Menu

ToRat: Remote Administation Tool using Tor as a Transport Mechanism

Comments Off on ToRat: Remote Administation Tool using Tor as a Transport Mechanism

A Cross-Platform Remote Administration tool written in Go using Tor as its transport mechanism currently supporting Windows, Linux, MacOS clients.

Features

  • the ToRAT_client communicates over TCP(with TLS) proxied through Tor with the ToRat_server (hidden service)
    • the anonymity of client and server
    •  end-to-end encryption
  • Cross-Platform reverse shell (Windows, Linux, Mac OS)
  • Windows:
    • Multiple User Account Control Bypasses (Privilege escalation)
    • Multiple Persistence methods (User, Admin)
  • Linux:
    • Multiple Persistence methods (User, Admin)
  • optional transport without Tor e.g. Use Tor2Web, a DNS Hostname or public/ local IP
    •  smaller binary
    • the anonymity of client and server
  • embedded Tor
  • Unique persistent ID for every client
    • give a client an Alias
    • all Downloads from client get saved to ./$ID/$filename
QuasarRAT – Open-Source Remote Administration Tool for Windows

Server Shell

  • Supports multiple connections
  • Welcome Banner
  • Colored Output
  • Tab-Completion of:
    • Commands
    • Files/ Directories in the working directory of the server
      CommandInfo
      selectSelect client to interact with
      listlist all connected clients
      aliasSelect client to give an alias
      cdchange the working directory of the server
      exitexit the server

Shell after selection of a client

  • Tab-Completion of:
    • Commands
    • Files/ Directories in the working directory of the client
CommandInfo
cdchange the working directory of the client
lslist the content of the working directory of the client
shreddelete files/ directories unrecoverable
shredremovesame as shred + removes the shredded files
screentake a Screenshot of the client
catview Textfiles from the client including .docx, .rtf, .odt
aliasgive the client a custom alias
downdownload a file from the client
upupload a file to the client
escapeescape a command and run it in a native shell on the client
reconnecttell the client to reconnect
exitbackground current session an return to main shell
elsethe command will be executed in a native shell on the client
Pupy – A Cross-platform Remote Administration and Post-Exploitation Tool

Setup

How to setup

Repository

The important parts live in

Client

Server

TLS certificate generator

Upcoming Features

  • Privilege escalation for Linux
  • Persistence and privilege escalation for Mac OS
  • Support for Android and iOS
  • Cat with support for .pdf files
  • File-less Persistence on Windows

Related Articles

ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
Menu
Live Chat
RESOURCES
Menu
Get Started
TOOLBOX
Menu
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Instagram Youtube
Do NOT follow this link or you will be banned from the site!