quantumcore / paradoxiarat Goto Github PK

View Code? Open in Web Editor NEW

763.0 27.0 161.0 60.15 MB

ParadoxiaRat : Native Windows Remote access Tool.

Home Page: https://quantumcored.com/

License: MIT License

Makefile 0.68% Shell 0.22% Python 48.68% C 50.42%

red-team hacking rat botnet backdoor bot reflective-injection keylogger hacking-tool dll-injection

paradoxiarat's Introduction

Paradoxia Remote Access Tool.

Are you looking for a GUI alternative? Check out Remote Hacker Probe. More Advanced and Stable with ton of features.

Features

Paradoxia Console

Feature	Description
Easy to use	Paradoxia is extremely easy to use, So far the easiest rat!
Root Shell	-
Automatic Client build	Build Paradoxia Client easily with or without the icon of your choice.
Multithreaded	Multithreaded Console server, You can get multiple sessions.
Toast Notifications	Desktop notification on new session
Configurable Settings	Configurable values in `paradoxia.ini`
Kill Sessions	Kill Sessions without getting in session.
View Session information	View Session information without getting in Session.

Paradoxia Client

Feature	Description
Stealth	Runs in background.
Full File Access	Full access to the entire file system.
Persistence	Installs inside APPDATA and has startup persistence via Registry key.
Upload / Download Files	Upload and download files.
Screenshot	Take screenshot.
Mic Recording	Record Microphone.
Chrome Password Recovery	Dump Chrome Passwords using Reflective DLL (Does not work on latest version)
Keylogger	Log Keystrokes and save to file via Reflective DLL.
Geolocate	Geolocate Paradoxia Client.
Process Info	Get Process information.
DLL Injection	Reflective DLL Injection over Socket, Load your own Reflective DLL, OR use ones available here.
Power off	Power off the Client system.
Reboot	Reboot the client system.
MSVC + MINGW Support	Visual studio project is also included.
Reverse Shell	Stable Reverse Shell.
Small Client	Maximum size is 30kb without icon.

Installation (via APT)

$ git clone https://github.com/quantumcored/paradoxiaRAT
$ cd paradoxiaRAT
$ chmod +x install.sh
$ sudo ./install.sh

Example Usage :

Run Paradoxia

sudo python3 paradoxia.py

Once in paradoxia Console, The first step would be to build the Client, Preferably with an Icon.

After that's built, As you can see below it is detected by Windows Defender as a severe malware. Which is expected since it IS malware.

I'm going to transfer the client on a Windows 10 Virtual machine and execute it. After Executing it, It appears under Startup programs in task manager.

Also it has copied itself inside Appdata directory and installed under the name we specified during build.

At the same time, I get a session at server side.

First thing I'd do is get in the session and view information.

There are plenty of things we can do right now, but for example only, I will demonstrate keylogging.

You can see in the image above that It says it successfully injected dll, And in file listing there is a file named log.log, Which contains the logged keystrokes.

Lets view captured keystrokes.

Changelogs

This repository was home to 3 tools previously, Iris, Thawne and Previous version of Paradoxia. This can be found here.
Everything is entirely changed, Client has been rewritten, Infodb removed. Much new features added. Stability added.

Developer

Hi my name's Fahad. You may contact me, on Discord or My Website

LICENSE

VIEW LICENSE

The Developer is not responsible for any misuse of Damage caused by the program. This is created only to innovate InfoSec and YOU. 👈

Donate

Help me with my future projects. Thank you. Donate with Crypto

paradoxiarat's People

Contributors

Stargazers

Watchers

Forkers

mr-segfault tarsbase dereklpeck shelltips neuroradiology xeddmc o0xuux0o jud3ns0hn aaronmaiden666 therealelyayo ittech25 office-of-tailored-access-operations artisr rkenzi ryanjae-droid hollow667 m1ch47 monnalisa-id digiverse1 lychhayly wlly23 xeallwolf cdochoa yanadhorn msf-ntdll sameeriit bahadirtmzr usama7628674 0thm4n3 sec-js paralax decay88 zshell kernel1337 junseul h4xl0r rajivraj andreaspreuss vundalon c0axial falcon1029 fyannwyl resinprotein233 hackinfinity nusaibnull zubair-cmd fadinglr witchfindertr 0xankit on1-tech young28dos digitaldustin reverse-ex mansaamusax tehseensagar israelccarvalho bigbrobro hitman47xxx styxschip qux-bbb keyman9848 fengjixuchui y11en tajpop3 optionalg azizur235 gh0st0ne gitsunlit papusingh2sms psyc0d3r fueledamp netkid123 asdlei99 s2prod qwqdanchun-fork ktm2590 marciopocebon p1nksh0t douglasnbk llenroc actorexpose tor-0 jemysarin galactusmuller hartl3y94 r46-secret takianfif mdyeasin21 netindiapro 3rkut vuln-testing kenuosec futurehouse phuong39 myke77 opensesamedoors keobjames cryxxxz ingramali crackercat

