[GUIDE] How to Setup RAT [DNS/Portforward/VPN]
Introduction
This thread is for the people new to RATTing looking for a new RAT and wondering how to set it up, or the people that have already bought a RAT and are going "Now What?". Keep reading if you are interested in learning more about this topic and get your RAT up and running.
What you need
A RAT - NanoCore, Luminosity Link, IM4, etc. *RAT SUCH AS DARKCOMET ARE OUTDATED AND NOT RECOMMENDED
DNS - FagDNS, No-IP (NOT RECOMMENDED), etc.
VPN (optional but recommended) - 143 VPN(Coupon code: C2WX3YTN23 $20 Lifetime), RA4W VPN, etc.
Common Sense :)
DNS Setup
First things first you need a DNS, what a DNS does is it redirects your traffic to the IP you are currently using. This is very important if you are planning on using a VPN so that no matter what IP you are using, the DNS redirects the clients to you.
To start off, you need a HQ DNS that keeps no logs, most are paid but one I recommend is FagDNS, it's free and easy to use. I do not recommend No-IP as they keep logs and will rat you out to the feds if they think something is going on.
For this guide I'll use FagDNS but it should be similar on other DNS. To make a DNS you need to think of a creative and unique token and enter it in 'Your Token' then agree to everything and click Login/Register.
![[Image: 56689b5dc9e17f72ecba304512af4744.png]](https://i.gyazo.com/56689b5dc9e17f72ecba304512af4744.png)
You have to first choose a host name, you can choose whatever you want because this isn't going to matter, it's only an address that's going to be used to point to your IP. If you're using No-IP be sure to choose no-ip.biz as the suffix. Your IP should automatically be in the box in both FagDNS and No-IP, so once you have picked a DNS host name click create. It might take a bit of time for the DNS to get setup and redirect to your IP
![[Image: 4e07f80bc9a48b841f5c8ed22bd6428d.png]](https://i.gyazo.com/4e07f80bc9a48b841f5c8ed22bd6428d.png)
When you are using a VPN, be sure to visit FagDNS, log into your account with your token, and update the IP to your current public IP, if you don't know how to find your public IP, just go to: http://www.ipchicken.com/ and you should see it.
No-IP:
If you're using No-IP, get No-IP DNS Update Client (DUC) from here: http://www.noip.com/download?page=win
After it's installed you want to open it, sign in with your No-IP credentials then click 'Edit Hosts', lastly tick the host you have just added and then click save.
*To test if your DNS is working and routing traffic, open up cmd and type 'ping examplehostname.fagdns.com' without the ' and replace examplehostname with your host name and if it's online it should ping back. As I mentioned before, it might take some time to get the DNS set-up and running so don't be worried if it takes a couple of minutes to an hour.
Port Forwarding (Not needed if you're using a VPN)
*SKIP THIS STEP IF YOU WILL BE USING A VPN
Go on the Start menu and type in 'cmd' then open it. When the terminal shows up enter 'ipconfig' (don't type the '), then look for Default Gateway. It should have something like 192.168.1.1 or 192.168.0.1 or 192.168.1.254 write it down or copy it into notepad.
Open up a web browser and type in that IP and sign in when it prompts for username and password. If you're not sure what that is, try the default user:pass, you can find this easily if you Google your router model along with 'default password' orCLICK HERE, for a default password list for most routers.
![[Image: daaac41b99a990b5b3703d1f6dd7e66d.png]](https://i.gyazo.com/daaac41b99a990b5b3703d1f6dd7e66d.png)
Now that you're in the Router settings go to the Advanced Settings or Application Settings, depending on your router and click 'Port Forwarding' or 'Forwarding', once you're there open a port, it doesn't matter which one but I recommend a 3 or 4 digit one ex. 689. You need to forward that port with both TCP and UDP protocol. Fill in the IP Address area with your computer IP (IPV4 ), it can be found in 'ipconfig' also. Once you're done, remember to tick enabled on both of them and click save/apply. If you're still confused on how to port forward CLICK HERE.
VPN & Portforwarding
* SKIP THIS STEP IF YOU'RE NOT USING A VPN
This step if if you want to use a VPN with your RAT which is generally a good idea no matter what you're doing with it. First you want to get a VPN, DO NOT get a VPN that keeps logs. Also make sure your VPN supports portforwarding, I recommend both 143 VPN and RA4W VPN if you are looking to buy relatively cheap ones (both have lifetime deal for under $25). They both keep no logs and offer portforwarding.
