4b4db4b3 / b4db4b3-rat Goto Github PK

Program for remote computer management with Telegram on native C++ - by B4DB4B3

License: MIT License

C++ 98.64% C 1.36%

b4db4b3-rat telegram-rat virus remote-administration-tool b4b3-rat badbabe-rat babe-rat rat telegram telegram-virus

b4db4b3-rat's Introduction

-= B4DB4B3-RAT =-

Program for remote computer management using Telegram on C++ - by B4DB4B3
P.S: I didn't do animations on buttons. I can do it in the future, If you like the project

[Interface]

[Weight of stub and builder]

Around 600-500 KB

[Commands (Will be added)]

View command list

Process manager:

Command name	Parameters	Description
/user[ID] processes		get process list
/user[ID] closeproc	[processname.exe]	close process
/user[ID] inject_dll	[processname.exe] [C:\Path\To\File.dll]	inject dll in process
/user[ID] inject_shell	[processname.exe] [shellcode]	inject shellcode in process

Auxiliary:

Command name	Parameters	Description
/user[ID] loader	[https://google.com/file.exe] [C:\ProgramData\file.exe]	upload file from [LINK] to [PATH]
/user[ID] run	[C:\ProgramData\file.exe] [Args to run file / Or empty]	run file from [PATH] with arguments [ARGS]

Jokes:

Command name	Parameters	Description
/user[ID] disable pc		disable computer of user
/user[ID] close		close user
/user[ID] disable display		disable display user

File manager:

Command name	Parameters	Description
/user[ID] dir	[C:\Folder]	show files and folders in directory
/user[ID] dir del_file	[C:\Path\To\File.exe]	delete file in directory
/user[ID] dir write	[C:\Path\To\File.txt] [Example text]	write text in file
/user[ID] dir read	[C:\Path\To\File.txt]	read text in file

Service manager:

Command name	Parameters	Description
/user[ID] service show		show all drivers in system
/user[ID] service add	[Name] [DisplayName] [C:\ProgramData\yourdriver.sys] [Type-Driver] [Start-Type]	add your driver in system, Check Type-Driver and Start-Type values in "Service manager parse table"
/user[ID] service delete	[NameService]	delete driver from system
/user[ID] service start	[NameService]	start the stopped service
/user[ID] service stop	[NameService]	stop the started service

Screen manager:

Command name	Parameters	Description
/user[ID] screenshot		take screenshot, upload her on prnt.sc and send you

BotNet:

Command name	Parameters	Description
/botnet start	[https://google.com]	all users send requests on site
/botnet stop		stop sending requests

CMD manager:

Command name	Parameters	Description
/user[ID] system	[/c ping google.com]	run cmd.exe with arguments (hidden)

File cryptor:

Command name	Parameters	Description
/user[ID] filecrypt	[C:\Path\To\File.exe] [yourkey]	crypt file with AES256
/user[ID] filedecrypt	[C:\Path\To\File.exe] [yourkey]	decrypt file with AES256

RAT:

Command name	Parameters	Description
/online		show online users

[Coming soon]

[CHANGELOG]

View changelog

Date	Time	Description
17.10.2020	16:30	Code is optimized, added commands
18.10.2020	18:40	Code is refactored and optimized, fixed bugs (command inject dll didn't work), added new function in builder (write in scheduler task), updated GUI, added re-launch protection, added commands
19.10.2020	01:30	Deleted traces of debugging (sorry for this), added more information about PC
19.10.2020	17:20	Clear warnings, added Service manager
20.10.2020	11:19	Code review, bug fix, added new function (screen manager) (wrote yourself api on wininet for work with prnt.sc api)
20.10.2020	18:49	Update GUI (change location objects)
24.10.2020	17:11	Added function for inject shellcode in process
30.10.2020	14:29	Added botnet
03.11.2020	16:53	Fixed command "system" (cmd manager). Added new commands in service manager (start, stop driver). Cmd manager:
07.11.2020	22:16	Code refactored. Warnings deleted. Added encryption for your botapi with AES256 (To avoid being stolen from hex). Update list of processes (AntiDebug).
08.11.2020	20:25	Added file cryptor. See command list
19.11.2020	20:20	Code refactored. Fixed command "dir del_file". Added commands in File Manager: "dir read" and "dir write" to read and write files (see command list)
12.02.2021	23:30	Fix crash in Anti-Analysis & Anti-Debug function
30.05.2021	13:21	A process is started that makes sure that the RAT does not close

