basikRAT python Remote Access Trojan



This is a cross-platform Python 2.x Remote Access Trojan (RAT), basicRAT was created to maintain a clean design full-featured Python RAT. Currently a work in progress and still being actively hacked on.
Disclaimer: This RAT is for research purposes only, and should only be used on authorized systems. Accessing a computer system or network without authorization or explicit permission is illegal.

Features

  • Cross-platform (Windows, Linux, and macOS)
  • AES-256 encrypted C2 with D-H exchange
  • Accepts connection from multiple clients
  • Command execution
  • Standard utilities (cat, ls, pwd, unzip, wget)
  • System survey
  • Self-destruct
  • Primitive port scanning
  • Client reconnect

Usage

$ python basicRAT_server.py --port 1337

 ____    ____  _____ ____   __  ____    ____  ______      .  ,
|    \  /    |/ ___/|    | /  ]|    \  /    ||      |    (\;/)
|  o  )|  o  (   \_  |  | /  / |  D  )|  o  ||      |   oo   \//,        _
|     ||     |\__  | |  |/  /  |    / |     ||_|  |_| ,/_;~      \,     / '
|  O  ||  _  |/  \ | |  /   \_ |    \ |  _  |  |  |   "'    (  (   \    !
|     ||  |  |\    | |  \     ||  .  \|  |  |  |  |         //  \   |__.'
|_____||__|__| \___||____\____||__|\_||__|__|  |__|       '~  '~----''
         https://github.com/vesche/basicRAT

basicRAT server listening for connections on port 1337.

[?] basicRAT> help

Command             - Description
---------------------------------------------------------------------------
cat <file>          - Output a file to the screen.
client <id>         - Connect to a client.
clients             - List connected clients.
execute <command>   - Execute a command on the target.
goodbye             - Exit the server and selfdestruct all clients.
help                - Show this help menu.
kill                - Kill the client connection.
ls                  - List files in the current directory.
persistence         - Apply persistence mechanism.
pwd                 - Get the present working directory.
quit                - Exit the server and keep all clients alive.
scan <ip>           - Scan top 25 TCP ports on a single host.
selfdestruct        - Remove all traces of the RAT from the target system.
survey              - Run a system survey.
unzip <file>        - Unzip a file.
wget <url>          - Download a file from the web.

[?] basicRAT> clients
ID - Client Address
-------------------
 1 - 127.0.0.1

[?] basicRAT> client 1
Client 1 selected.

[1] basicRAT> execute uname -a
Running execute...
Linux meerkat 4.10.13-1-ARCH #1 SMP PREEMPT Thu Apr 27 12:15:09 CEST 2017 x86_64 GNU/Linux

execute completed.

Build a stand-alone executable



Keep in mind that before building you will likely want to modify both the HOST and PORT variables located at the top of basicRAT_client.py to fit your needs.


On Linux you will need Python 2.x, PyInstaller, and pycrypto. Then run something like pyinstaller2 --onefile basicRAT_client.py and it should generate a dist/ folder that contains a stand-alone ELF executable.


On Windows you will need Python 2.x, PyInstaller, pycrypto, pywin32, and pefile. Then run something like C:\path\to\PyInstaller-3.2\PyInstaller-3.2\pyinstaller.py --onefile basicRAT_client.py and it should generate a dist/folder that contains a stand-alone PE (portable executable).



Todo


  • Interactive shell

  • Client binary generation tool (cross-platform)

    • Pyinstaller

    • Switch options for remote IP, port, etc



  • Persistence (cross-platform)

    • Windows: Registry keys, WMIC, Startup Dir

    • Linux: cron jobs, services, modprobe

    • macOS: LaunchAgent, LaunchDaemons



  • Privilege Escalation (getsystem-esque, dirty cow)

  • Common C2 Protocols (HTTP, DNS)

  • Clean log files

    • Linux: bash history, var logs, audit logs, etc

    • Windows: Event logs, prefetch, etc



  • Screenshot

  • Keylogger

  • Expand toolkit (unrar, sysinfo)

  • Scanning utilities (probe scan / ping sweep, scanning subnet)

  • Password dumping (mimikatz / gsecdump)

  • Tunneling / Pivoting (ssh)

  • Anti-virus detection and evasion

  • VM and Sandbox detection

  • Exfil browser history

  • Search file system for sensitive information using regex

    • addresses, credit cards numbers, socials, PII, etc



  • Detect web cameras and take snapshots

  • Steal wifi passwords





Authors







YOU MAY ALSO LIKE: 
HARDEN TOOLS UTILITY THAT DISABLE RISKY WINDOWS FEATURES

JOIN OUR FACEBOOK GROUP FOR LATEST HACKING TRICKS AND MUCH MORE:
THE WHITE HAT HACKERS

Comments

Post a Comment

Popular posts from this blog

Install Conky Lua on your Linux machine and give it cool looks

Image
Conky is a free and light-weight system monitor for Ubuntu and other Linux distributions, that displays any information on your desktop with graphical interface. Conky is very popular among Ubuntu users and there are many beautiful themes available for it that can display your system information such as CPU usage, RAM usage, Clock, swap, disk, network monitor and more. My favorite theme for Conky is called Conky Lua which allows to display system information on nice rings. This Conky theme works on Ubuntu, Linuxmint, openSUSE, Debian and fedora. Download Conkey Lua here..  DOWNLOAD NOW!!!!!!! How to Install: First you must install Conky on your Ubuntu powered machine Open terminal in Ubuntu (Ctrl+Alt+T) and run the following command: sudo apt-get install conky-all Then download Conky Lua from  HERE DOWNLOAD!! Open your download folder and extract files from downloaded archive file. (right click on archive and select “Extract here”) We are using Ubuntu here so we extracted the ...
Read more

Clash of clans free download

Image
From rage-­filled Barbarians with glorious mustaches to pyromaniac wizards, raise your own army and lead your clan to victory! Build your village to fend off raiders, battle against millions of players worldwide, and forge a powerful clan with others to destroy enemy clans. PLEASE NOTE! Clash of Clans is free to download and play, however some game items can also be purchased for real money. If you do not want to use this feature, please set up password protection for purchases in the settings of your Google Play Store app. Also, under our Terms of Service and Privacy Policy, you must be at least 13 years of age to play or download Clash of Clans. A network connection is also required. FEATURES ● Build your village into an unbeatable fortress ● Raise your own army of Barbarians, Archers, Hog Riders, Wizards, Dragons and other mighty fighters ● Battle with players worldwide and take their Trophies ● Join together with other players to form the ultimate Clan ● Fight against riva...
Read more

BHIM: Changing India's method of payment

Image
Bharat Interface for Money(BHIM), is just launched and it has become one of the most trending news. People are asking about it and there is a lot of curiosity among them regarding that. So, Gadget Mentor is going to tell you all things associated with BHIM. Some Highlights of this application is here: 1. This app is developed by NPCI 2. Most secure payment app. 3. Totally based on Aadhar. 4. No need of passwords, it tranacts by your finger prints. 5. The best part, it works without internet. You have to register your bank account with BHIM, and set a UPI PIN for the bank account. Your mobile number is your payment address (PA), and you can simply start transacting. You can send, receive from friends, family and customers through a mobile number or payment address. Money can also be sent to non UPI supported banks using IFSC and MMID. You can also collect money by sending a request and reverse payments if required. BHIM app directly connects with your bank account number. You don't ...
Read more