xRAT Crash and depracated code

[logiczxy]

xRAT crashes when a server tries to connect to it, not sure where the problem lies, but perhaps it's the part where compiler throws a warning "ReverseProxyClient.cs(54,69,54,98): warning CS0618: 'System.Net.IPAddress.Address' is obsolete: 'This property has been deprecated. It is address family dependent. Please use IPAddress.Equals method to perform comparisons. http://go.microsoft.com/fwlink/?linkid=14202'"

[tidusjar]

@logiczxy That warning is just telling us to use a different method since MS are not going to develop that feature further. Could you run the xRAT in debug and see where an exception gets thrown?

[logiczxy]

Visual Studio highlights this: "byte[] payload = new byte[_payloadLen];"

Additional information: Arithmetic operation resulted in an overflow.

A first chance exception of type 'System.OverflowException' occurred

[tidusjar]

What is the value of _payloadLen ?

[logiczxy]

Unfortunately i can't seem to be find that bit of information about it in the debugger, that's all the information it shows me.

[MaxXor]

Please read this to be sure you've built the client correctly. Are u using Debug or Release mode? Tell me what settings you are using and the steps to reproduce this issue. What crashes, the client or server?

[logiczxy]

Not sure if i follow the "release configuration" and "debug configuration". Do i have to pre-configure my settings to "Settings.cs" before i compile? Anyway after i have compiled, i am using xrat 2.exe from "Release" folder and as soon as i see a connection appearing in the main window, "xrat 2.exe crashes".

[MaxXor]

DEBUG: pre-configure your Settings.cs, build and then execute the client.exe RELEASE: build the project, use the Builder from the xRAT 2.exe to build your client

Anyway I can't reproduce this crash.

[logiczxy]

Then i believe i understood it correctly and it should work. Weird bug then, hopefully this somehow by accident gets fixed in the future, i'll check back in a few months, looks like a promising project, keep up the good work!

[MaxXor]

Can you check if the password in client and server are the same? Thanks.

[logiczxy]

The passwords match, yes

[MaxXor]

Do you have some kind of firewall or antivirus running? Try to disable both and see if you can get it working.

[logiczxy]

I have disabled them yes and i can also see the connection appearing in the main window of the program (so far so good), but as soon as the connection appears (with the computer name, IP address info etc etc), the program crashes. I'm pretty sure the problem is not external, but internal, something is causing the program to crash when it gets the connection.

[logiczxy]

I'm guessing some sort of overflow is appearing like the debug says "System.OverflowException' occurred". I don't have much time atm to use any advanced tools like network monitoring software etc to see what's being sent, much work do be done and away from PC soon. I was looking for alternatives to current remote admin tools i have, i loved the open source idea, but it's ok, i can keep using the old ones until some day i get more time to investigate xRat a bit more. although i'm still pretty sure this bug is originating from the program itself, i just now tested the same compiled xrat 2.exe on a different Win7 machine and it crashed there as well as soon as it got the connection. Perhaps, somehow, it's the problem of Visual Studio version i am using to compile this with? Atm i am using Visual Studio Express 2013. The OS on both machines is windows and 64bit. The application was compiled with x86 settings.

[MaxXor]

Okay, when you get time please download the latest source, switch on Release or Debug mode and press Build. :)

Then tell me if it's working with the connection.

You can do this when you have time, no need to rush.

[logiczxy]

Unfortunately it's still not working.

[MaxXor]

Can you upload your binaries in a zip to http://rghost.net/? I wanna take a look.

[logiczxy]

The URL is not working, i used an alternative: http://www.files.com/shared/55569a690b01b/data_xrat.zip

[MaxXor]

What you did was building the client in RELEASE mode and then just executing it. Start xRAT.exe and click Builder. Use this to build your client please.

[logiczxy]

How can i build the CLIENT within the CLIENT? Shouldn't i before compile the CLIENT (with the method that is correct and unknown to me unfortunately), then open the CLIENT and build a SERVER instead? I have never built a server executable outside the xrat.exe (Client), i have always used the Builder inside the Client (xrat.exe).

Anyway, it's a funny story really, i have used Visual Studio before, coded and build some applications (not as complicated as yours ofc) but it seems I'm simply too dumb to use this one. I cannot find the correct way on how to compile xrat like it's supposed to. I have tried from using many options from visual studio itself, i have even tried using the .bat files that come with the project "build-release.bat" etc. I currently even noticed that when the Xrat.exe (Client) starts crashing, it eventually even does not need to be anything connecting to it, it simply crashes at random intervals. I was testing the server (Built from inside xrat.exe) inside Virtual Machine to see if it connects to the client, but either it shows the connection briefly and then crashes or crashes even without having anything connecting to it when the "Listen" status was set on.