Service manager parse table:

[service add] params [Type] driver

String param	Value
win32-service	SERVICE_WIN32
adapter-service	SERVICE_ADAPTER
kernel-driver	SERVICE_DRIVER
interactive-process	SERVICE_INTERACTIVE_PROCESS
user-service	SERVICE_USER_SERVICE
userservice-instance	SERVICE_USERSERVICE_INSTANCE
pkg-service	SERVICE_PKG_SERVICE

[service add] param [StartType] driver

String param	Value
auto-start	SERVICE_AUTO_START
boot-start	SERVICE_BOOT_START
demand-start	SERVICE_DEMAND_START
disabled	SERVICE_DISABLED
system-start	SERVICE_SYSTEM_START

[LICENSE]

is licensed under MIT License - https://mit-license.org/

b4db4b3-rat's People

Contributors

Stargazers

Watchers

b4db4b3-rat's Issues

Good ideas!

Add a global task.(For example: download and run a specific file.).
Make a more specific path for the drop.
Windows defender bypass (adding a file via powershell command to wd exception).
Add the ability to run files through memory by injection. (For example: load_to_memory byte[], host_process, arguments).

There is a dll on the github that allows you to perform such actions for x64 files (You can find it by requesting Mandark / Mandark.dll).

please, add stealer

hello there, creator, please, add stealer function in ur rat ;)

Error when building

Hi,
I build this project with Visual Studio Community 2019 but got these error:

...\B4DB4B3-RAT-main\B4B3-RAT\Builder\common.h(34,10): fatal error C1083: Cannot open include file: 'modes.h': No such file or directory

And I use your buider but the rat cannot add to startup. Maybe you could help.
Thank you,

It does not work properly

Doesn't copy itself to the drop folder
It endless creates new and new copies of processes
Doesn't delete itself when checkbox is selected

When I made my rat, inserted bot id and chat id, also specified some parameters and collected. After launching the bot, there was no reaction, I tried to restart it, but alas. I think there is a problem with sending a request, there are no problems with the Internet connection

I am hope for your help

Please update !!!!

rat works after build and run, but the problem with rat is that, about 5 minutes after execution, no command is executed from the bot and there is no program from within the task manager and it is closed automatically.

microphone

very cool!

please make an update with the ability to record a microphone.

and to run it only when you have an internet connection.

дуже надіюсь, що ви не покинули цей проект. дякую вам, з нетерпінням чекаю відповіді та оновлення.

Is the project buggy?

hello bro ,
your botnet when starting with visual shows error unanle to start progam even though it's compiled, please answer that,pless ,hmm ...

Not work!!!!

Hi, I have a problem, when I test the rat, the builder program sends a message to the bot, but when I build and run the rat, there is no response and no message for the bot, and there is no control of the bot on the system.

Pls help mee!

The created file isn't an executable

And how do I identify the I'd

《Update And Fix Bug》

Hi my friend, botnet have bugs that you need to fix.

Bugs :

1_The screenshot will not be sent, and the image stored in the target system is a black screen.

2_The botnet will not run automatically after the restart.

.....................................................................................

Update Commands (Options) :

1_Add keylogger option and put all its logs in a txt file and send to bot.

2_Improve the environment and sort commands and increase new options and debug the botnet and hide it in Temp or Appdata and add it to the registery and reduce possible errors.