CREATING Your 1ST RAT For KEYLOGGING/BOTNET AND SPYING

computerVirus_TrueIT-750x280

Things Needed For This Tutorial

DOWNLOAD:


Dark Comet: DarkCometRAT-5.3.1
No-ip DUC: Dynamic DNS Update Client (DUC) for Windows – No-IP


TABLE OF CONTENTS

Section 1
What is a RAT
Setting Up Your Host
Port Forwarding

Section 2
Creating Your RAT
Spreading Methods


Section 1

What is a RAT:
A Remote Administration Tool (otherwise known as a RAT) is a piece of software designed to provide full access to remote clients. It is when a you control a victims computer through bots istalled by your victim created by you giving you administrative control on that users computer. For example, you can control their computer, steal passwords, watch their screen/webcam, disable their desktop and taskbar and more, ect… the list goes on.


STEP 1:

Setting Up Your Host:

To start setting up your host you need to register for noip registration and fill in the information. Once that is done log into your account and click on add a host. Make the name whatever you want but make sure you choose no-ip.biz and leave all the other info alone. Now click add host. Once that is added open up the DUC you downloaded at the top of the thread. Sign in and click on add hosts and choose your host and let it refresh once everything has a check you can then close the program.
Then open up DarkComet.exe in the DarkComet531 folder you downloaded. It will look like this and click on Socket/Net.


STEP 2:

Port Forwarding

Right click on the top box and select “add port to listen” type in 200 and check the box and click listen. Go to start and type in cmd and hit enter. Then type in “ipcongif” and hit enter. Now look for default gateway and type in that number for example 192.168.x.x (replace x.x with the number). Log into your account for whatever company you have (I have optimum). If you don’t know ask your parents. Once you are logged in go to your firewall or your advanced settings and find port forwarding (mine is in advanced yours might be somewhere else). Click on “Add service” the name doesnt matter I named mine rat but it doesn’t matter for the port type in 200 because that’s what we used in our dark comet. For the type select TCP and hit Apply or whatever yours says. Now do this a second time but change the type to UDP and click on Apply. You have just port forwarded. To check go to here it should say success if it doesn’t redo these steps.


Section 2


STEP 1:

Setting Up Your RAT

To Start setting up your RAT go to Dark Comet and in the top left corner click on DarkComet-RAT, then Server Module, then Full Editor. Start on Main Settings and don’t worry about a password we aren’t using one its more suspicious. On the Process Mutex click random a bunch of times (Do this everytime for every new RAT you make). Do NOT change anything else or check active FWB. Next for the network settings you need to do this everytime for your RATs change the ip to your host address “example.no-ip.biz” and change the port to 200. Next, Module start up check start the stub with windows, Then change the drop file in and me it TEMP#/ and startup key name to “system32dll” because people should NEVER EVER delete their system32 check melt after execution so that means when they open up the stub it will automatically delete itself, and persistence installation which basically means no matter how hard they try they CANNOT delete the RAT unless you have DarkCometRAT Remover which I recommend you get in-case you get Ratted. Then check the boxes that say “hidden” and “system” for each column. You can create an install message which is the next thing under Module Startup. I recommend doing this because you can create a very realistic error message. What I normally do is check the box and select the X icon for an error and for the title type in Error742 I use 3 random numbers and for the message copy and paste this: “If you see this message there was an error opening this installation please close and restart the installation”. Next go all the way down to Choose Icon, I don’t recommend doing this unless you have an icon you want to use because DC doesn’t have realistic looking icons. Finally, Stub Finalization leave everything alone and make sure its on .exe and no compression. To save you a lot of time in the future selct save the profile and selct build stub. Put it where ever you want and name it whatever you want you can always rename it. When youre making your next sub you can click on the side it should say Settings-01 and that will load your settings. BUT MAKE SURE YOU CHANGE THE PROCESS MUTEX EVERYTIME, JUST CLICK RANDOM LIKE 5 TIMES. Now that your stub is created youre probably wondering how you spread it…


STEP 2:

Spreading Your RAT

For beginners you can find people on Skype and make up fake things…such as I had one kid who lost his steam and I sent him a Steam Account Recovery and I got him…or I got another kid with Pay Pal Money Adder… If you want to know even better ways I am selling an eBook pack with 5 SUPER DETAILED eBooks and spreading methods.


EXTRA TIPS:


If you want to check if your RAT works download this program and right click on your RAT and click run Sandboxed and to see if it works you will come up on your DarkComet program to test things just double click on your computer on DC and you will see loads of option. To stop go to DC right click on your computer click uninstall at the bottom or press delete on your keyboard. Then go to the bottom right of your computer and you will see the sandboxed logo right click and close it.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s