The most common method to compromise a system security is to exploit it by creating a payload and if the payload is multifunctional like an exploit, Backdoor, bypass AV, AutoRun, then this kind of payload(FatRat) is a dream exploit for all the hackers around the globe.
One of such exploit creating tool is FatRat.
It is a tool which creates exploits using msfvenom of Metasploit to generate backdoor and to post exploitation attack like browser attack.dll.
This tool compiles a malware with popular payload and then the compiled malware that can be executed on Windows, Android, Mac.
The malware that is created by this tool also has the ability to bypass most AV software protection.
FatRat generates a C language payload, as by changing the payload to C Language Anti-Virus won’t flag it suspicious.
- Linux OS (Kali Linux preferred)
- FatRat source code
- Git clone https://github.com/Screetsec/TheFatRat.git
- Cd TheFatRat/setup
- Chmod +x setup.sh && ./setup.sh
Now we have FatRat installed to our system, you can start it by typing “fatrat” in the terminal
Automating Metasploit functions
- Create backdoor for Windows, Linux, Mac and Android.
- Checks for Metasploit service and starts if not present
- Easily craft meterpreter reverse_tcp payloads for Windows, Linux, Android and Mac and another.
- Start multiple meterpreter reverse_tcp listners.
- Fast Search in searchsploit.
- Bypass AV.
- Create backdoor with another technique.
- Autorun script for listeners.
- Drop into Msfconsole.
Once fatrat has checked for any missing dependencies it will present you TheFatRat Menu.
Now we will generate a binary executable
To do this we will use the option 6 “Create Fud Backdoor 1000% with PwnWinds”
You will then see a new menu appear similar to the menu in the screenshot above choose option 6 “Create Backdoor with C /Meterperter_reverse_tcp (FUD 97%)”
To check our local ip open a new command terminal and use “ifconfig”.
Replace LHOST with the local ip address.Set LPORT to a port of your choice I will use 443.
TheFatRat will now ask for a base name for the output file.
Choose a basename for example “payload” this will be the name of your output file you can find the payloads you have created inside of TheFatRat/output installation directory.
Now we have created an executable.Now we have our payload and we now need to set up a listener. So we go back to TheFatRat main menu.
Choose the listener that corresponds with your targets system.
Now the listener is set up, Transfer the payload to the target machine, when the target machine access’s the malicious payload a reverse connection is established.
To make an autorun simply select option 7, and copy to any removable disk to transfer to the victim.
I hope this article Helps you, If you want to know how to hack a Gmail account then read the tutorial on How to Hack A Gmail Account Password In Minutes and if you like the article kindly rate it and do share to let the world know about it .Thankyou.