paradoxiarat's Issues

Can't build the Client.exe on ubuntu 20.04 LTS

Hi there Fahad,

Thanks for the excellent tool :)

I'm having issues building the client on my ubuntu 20.04 LTS. I have all the python dependencies installed and verified. The Paradoxia console comes up.
below is what it says when I try to build it

paradoxia >> build
[+] Host : 127.0.0.1
[+] Port : 443
[+] Installation Name (.exe) : ParadoxiaClient.exe
[+] Installation Folder name : Paradoxia
[+] Output file name (.exe) : file.exe
[?] Would you like to build with Icon? (Y/n) : n
[X] Error building Paradoxia Client.
paradoxia >>

It just says error building client. No helpful debug info. Is there any log file which keeps track of actual errors or what could be the reason of the build failing?

Thanks for any suggestions :)

zain-hundal  zain  ~  Documents  paradoxiaRAT  master  ✎  $  sudo python3 paradoxia.py
Traceback (most recent call last):
File "/home/zain-hundal/Documents/paradoxiaRAT/paradoxia.py", line 10, in
from kernel.main import *
File "/home/zain-hundal/Documents/paradoxiaRAT/kernel/main.py", line 22, in
from .other import *
File "/home/zain-hundal/Documents/paradoxiaRAT/kernel/other.py", line 1, in
from plyer import notification
ModuleNotFoundError: No module named 'plyer'

Import error

paradoxia> help
Traceback (most recent call last):
File "paradoxia", line 18, in
main()
File "paradoxia", line 16, in main
console()
File "/home/mirco/Documenti/paradoxia/kernel/pdmain.py", line 372, in console
args = command.split()
AttributeError: '_Helper' object has no attribute 'split'

[WinError 2] The system cannot find the file specified

Please help me!

chromedump not working

paradoxia >> (192.168.0.102:58371) : chromedump
[+] Injected Reflective DLL into PID 10368 ...

[ Error Opening file dell (Error 433) ]

File 'dell' does not exist.

[X] Error : [Errno 2] No such file or directory: 'loot/dell'

20 seconds have passed and we have received no response from Paradoxia

paradoxia >> (192.168.0.102:49835) : chromedump
[i] 20 seconds have passed and we have received no response from Paradoxia. There may be a problem.
[i] 20 seconds have passed and we have received no response from Paradoxia. There may be a problem.

Configuration file error

After i manage to run the scrypt, from the bash of paradoxia shell, i have this error

fatal error:: configuration file not found at /root/instapy-config.json

Im running from root user.

MOVE FROM MAIN() TO WINMAIN()

Your entry point needs to be changes.

Also use #define _CRT_SECURE_NO_WARNINGS

Which Visual Studio version did you use for compiling?

keylog_start not working

[ Session Opened ] 123.25.71.168 - Windows 10
paradoxia >> (192.168.0.102:58371) : sessions 0
paradoxia >> (192.168.0.102:58371) : keylog_start
paradoxia >> (192.168.0.102:58371) : keylog_start
[+] Injected Reflective DLL into PID 10368 ...
paradoxia >> (192.168.0.102:58371) : ls
[i] 20 seconds have passed and we have received no response from Paradoxia. There may be a problem.
paradoxia >> (192.168.0.102:58371) : ls

Error - function TCPServer

The remote agents are checking in, but there are a bunch of errors when it happens.