I think the issue can be closed, i still can't get it to work, but at least there is no bug in the software i guess.

Thanks for all the help and good luck with the project!

[bitterypaul]

is this a problem with xrat?

[MaxXor]

no.

[yankejustin]

@logiczxy Just to help you out a bit if you don't understand: To get this working: 1) Make sure you are in RELEASE mode. 2) Right-click the client's project and select "Rebuild". 3) Initialize the server 4) Build the client using the "Builder" from the server.

The point is for the server to build a customized client. The client is then deployed on a different machine (or on the same machine... it doesn't matter). Don't think of this as the client just because you're running it. The server is the server, so don't trick yourself into thinking the user interface is a client. The user interface is the server. :)

[logiczxy]

Yes, i have done all that already, as said, I'm not new to Visual Studio. (I even tried to build it from the bat files and use any other methods i could have thought of, still same result)

Currently I'm trying to test this in a machine which hosts a machine to VirtualBox Virtual Windows 7 OS specifically. Now the weird part is, after i build the executable with xrat in the original (host) OS and deploy the executable onto Virtual OS and start it, xrat crashes as excpected, but now even weirder things start to happen. When i completely terminate the executable built via xrat from that virtual machine and it's not running there anymore and i start xrat again, it crashes if it's in listening mode, even tho no connections are made to xrat.

IF i close Virtualbox OS down (and close the application as well), xrat stops crashing and is still in Listen mode, but i can't test the built executable anymore to test it inside that OS.

I also can't test the executable on the same machine where i have xrat itself running, because xrat crashes when in Listen mode.

I REALLY think there is a bug here somehow, as everything that might interfere with xrat is disabled. and when xrat is in Listen mode, it crashes. I am also fairly sure i have actually compiled it correctly, it is Release Mode etc. Could someone test it with this Virtualbox way as i tried to?

[logiczxy]

ALso, i believe the terminology is different than you guys think: http://en.wikipedia.org/wiki/Remote_administration_software "Its primary function is for one computer operator to gain access to remote PCs. One computer will run the "client" software application, while the other computer(s) operate as the "host(s)"." This means rat.exe = Client and the executable you build with the Builder is called Server (host).

[yankejustin]

I apologize for the disagreement, but you're still mixing it up. Please understand that the server is the host. The built executable is the client and the primary purpose of the built client is to run on another machine to be controlled from the host. As for the terminology, I would hope MaxXor understands the concept! x) Knowledge of the concept is apparent by the fact that MaxXor has named the server project "Server" and the client project "Client".

[logiczxy]

I guess we'll have to agree to disagree :) To be honest, Xrat is the first Remote Administrator Tool i see for the first time in my life that calls the compiled executable (made via Xrat.exe) Client and not the other way around. Even though it does not matter, here are some references: (just to not be confused in the future)

http://hack-o-crack.blogspot.com/2011/07/rat-remote-administration-tool.html "A Trojan generally has two parts Client and Server or Master and Slave. We can say Server is Slave and Client is Master."

https://technet.microsoft.com/en-us/library/dd632947.aspx "Most RATs come in client and server components. Intruders ultimately launch the server program on a victim's machine..."

http://resources.infosecinstitute.com/remote-access-tool/ "RAT can also be called as a synonym for backdoor, which includes a client and server program. The server or the stub program, if installed in the compromised system..."

An example. I'm connecting with my Firefox Web Browser to Github Server. Firefox is my client that sends commands to Github Server (Show me this page, log me in, send me my forgotten password, etc)

Same goes for Xrat (imagine it as a "browser"). I use Xrat.exe as a client to send commands to server(s). I open the xrat.exe and start sending commands (Execute a file, Execute shell, Stream to me images of desktop, etc).

[MaxXor]

Well, I looked at it from the networking side and the client connects to the server. That's how xRAT works too.

[logiczxy]

By concept, a Server is always the "Slave" that executes commands sent from the master. That is where the name "Server" comes from, "To Serve". With this logic, the executable compiled by xrat.exe can't be called a "Client", because a client is not a server, a client does not serve.

But i guess somehow we have different logic in this case. Anyway it got off-topic, but I'll try to look into the code at some point. Even tho a code written not by yourself is always complicated, i hope i find time to clarify and understand it and hopefully to find whatever it is that is causing the crashes.

[MaxXor]

Well, this can be closed now. We just have different logic, but I can understand this can confuse someone.

Thanks. :)