The Guide to RAT-ing

I’ve seen quite a few questions regarding how to use or setup RATs properly (Remote Access Tool). Before I go over the steps to do this I’d like to note that gaining remote access to someone’s computer without their permission is illegal as all hell in the United States and most countries. In the U.S. it is technically only illegal when used with malicious intent, hence why many popular RAT developers (DarkComet) have either been or currently are in Federal prison or closed down their projects before their inevitable arrest. In regards to scaimbaiting, RAT-ing is in the grey area. And if ever brought to legal circumstances could go either way, in favor of the scammer hacker or the scammers. Worst case scenario, you could both go to prison, especially if you don’t cover your tracks correctly. So after reading this, if you would still like to proceed I have conveniently listed 12 steps that need to be done in order to successfully rat someone’s computer.

Also, if you are just starting out with Scambaiting I recommend you check my other post regarding some of the best methods and steps to destroy scammers that aren't nearly as technical or legally threatening down below.

replace/d/3802-the-guide-to-scambaiting

Alright here we go!

Step 1: The first thing you need to do is set up ports on your router. You will need to Google how to login to your router (Different for each one and ISP) and then the proper steps to add ports. If you have to login then usually the default username is "admin" and default password is "password". You'll need to create a TCP and UDP port, or 2-in-1 if your router supports it. Set your port names to whatever you want. Use Global port range 1604-1605 or really any except for 80 or any you are currently using. Set base port to 1604 or whichever port you used for global, save and your done...

Step 2: To make sure your port is open you will need to go to https://canyouseeme.org to check if the port you opened, in this case 1604, is actually open. If it's green your all good. If not we shall fix this in the next step.

Step 3: Assuming you've followed all step required by your router, there may be a bug or hardware or other unknown issue preventing your port from opening. It may even be blocked (To check, just try several different ports). In this case, you will need a port utility that will temporarily open your ports you want. I recommend Port Forward Wizard which can be downloaded here http://www.upredsun.com/portchain/portchain.html The steps are pretty easy to set up the ports. You will notice that this is not free but is actually trial software. Once downloaded you will be allowed 15 minute sessions of which the ports will then close. However, you can simply restart them to get another 15 minutes and do this virtually forever. If you don't want to wait, you can try other utilities you find on the net or purchase their paid version.

Step 4: After using this utility your ports should now work. Also keep in mind if you are using a Virtual environment you should not use this wizard on it, but on your main OS as there can be issues.

Step 5: Now that you have your ports ready, you need to set up a dynamic IP so that you will not have to update your connection with your Ports and RAT. ISP's generally change your IP address periodically for performance and security reasons. This can help keep your network from being hacked or targeted. I recommend going to https://noip.com

Step 6: Once there, click the sign up link and create an account. Don't worry about Hostname at the moment. If you want you can pick it now. After making it to your home page look at your new IP and select modify. There you can give it a Hostname and whatever info you want. Look to the left and click on the tab that says "Dynamic Update Client". This is the utility that will take your IP address you have on your VM or main machine and automatically sync it with your dynamic IP. When you think about it, this makes your life so much easier...

Step 7: After downloading and running the tool you'll see a little box with a basic UI that should have at least two check marks (One might be a red x). Click on the button that says "edit" and make sure your host is there and has the checkbox next to it selected. Now save and go back and click the "refresh" button and if there was an x it should now be a green checkmark.

Step 8: Alright, it's time to download the RAT. You are welcome to find your own but the sheer amount of malware and backdoors that are installed in these downloads alone makes many people give up on this kind of stuff. So much, some even start to doubt their existence. So I would recommend using one of two (Or both) powerful and popular RAT's called DarkComet or njRAT. I'd also recommend downloading them from https://rekings.com as they are probably the most trusted site for this kind of stuff. Keep in mind, that these RAT's are considered malware as they frankly are. They are backdoor utilities that can be used to extract vast amounts of information without the users knowledge. They can also be used to control these systems and spread across entire networks. So if you think your Antivirus, firewall, or even Windows Defender likes them... guess again. This can make it even harder to detect extra hidden malware not intended by the dev. Especially if it is crypted. NEVER DOWNLOAD CRYPTED MALWARE. YOU HAVE BEEN WARNED!

Step 9: As I was saying about how much security programs love RAT's, you will need to disable all of yours. Yes, all, including Windows Defender or you will most likely never be able to launch or use the RAT correctly. Hell, it will probably be removed instantly and you will receive some "severe" warning about it from your AV.

Step 10: After disabling your security you need to create firewall exceptions. I don't have time at the moment to explain how to do this on all types of OS's so just Google it and set one for your UDP and TCP connections. Same port info.

Step 11: After extracting and running either DarkComet or njRAT you will need to set up your server (backdoor). This is what people will click on that runs and gives you access to their system. The setup is pretty similar in both DC and nj however I really love DarkComet's advanced settings and also their huge array of tools. I mean they really did go above and beyond with features. Usually setting this up involves naming your file, its attributes, the server name, creating and icon (recommended) and setting up which IP to respond to. If you want to test it on your own machine use IP 127.0.1 . If you want to use this on a scammer than set it to your dynamic IP you set up earlier.

Step 12: Okay, you are all ready to go take down a scammer. You may also want to use a crypter like Aegis to help mask your backdoor. This really makes it almost impossible to be found by the targets AV or be deleted without a complete re-format of the hard drive (This is why I fucking warned you). Always use a VPN for your VM's and remember that the easiest way to hack someone is human error. These tools at your disposal are useless unless you can convince a scammer to download it and click it. There is no software that can do this but the human brain. Good luck and I know once enough of us come together we can put a stop to these guys all over the world. It's time to return money to their unsuspecting victims and make these bums get real jobs!!!

3 Likes

@Davuun#18656 Welp guess not. I’m guessing your one of the admins? Alright everyone just go watch this video. This guy explains it better than me anyways.

[deleted]