Sunday, 5 May 2013



RAT or Remote Administration Tool is a tool which helps to administers the system of a person without physical access to the system.This tool is highly used by a hacker and is very efficient.If a hacker is able to get installed a server (which can easily be done) in victims system then entire system of the victim is with the hacker! He can check logs,take screenshots,browse your folders,disable your anti-virus and much more !

RAT is basically a Trojan which has two parts :

Client : It can be considered as King which plays with or manipulates with the server(slave) which he has made.

Server: It can be considered as a Slave which is installed on the host (remote).

So now I'll talk about  how to create a successful Server with one of the Best RAT's available, that is DarkComet (v5.1) which is coded in Delphi XE and Delphi 2007.

So here it goes :

1. Download DarkComet (v5.1 is what I'll use here,but the basic process is same for all version so don't worry)
2.Now we will start building up the server.exe file.
   Click on the Blue Icon saying "DarkComet", go to "Server module" and choose ''Full editor" option.

You'll get something like this -

  Keep a security password if you want to.               
   Click on Random 4-5 times to generate new Mutex and see to it that Active FWB is checked.

2.Another column which you will see there is of PORT . DarkComet uses port 1604 so make sure it is open and forwarded.To know how to forward your port,visit -here you will get all the information about how to forward your port for your type of Modem.

3.Keep the following setting in module startup -

You can also check ''persistence installation'' if you want to(i recommend it).

 4.Following setting are ideal for Module Shield -

5.After this all the options may vary from person to person as per your requirement but i recommend to Activate the Offline Keylogger .

6.Compress the server if you want and you are done,click on ''Build the Stub" and a process will take place in which you will be able to see the algorithms and your server.exe is made (name it as per your requirement but keep .EXE intact)

Your server is Built now ! :)

But now problem arises that how will you send the server to the victim over internet as .EXE files cannot be transferred via facebook,yahoo,gmail or other sites.

So here come crypters and binders into play !
Crypters - It is software which is used to crypt your server to make it FUD (Fully Undetectable )

Binders - A binder is software which pumps up the size of your RAT which is usually in Kb's to some Mb's!
You can do this by binding your RAT with some song ,image etc.

No comments:

Post a Comment