How to Hack the remote system using Remote Administration Tools?

Today let us start our article with conversation.

What is RATs (Remote Administration Tools)?

N00b: Hello BreakTheSec, i heard a new Keyword RATs in hacking world? what is it? I know only about this rats.

BreakTheSec:  RATs are known as Remote Administration Tools. I hope you understand what it does from the name itself.

N00b: So it is used for hacking remote pc right?

BreakTheSec: Yes it is used for hacking into victim computers remotely. Using RATs you can get control over the remote PCs.

N00b: ok. Can you explain more about the use of RATs?

BreakTheSec: yes Sure. Here it is

Use of RATs(Remote Administration Tools)

You are able to install any malicious software(keyloggers…)
Able to monitor the Chat windows
Turn off the system remotely
You can disable antivirus/registry/restore point
Stealing the passwords and License key of their software.
Able to access Control panel
You can add or remove any programs
Show Fake Error messages to victim
Control Printers
Format the Entire Hard drive.
Open FTP(File Transfer Protocl) and transfer files
Control Internet Browser
more fun…

N00b: Thank you BreakTheSec. How to do that?

How to work with RATs ?
Step 1:

First of all you have to download Remote Administration Software and install in your system.

Step 2:
Then you have to create a server using the RAT software. Here , server is our trojan that is going to bring control over the victims system.

Step 3:
Bind the server with any files(JPEG,doc,txt…). You can bind this using some binder. Most of RATs provides Binding option also.

Step 4:
Send this file to Victim. Once the victim open the file, the server will start to run. It will disable Antivirus, registry,…depending on your configuration.

Step 5:
Find the IP address of the Victim(there is different methods to find IP address, read my previous articles). Once you got the IP address, using your Remote Administration Tool, you can connect to the Remote System.

Now World is under your control.

Noob: wow. hey BreakTheSec I have heard some where about Reverse connection in RATs. what is that?

Connections in RATs
Direct Connection:
In Direct connection, Our system(Remote administration tool installed) is client and the victim system act as server. Our system connects to the Remote System and take control over the system. You have to find the IP address of Victim and connects to the system. Some high secure Firewalls will block the Connecting to the system on Open ports.

Reverse Connection:

Reverse connections is for bypass the Firewall Restrictions on Open ports. Firewall Restrict the Open ports but not the outgoing traffics.
In a Direct connection, client connects with Server using the Open port of Server.
In reverse connection, client open the ports and server connects to the open port.

I think you confused little bit , right? In simple words,
Victim computer connects automatically to our computer in reverse connection (in Direct connection, we have to connect to victim system using their IP address).

got it?

Advantages of Reverse Connection:

  • You don’t need to know what is victim IP address(because it is connecting to our system).
  • Bypassing the Firewall Restrictions

Here is the List of Popular RAT Softwares:
Popular Remote Administration Softwares List

Undetectable by Antivirus:
N00b: Most of antivirus detects the server file as virus. What i can do?

BreakTheSec: So you don’t know about FUD ?

N00b: What is FUD menas to?
BreakTheSec: follow this link to know about Crypters

N00b: Can i get traced by victim?
BreakTheSec: No.  A system gets over 300 connections.  It is hard to trace you.

This is just for educational purpose only. Using RAT to control unauthorized system is completely a crime. So Please don’t try to do. (Discussing or Reading about thief technique is not crime but implementing)