Create your own basic command and control (RAT) framework with more effective results.
Introduction
At first we need to understand some basics terminologies and methods before going to technical domain. Lets start with definition of remote access tool/Trojan OR command and control attack.
“A Command and Control attack is a component of a malware attack used to establish a remote covert channel between a compromised host and the attacker’s server.”
Adversaries actually send a executable to victim machine using some initial access technique and trick victim to simulate the attack. For example in case of CVE-2021–040444 attackers send an attachment of word and when it reach to victim machine which loads HTML code and by using mshtml.dll, attackers actually execute the dropper. In simple words, attacker send document to victim after victim checks whats in the document and clicks on enable content his/her system gets infected with attacker’s exploit. Lets understand this from the diagram where you can see attacker somehow manage to engage user to open document and click of enable button. After user clicks, script actually download a executable and executes it and exe starts communicating with public server as you can see in flow diagram.
This was just one example of how an attacker can get access of system.
To create full RAT visit the following blog (The blog is moved on personal page).
