Skip to content

Latest commit

 

History

History
15 lines (13 loc) · 1.03 KB

README.md

File metadata and controls

15 lines (13 loc) · 1.03 KB

HTTP Rat

Installation

Clone the Repo and then run the 'make' command to compile the binary (make sure you have libcurl installed)
once compiled just run the binary './malware' and it will start to run in the background

Sending Commands

It is very easy to interact with the Rat, it uses http requests to get a command to be ran from a web server.
The Rat requests the file from the webserver, and then stores and executes the command from memory nothing
touches disc except the malware. Before using the malware make sure you change the webserver address in the code.

Uninstalling

The malware at this point is very simple to remove just sending a kill command to the pid will do. I have also added
a lock file in /tmp called malware.lock executing "kill 'cat malware.lock'" will also kill the process

Credit

I used this blog post to daemonize the malware