Total Pageviews

Monday 3 May 2021

ToRat

 ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication.

https://lu4p.github.io/ToRat

A Cross Platform Remote Administration tool written in Go using Tor as its transport mechanism currently supporting Windows, Linux, MacOS clients.

DISCLAIMER

USE FOR EDUCATIONAL PURPOSES ONLY

Wiki

How to use ToRat Docker Image

Preview

Client Commands

CommandStatusInfo
cdWorkingchange the working directory of the client
lsWorkinglist the content of the working directory of the client
shredWorkingdelete files/ directories unrecoverable
screenWorkingtake a Screenshot of the client
catWorkingview Textfiles from the client including .docx, .rtf, .pdf, .odt
aliasWorkinggive the client a custom alias
downWorkingdownload a file from the client
upWorkingupload a file to the client
speedtestWorkingspeedtest a client's internet connection
hardwareWorkingcollects a variety of hardware specs from the client
netscanWorkingscans a clients entire network for online devices and open ports
gomapWorkingscan a local ip on a clients network for open ports and services
escapeWorkingescape a command and run it in a native shell on the client
reconnectNot Workingtell the client to reconnect
helpWorkinglists possible commands with usage info
exitWorkingbackground current session and return to main shell

Server Commands

CommandStatusInfo
selectWorkingselect client to interact with
listWorkinglist all connected clients
aliasWorkingselect client to give an alias
cdWorkingchange the working directory of the server
helpWorkinglists possible commands with usage info
exitWorkingexit the server

Current Features

Architecture

  • RPC (Remote procedure Call) based communication for easy addition of new functionality
  • Automatic upx leads to client binaries of ~6MB with embedded Tor
  • sqlite via gorm for storing information about the clients
  • client is obfuscated via garble

Server Shell

  • Cross Platform reverse shell (Windows, Linux, Mac OS)

  • Supports multiple connections

  • Welcome Banner

  • Colored Output

  • Tab-Completion of:

    • Commands
    • Files/ Directories in the working directory of the server
  • Unique persistent ID for every client

    • give a client an Alias
    • all Downloads from client get saved to ./$ID/$filename

Persistence

  • Windows:

    •  Multiple User Account Control Bypasses (Privilege escalation)
    •  Multiple Persistence methods (User, Admin)
  • Linux:

    •  Multiple Persistence methods (User, Admin)

Tor

  • Fully embedded Tor within go

  • the ToRAT_client communicates over TLS encrypted RPC proxied through Tor with the ToRat_server (hidden service)

    •  anonymity of client and server
    •  end-to-end encryption
  • optional transport without Tor e.g. Use Tor2Web, a DNS Hostname or public/ local IP

    •  smaller binary ~3MB upx'ed
    •  anonymity of client and server

Upcoming Features

Contribution

All contributions are welcome you don't need to be an expert in Go to contribute.

Credits


from  https://github.com/lu4p/ToRat

No comments:

Post a Comment