Shulou(Shulou.com)05/31 Report--

Today, I will talk to you about how to use python to do a PyRat. Many people may not know much about it. In order to make you understand better, the editor has summarized the following content for you. I hope you can get something according to this article.

PyRat

PyRat, a remote control open source project based on python XmlRPC, includes client side and server side (also known as control side, later collectively referred to as server side).

Statement: the project is for technical exchange only, please do not use it for commercial and illegal purposes, if there are any legal disputes have nothing to do with me!

Project address: https://github.com/anhkgg/PyRat

Because XmlRPC is based on the http protocol, PyRat can ignore the firewall and communicate and control more elegantly.

The cross-platform feature of python enables the PyRat client to support different platforms such as Windows/Linux/Macos. Currently, it supports the Windows/Linux platform, and other platforms have not been tested.

The command line control and management on the server side is full.

Currently, the client supports basic information, upload, download, cmdshell, run software, end process, update, uninstall and other functions

Dependence

Python2.7

Colorama (server side)

TODO

Other platforms such as compatibility testing Macos

Add more functions, such as file operation, batch breakpoint file transfer, remote desktop, screenshot, account operation, etc.

Server visualization

Welcome, PR.

Basic use

Client

> python.\ pyratcli.py localhost 80

Server side

> python pyratsvr.py 80-Python RAT---anhkgg---Copyright (C) 2018-Software for technical exchange only Do not use it for commercial or illegal purposes, if legal disputes arise, it has nothing to do with me!-Task command--- | (l) ist (a) live (k) ill (s) elect (p) rint (c) mdshell (n) ew (d) ownload (r) unexec (u) pload (t) erminate (Q) uit (h) elp |-- cmd >

After the client goes online, the server will be prompted, and the latest online client will not set the default operation target.

Cmd > test-3333333 is online.Auto set target test-3333333

Help or h lists all the commands supported by the server.

Cmd > help (l) ist: list all clients (a) live: list alive clients (k) ill: delete client (s) elect: select target client (p) rint: show current client (c) mdshell: create a cmdshell, type q to exit cmdshell (n) ew: update client version (d) ownload: let client download a file (r) unexec: let client run an exe (u) pload: upload a file to client (t) erminate:terminate process (Q) uit: quit server client Management

The server uses sqlite to save the basic information and task information of the client, and the client can be managed through commands.

/ / enumerate all clients cmd > ltest-3333333 offline 2018-03-20 2222 client_id | version | localip | remoteip | osversion | firsttime | lasttime | status10 | test-3333333 | 0.1.0 | 192.168.149.1 | 114.245.47.12 | test | Windows10.0.16299 | 2018-03-17 12:39:56 | 2018-03-20 22:46:59 | 0cmd > / / enumerate online clients cmd > ano alive client// Delete client database records or uninstall client cmd > ktarget cid (or ALL): test-3333333Do you want to uninstall client?

If you need to control the client, you need to select the customer target to operate through select or s.

Cmd > c / / if you want to enter cmdshell, prompt no target Please first set target client by (s) elect command.cmd > s / / set target client_id:test-3333333Set target client: test-3333333// to view the current target cmd > ptest-3333333cmdshell

Enter cmdshell through cmdshell or c and remain in the cmdshell operation directory unless you actively type Q.

Cmdshell records the operation directory, such as cd c:\, where the next operation will take place, implementing a cmdshell similar to a pipe connection.

In addition, if you start a process through cmdshell, some processes may block the return of messages, so it is not recommended to use runexec instead.

Cmd > cRAT-CMD > dirRAT-CMD > test-3333333 do cmdshell (195) the volume in dir True drive D is the directory where the serial number of the gitrepo volume is EB2F-5AC0D:\ PyRat\ client on 2018-02-24 09:40. 2018 / 02 * .pyc 5 files 10930 bytes 2 directories 647836565504 available bytes RAT-CMD > verRAT-CMD > test-3333333 do cmdshell (196) ver TrueMicrosoft Windows [version 10.0.16299.309] RAT-CMD > tasklistRAT-CMD > test-3333333 do cmdshell (197) tasklist True image name PID session # memory use = = System Idle Process 0 Services 0 8 KSystem 4 Services 03564 Ksmss.exe Services 0412 Kcsrss.exe 492 Services 01700 KCalculator.exe 21656 RDP-Tcp# 85 1 56772 KRAT-CMD > tasklist | findstr CalRAT-CMD > test-3333333 do cmdshell (51856) tasklist | findstr Cal TrueCalculator.exe 21656 RDP-Tcp#85 1 51856 KRAT-CMD > taskkill / IM Calculator.exeRAT-CMD > test-3333333 do cmdshell (201) taskkill / IM Calculator.exe True succeeded: a termination signal was sent to the process "Calculator.exe" The PID of the process is 21656. RAT-CMD > taskkill / PID 21656RAT-CMD > test-3333333 do cmdshell (202) taskkill / PID 21656 True succeeded: a termination signal was sent to the process, and the PID of the process was 21656. File operation

File upload and download are supported, in which downloading supports downloading network files and server-side local files, and only single file upload and download are supported for the time being.

Cmd > durl (type N to download local file): n / / choose to download local files local file:db.dbdest path:db.dbcmd > test-3333333 do download local db.db db.db Truedownload successcmd > durl (type N to download local file): https://dl.360safe.com/360/inst.exe / / download network files dest path:inst.execmd > test-3333333 do download (204) net https://dl.360safe.com/360/inst.exe inst.exe Truedownload success run Software cmd > rrun target:inst.exerunexec inst.exe end process cmd > tSelect type (name/pid): nameprocess name:notepad.execmd > test-3333333 do terminate (212) name notepad.exe True succeeded: a termination signal was sent to the process "notepad.exe" The PID of the process is 25416. problem

A possible coding problem was found in the test.

After reading the above, do you have any further understanding of how to use python to get a PyRat? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.