Image follows this snippet:

paradoxia >> [+] Getting information.. Unhandled exception in thread started by <function TCPServer at 0x7f42da241a60> Traceback (most recent call last): File "/home/azureuser/paradoxiaRAT/kernel/main.py", line 806, in TCPServer notify("Paradoxia", "New Connection : " + cld.returnClientName()) File "/home/azureuser/paradoxiaRAT/kernel/other.py", line 96, in notify message File "/usr/local/lib/python3.6/dist-packages/plyer/facades/notification.py", line 82, in notify timeout=timeout, ticker=ticker, toast=toast File "/usr/local/lib/python3.6/dist-packages/plyer/platforms/linux/notification.py", line 43, in _notify session_bus = dbus.SessionBus() File "/usr/lib/python3/dist-packages/dbus/_dbus.py", line 211, in __new__ mainloop=mainloop) File "/usr/lib/python3/dist-packages/dbus/_dbus.py", line 100, in __new__ bus = BusConnection.__new__(subclass, bus_type, mainloop=mainloop) File "/usr/lib/python3/dist-packages/dbus/bus.py", line 122, in __new__ bus = cls._new_for_bus(address_or_type, mainloop=mainloop) dbus.exceptions.DBusException: org.freedesktop.DBus.Error.NotSupported: Unable to autolaunch a dbus-daemon without a $DISPLAY for X11

Detected by Windows Defender

Hi.
the payload is detected by windows Defender.
please FUD the file.
thanks

Error building Paradoxia Client.

pls help me, I can not build"
paradoxia >> build
[+] Host : 192.168.0.103
[+] Port : 443
[+] Installation Name (.exe) : ParadoxiaClient.exe
[+] Installation Folder name : ParadoxiaClient
[+] Output file name (.exe) : file.exe
[?] Would you like to build with Icon? (Y/n) : y
[+] Icon Path (.ico) : /home/joker2020/Downloads/images.ico
[X] Error building Paradoxia Client.

Bypass Window Defender

Is there any way to bypass window defender and real time scanning?

Can i use this in ddos?

If yes can you tech me how

can't establish connection when execute the .exe file

Update: Nevermind, i managed to find the server setting :). Just gonna put the screenshot here in case somebody got stuck like me. Cheers.

I have the server running on attacker machine, but when i execute the client on victim, no session is created back to the server.

These 2 machines are within LAN, no portfowarding/NAT needed and can ping each other.
Victim is windows 8
The client was built with lhost of attacker IPv4

I have tried so far:

change to another port number, like 4440, 6870...etc
restart the server on attacker machine

I feel like i'm missing something, should i assign the server to listen to a specific port number, like you normally would in metasploit?

MULTIPLE ERRORS WHEN RUNNING CLIENT BUILDER

setting up

sudo python3 paradoxia.py

ERROR: Command errored out with exit status 1:
command: /usr/bin/python3 -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-b5_9q3p0/instagram-py/setup.py'"'"'; file='"'"'/tmp/pip-install-b5_9q3p0/instagram-py/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(file);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, file, '"'"'exec'"'"'))' egg_info --egg-base /tmp/pip-pip-egg-info-b9wo3xi4
cwd: /tmp/pip-install-b5_9q3p0/instagram-py/
Complete output (9 lines):
Traceback (most recent call last):
File "", line 1, in
File "/tmp/pip-install-b5_9q3p0/instagram-py/setup.py", line 13, in
from InstagramPy import version
File "/tmp/pip-install-b5_9q3p0/instagram-py/InstagramPy/init.py", line 11, in
from .InstagramPySession import InstagramPySession, DEFAULT_PATH
File "/tmp/pip-install-b5_9q3p0/instagram-py/InstagramPy/InstagramPySession.py", line 12, in
from stem import Signal
ModuleNotFoundError: No module named 'stem'

unexpected expression

ParadoxiaClient.c: In function ‘MainConnect’:
ParadoxiaClient.c:551:29: error: expected expression before ‘{’ token
551 | server.sin_port = htons({{serverport}});
| ^
sys.c: In function ‘OS’:

not sure what to do here no missing brackets or anything.

traceback error

using Ubuntu 19.10
input: sudo ./paradoxia
output: Traceback (most recent call last):
File "./paradoxia", line 8, in
from kernel.infodb import *
File "/home/lenovo/Desktop/Programs/Hacking/paradoxia/kernel/infodb.py", line 7, in
import geoip2.database
ModuleNotFoundError: No module named 'geoip2'

I have installed the requirements, updated and upgraded