Chapter 10 : RATs (Hacking on Server’s PC)

 Introduction :A Remote Administration Tool (known more commonly on the Internet as a RAT) is used to remotely connect and manage a single or multiple computers with a variety of tools, such as: Screen/camera capture or control File management (download/upload/execute/etc.) Shell control (usually piped from command prompt) Computer control (power off/on/log off) But this can also be misused. It is used only on one servers means you can use RAT on all the computers connected to your LAN system . Usually in schools/universities hostels where there is a net system using LAN.You can use RAT there to hack the system of ur friend sitting in any other room …..RAT Trojan Horses :Many trojans and backdoors now have remote administration capabilities allowing an individual to control the victim’s computer. Many times a file called the server must be opened on the victim’s computer before the trojan can have access to it. These are generally sent through email, P2P file sharing software, and in internet downloads. They are usually disguised as a legitimate program or file. Many server files will display a fake error message when opened, to make it seem like it didn’t open. Some will also kill antivirus and firewall software. RAT trojans can generally do the following: Download, upload, delete, and rename files Format drives Open CD-ROM trayDrop viruses and wormsLog keystrokes, keystroke capture software Hack passwords, credit card numbers Hijack homepage View screen View, kill, and start tasks in task manager Hide desktop icons, taskbar and files Print text Play sounds Randomly move and click mouse Record sound with a connected microphone Record video with a connected webcam Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on April Fool’s day or a holiday. Prank RATS are generally not harmful, and won’t log keystrokes or hack. They usually do disruptive things like flip the screen upside-down, open the CD-ROM tray, and swap mouse buttons. However, they can be quite hard to remove.Popular RAT Software : Shark Bifrost Bandook BO2K ProRAT SpyRAT HackRAT Netbos Optixe AutoSpY Nclear Amituer Bandk Yuri RAT Y3k RAT slha RAT Openx RAT Poison Ivy RAT Mosucker SubSeven RAT Nuclear RAT NetBus RAT ProRAT megapanzer LanHelper But i suggest using optix proso a short tutorial on how to use optix for you guys..How to use it ?So a short tutorial on how to use optix for you guys..1) INTRO :It isnt that hard to use.The Program used to build server files are :.ClientClient.exe = Client.BuilderBuilder.exe = Builder WARNING: DO NOT RUN THE FILE(s) THAT YOU CREATE WITH BUILDER.EXE – THESE FILES ARE THE ONES INTENDED TO RUN ON THE REMOTE COMPUTER THAT YOU WANT.TO REMOTELY ADMINISTRATE, NOT YOUR OWN!!!!2) Quick Start Tutorial:1) Open Builder2) Click”Build/Create Server:” button3) Save Server as “server.exe”4) Click UPX Packing5) Click OK6) Run Server.exe on the computer you wish to administrate (WARNING: NOT ON YOUR OWN COMPUTER!!!)7) Open Client8) Type in IP Address of other computer9) Hit the Green Button in top-right hand corner to connect!To find out exactly how to use a particular part of the program, simplyhover your mouse button over the face of a button, control etc. and a”help hint” will appear instructing you as to the purpose of thatparticular field/button etc.UPX Packing is automated in the server build process if you wish to packyour file!to get an up-2-date copy of BlackFire’s cgi logger (cgi notification)go to:http://www.bfndevelopment.com/However a new logger (alternativecgilogger.zip) is also provided inthis version. Advanced users check it out!3) FEATURE LIST :v1.33 – Client Side :COMPATIVBLE WITH ALL PAST SERVER VERSIONS! in a limited way! (own risk)Client SOCKS 4/5 SupportPower Options – logoff,suspend,reboot,shutdown etc.Server Information – Get info about builder settingsFile ManagerProcess ManagerWindows ManagerRegistry ManagerFTP ManagerSOCKS 4/5 ServerRemote IP ScannerPort RedirectApplication RedirectService ManagerMessage BoxMatrix Chat (Client-2-vic)Client-2-Client chatComputer InformationGet Passwords – (RAS/Cached – 9x and AIM)Online Key Logger – (now window titles)Screen Capture with left click mouse manipulationKeyboard Manipulation – (more advanced)Cam CaptureSendKeys – old version of SendKeys for older serversHumor normals – Flash keyboard lights, Monitor on/off, Disable keyboard/mouse etc.Humor Screen Printer – print text to their screen!v1.33 – Server Side :COMPATIBLE WITH ALL PREVIOUS CLIENT VERSIONS! in a limited way! (own risk)Configurable:Notification Information SeparatorsIP Address SeparatorInfo included in any NotificationIdenfitication NameServer PortServer PasswordFake ErrorServer IconRegistry Run startupRegistry RunServices startupwin.ini startupsystem.ini startups7 special method startup!Server File NameStart Directory (windir/sysdir)Melt ServerUnlimited ICQ Number NotificationUnlimited CGI Script NotificationUnlimited IRC Server/channel NotificationUnlimited PHP Script NotificationUnlimited SMTP NotificationToggling killing of in-built exe/service list for firewallsToggling killing of in-built exe/service list for Anti-VirusToggling killing of in-built exe/service list for packages classifed as both anti-virus and firewall!Unlimited Number of custom exe’s to killUnlimited Number of custom services to killEasily Automated UPX Packing if needed.Option for unpacked or packed server with your own packer if wanted (instructions clear)

Read More Post