About Me

I have lived in the "Underground" world of Hacking, Fraud, Viruses, Warez and such since I was very young. I have multiple accounts on a menagerie of Public and Private sites, forums and FTPs. I have learned the secrets that very few have access to. I hope to enlighten you with a little of this knowledge. In this blog I will post tutorials, downloads and other things that people on "The Scene" don't want you to have. I am. Silent Monk.

Thursday, January 20, 2011

What is a RAT?



If you are interested in controlling your own or other people's computers remotely then what you need is a RAT.

What is a RAT?
Well to start off, the term RAT is short for Remote Administration Tool.
A quick definition of a RAT (Remote Administration Tool): RATs are used to connect and manage a single or multiple computers with a variety of tools, such as:
  • Screen/camera capture or control
  • File management (download/upload/execute/etc.)
  • Shell control (usually piped from command prompt)
  • Computer control (power off/on/log off)
  • Registry management (query/add/delete/modify)
  • Password Stealers (Browser/MSN/ etc.)
  • Other product-specific function
Direct Connection
A direct-connect RAT is a simple set-up where the client connects to a single or multiple servers directly. Stable servers are multi-threaded, allowing for multiple clients to be connected, along with increased reliability.
Reverse Connection
RATs that utilise a reverse connection have a few major advantages, such as the ones listed below:
  • Outgoing connections are generally less likely to be detected or blocked by a firewall, such as a router.
  • Since the remote computer is connecting to the remote administrator, he or she will not need to know the remote IP address in order to connect.
  • The remote administrator does not need to know to which or how many computers the RAT is being installed on, which allows for mass-distribution.
  • If mass-distributed, it is much easier to keep track of the computers the RAT is installed on, since they are all "calling home" by connecting to the remote administrator.


Are RATS Legal/Illegal?
Well, It is actually both. There are RATs that are Legal and that are actually Illegal. The difference between them both are the fact that, Legal RATs inform the connected remote that you are on the computer, And Illegal RATs do NOT inform the remote that you are on the computer.
So basically to break things down.
Legal means the person has full control as well, They can kill the connection any time they please, No backdoor is left on their PC, And it is in your network.
Illegal means the person does NOT know you are connected and they have no knowledge you are till you take action, They have no control to kill the connection (unless they disconnect from the internet), But even then, a backdoor is left on the computer meaning anytime the computer is on and the internet is up, you can still connect if you want. You can destroy files, download files, steal information, and basically make their life miserable.

Some legal RATS are:
Teamviewer - TeamViewer establishes connections to any PC or server all around the world within just a few seconds.
Ammyy Admin - Ammyy Admin is a highly reliable and very friendly tool for remote computer access.
Mikogo - Mikogo is an easy-to-use cross-platform desktop sharing tool, ideal for web conferencing, online meetings or remote support.
Ultra VNC - UltraVNC is a powerful, easy to use and free software that can display the screen of another computer (via internet or network) on your own screen. Schools often use a version of this to keep an eye on the students.

Some illegal RATS are:
CyberGate - Cybergate is a very reliable RAT with lots  and a personal favourite.
Poison Ivy - Poison Ivy is also quite popular in the Underground, mainly due to a large number of features. However, it can be quite buggy at times and can't handle large amounts of victims (I usually have around 5,000 online at a time).

Spy-Net - Virtually the same as CyberGate due to them having the same base. Some say Spy-Net is more stable but I disagree.
Albertino - A very good RAT that costs money (all the good ones do). This RAT doesn't need crypting (I will write up on crypting later) as it does it all itself.
BlackShades - In my opinion this is the best RAT out there. It costs US$50 but is definitely worth it as it is extremely stable (can hold my 5,000 with no lag), has a huge feature list and excellent support.


Port Forwarding

We can start by calling it Port Forwarding, but it is also known as Port Mapping.
There are a couple of concepts you need to know before you can understand port forwarding. I'm going to make a couple broad statements that are almost always true. For simplicity lets assume they are true for now.


1.) Every device on the internet has at least one ip address. The IP address is a number that is used to identify a device.

2.) Every IP address
is divided up into many ports. When one computer sends data to another computer, it sends it from a port on an IP address to a port on an IP address. For more information on ports refer to our What is a Port page.

3.) A port can only be used by one program at a time.

Port Forwarding is needed in order to send commands to and from your RAT. If you have a direct connection to the internet (i.e. your computer is connected to your modem) then Port Forwarding is not needed. If you have a router, however, Port Forwarding allows the commands to go through the router and not get blocked by it.

Now you know what a RAT is!


Note: I will write a post later about how to choose a RAT, set it up and use it later on. For now this just explains what a RAT is.

Thanks for reading and don't forget to check back for more Underground Secrets!
Posted by at 2 comments:
Subscribe to: Posts (Atom)