A RAT made in Python
This Projects aim was to make a Remote Access Trojan for education purposes only and would only run on a local server. Based on the idea of the PY#RATION threat currently doing the rounds;
It will be built in Python, the concept is you create a client.py and a server.py . The server would be used as the control program and the client.py would be what was running as a service on the target.
It will require while loops to keep the service alive with an infinite loop untill a command is recieved.
Aims of this project:
Create a working infinite/while loop to keep the target alive.
Allow the creation of an object on the Target.
make use of the socket and subprocess commands.
End result Using a small amount of code we were able to create a door on the client side to the server with a while loop on both sides keeping it alive for persistence. With the service running on both sides the terminal can be used to create more files or folders on both ends.
Such a simple threat can use a Socket protocol to communicate with the command and control (C2) server and to exfiltrate data from the victim host as well as add more to the target which could allow for further excalation.
This Vulnerability is dangerous in its simplicity and the fact it leverages Python's built-in Socket.IO framework, WebSockets can simultaneously receive and send data from and to the C2 over a single TCP connection using ports commonly left open in networks like 80 and 443.