to know the end of the message received. Then received and stdout are Declared as Strings.

*******************************

The while(true) loop is used to continuously get input from the Socket by using the Scanner. This code is sc.next() which is written into the variable received. Next we use received.trim() to get rid of any leading of trailing whitespace. Next we remove the Delimiter from the old received value and write it into received. Then we act upon the String contained in received. The if statement is used to see if a quit was sent then we act on this by closing the Socket and it's streams and finally quiting the program.

*******************************

You may have noticed we had try/catch in the while loop. Well we will go over that later, but lets have a look on what to do if received did not contain "quit".The else is used to say that if there was no "quit" in received then do.Now we did declare a variable called stdout. Well now we are assigning the value of the execution of received into stdout. Then we will send the stdout through the Socket's Output Stream using the PrintWriter called pr followed by the \0 to indicate that it is the end of the string. pr.flush is used to empty the buffer.

******************************Head over here to find out how the execute method works ->

Sorry not yet done*

*******************************

Now to why that try/catch is in place. Now the try/catch is in place due to the following reason. What if the backdoor connects and then the server disconnects. What will happen in this scenario is that the backdoor will not know what to do and be rendered useless. We use the catch to connect back into the server.

******************************

Good luck

Mendax v2