hussein-aitlahcen/BlackHole: C# RAT (Remote Administration Tool)
2021-07-27 20:40:10 Author: github.com(查看原文) 阅读量:188 收藏

Build status

  • C# RAT (Remote Adminitration Tool)
  • Educational purposes only
  • protobuf-net : message serialization/deserialization in slave<->master protocol
  • NetMQ : network library used for the slave<->master system (client<->server)
  • Lz4.Net : compression library
  • ILMerge : packaging assemblies into a single excecutable
  • Reverse connection (extremly simple)
  • Slaves management (connection/disconnection)
  • Remote file browser
  • Remote file downloader
  • Remote file execution
  • Remote desktop (quality + fps)
  • Cancelable download/upload
  • Remote webcam capture
  • Password recovery from differents sources

We pack the slave into a single .net executable with ILMerge, then we create the according C++ file with the PayloadBuilder. Finally, we build the Loader. When the target start the loader, it will load the CLR and dynamically load the packed Slave from its memory (managed C# executed inside C++ launcher).

  1. Build BlackHole.Slave (Will automaticly be packed with its dependencies using ILMerge)
  2. Launch BlackHole.PayloadBuilder (will create a C++ file containing the packed slave in binary format)
  3. Build BlackHole.Loader
  4. Enjoy delivering a single C++ executable

alt text

alt text

alt text

alt text


文章来源: https://github.com/hussein-aitlahcen/BlackHole
如有侵权请联系:admin#unsafe.sh