* Remote Administration Tools * How to Control a P.C With out any Physical Interference
Remote administration
tools aka RAT’s is a piece of
software that allows a
remote “operator” to
control a system as if he
has physical access to that system. While desktop
sharing and remote
administration have many
legal uses, “RAT” software
is usually associated with
criminal or malicious activity. Malicious RAT
software is typically
installed without the
victims knowledge, often
as payload of a Trojan
horse, and will try to hide its operation from the
victim and from anti virus
software’s. The operator controls the
RAT through a network
connection. Such tools
provide an operator the
following capabilities:
[]Screen/camera capture
or image control
[]File management
(download/upload/
execute/etc.)
[] Shell control (from
command prompt)
[] Computer control
(power off/on/log off
if remote feature is
supported)
[] Registry management
(query/add/delete/
modify)
[] Other software
product-specific
functions
Its primary function is for
one computer operator to
gain access to remote PCs.
One computer will run the
“client” software
application, while the other computer(s) operate as the
“host(s)”.
RAT trojans can generally
do the following:
[]Block mouse and
keyboard Change your desktop
wallpaper Download, upload,
delete, and rename files Drop viruses and
worms Edit Registry Format drives Grab passwords, credit
card numbers Hijack homepage Hide desktop icons,
taskbar and files Log keystrokes,
keystroke capture
software Open CD-ROM tray Overload the RAM/ROM
drive Print text Play sounds Randomly move and
click mouse Record sound with a
connected microphone Record video with a
connected webcam Shutdown, restart, log-
off, shutdown monitor Steal passwords View screen View, kill, and start
tasks in task manager
Some famous RAT’s and
their links.
Darkcomet Rat
Cybergate Rat
Blackshades Rat
0 comments: