Locked Arbitrium-RAT CLI

[itsMe]

This is the hidden content, please

• Sign In
• or
• Sign Up

Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules

Disclaimer

This tool was made for educational purposes only. I urge anyone who would use this tool to only use it on targets he/she is authorized to access as a remote control tool. I hold no responsibility if one used it for any unlawful activity.

About:

Arbitrium is a cross-platform remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding. It gives access to the local networks, you can use the targets as a HTTP proxy and access Router, discover local IPs and scan their ports. Includes modules like Mimikatz, new modules can easily be added. In addition, if Arbitrium is used with a DNS spoofing software is can spread autonomously between devices (#AutoSpread). Arbitrium is a multiple parts project, the parts were built using Java, JS, C, Python, Cordova and VueJS.

Features:

FUD/Encoders

With few clicks the CLI will generate an undetectable ready-to-use client.

    Abstract synthax encoder: at each generation this encoder will create a client with a different size and a different source code but without impacting the functionnality of the client, which will make static analysis much harder for AVs, as soon an existing client become detectable, all you have to do is generate a new client which will hold a new source code. This encoder is still experimental and there is still a lot to do, but the tests done showed very promising results.

Firewall

Arbitrium doesn't require adding an exception to the firewall, or a port forwarding rule. The server is an API with endpoints that receives tasks for a specific target and others that the trojan periodically request to get the new instructions, the instructions can be a JavaScript file (the Android app is made using Cordova) or a Shell file to run in the terminal/CMD. Once the server receives a task for a device, the former schedule the task then it opens a child process where it waits for the trojan's response by listening to a dedicated ephemeral port. Therefore, the trojan doesn't need to listen to any port.

Battery optimization / StealthMode

Unlike with Stock Android, customizations like MIUI by Xiaomi, EMUI by Huawei or Samsung's Android Pie ignore the permissions/exceptions given to an app by the user. So if you try to run an Android's trojan in the background, the moment the app start running frequent or heavy (in some cases even lightweight) tasks (ex: sending http requests periodically) it will be killed no matter what permissions the user grants, ths OS completely ignores the current settings, dontkillmyapp.com is an known website dedicated for this particular issue.

The aforementioned issue was quite annoying while working on this project, after awhile I found that building a lightweight binary that keeps running the assigned tasks in the background while the MainActivity stand still just after launching the binary apears to bypass most the restrictions and actually even improve the performance of the App.

MainActivity receives a JS file from the server and uses ThreadPoolExecutor to initiate the binary without hanging for it to exit (More on this StealthMode/BatteryBypass).

Web interface

There is also a control panel, it's not a requirement but an extension, it's a simple VueJS webapp, a UI you can use to control the targets instead of directely sending requests to the API. The webapp is available here: Arbitrium WebApp

This is the hidden content, please

• Sign In
• or
• Sign Up

This is the hidden content, please

• Sign In
• or
• Sign Up