Now lets move on to actually port forwarding with the VPN. I will be using 143 VPN for this guide but it should be similar on most VPNs. There are two methods you can port forward, you can do it from within the client (if it's supported) or you can do it on the website. I prefer to use the client because it is more convenient. So first open the VPN, go to the port forwarding section, then type your username (for 143 VPN it's your email) and password if it asks for them, choose the server you want to forward the port on, type in the port, then click open port. It should display a message saying the port has been opened if you did it correctly.
![[Image: b0bec9fc81877a757e24ba84faca54cb.gif]](https://i.gyazo.com/b0bec9fc81877a757e24ba84faca54cb.gif)
Setting up your RAT
This is the easiest step out of them all. You first want to open up your RAT, for this guide I'll be using NanoCore. Once it's open go on your port manager, add the port you portforwarded on your Router or VPN in the steps above by either right clicking and choosing 'add port' or clicking the 'add port' button. Then right click on the port and click enable or whatever your RAT says.
![[Image: 262f127d28e31829dc4d7c0d56aaf0a8.gif]](https://i.gyazo.com/262f127d28e31829dc4d7c0d56aaf0a8.gif)
Now your RAT is configured to get the clients that connect through that port. Last is the most important step, and that is making your stub. Without this you have no way of spreading your server to others and getting clients. Go on builder/builder settings on your RAT. Type in a name for what you will identify them as, for example if your program is supposed to be a 'Minecraft Premium Account Generator' name this Minecraft, just so you can remember what server of yours they ran, this isn't important or necessary but good for keeping clients organized.
Next fill the Connection Host with your DNS host name that you created (ex. examplehostname.fagdns.com) and enter the port that you forwarded either on the VPN or the Router into the Connection Port box. If you want the server to startup when the computer starts, you can tick the 'Run Client when the computer starts' but it's not recommended if you will be using a Crypter, it's better to use the Crypter's startup options.
![[Image: 6d0f298e4e5f8888d4427840d002dfe1.png]](https://i.gyazo.com/6d0f298e4e5f8888d4427840d002dfe1.png)
Crypting (Optional but recommended)
If you don't want your stub to get detected it's recommended to use a Crypter, otherwise the victims Antivirus will detect your stub and get rid of it before it even executes. If you need a free Crypter check out Prism Lite Crypter which has updates very frequently to re-FUD or Enigma Crypter or if you want your stub to be Fully Undetectable (FUD) you can buy a HQ Crypter from the cryptography section here in HF! I'd suggest CyberSeal since it's a great Crypter but you have to take some time to experiment with the settings such as assembly, icons, startup, etc.
It's very important to test out how well your Crypted server does against AV's, you can do this by going to online virus scanning sites, but it's important to use ones that DO NOT distribute your scans, if you do your server will be picked up by more AV's faster and lose it's FUD. If you want to test out the detection rate of your server and want to use non distributing services, use the following sites VirusCheckmate, AnonScan, MaJyx, RazorScanner. Sites that distribute your scans and ARE NOT recommended for use are VirusTotal & NoDistribute.
That's it! You're all set, now all you have to do is spread your stub.
(THIS TUTORIAL IS FOR EDUCATIONAL PURPOSES ONLY, I WILL NOT BE HELD RESPONSIBLE FOR WHAT YOU DO WITH THIS KNOWLEDGE OR ANY DAMAGE IT HAS CAUSED)
This thread is for the people new to RATTing looking for a new RAT and wondering how to set it up, or the people that have already bought a RAT and are going "Now What?". Keep reading if you are interested in learning more about this topic and get your RAT up and running.
What you need
A RAT - NanoCore, Luminosity Link, IM4, etc. *RAT SUCH AS DARKCOMET ARE OUTDATED AND NOT RECOMMENDED
DNS - FagDNS, No-IP (NOT RECOMMENDED), etc.
VPN (optional but recommended) - 143 VPN(Coupon code: C2WX3YTN23 $20 Lifetime), RA4W VPN, etc.
Common Sense :)
DNS Setup
First things first you need a DNS, what a DNS does is it redirects your traffic to the IP you are currently using. This is very important if you are planning on using a VPN so that no matter what IP you are using, the DNS redirects the clients to you.
To start off, you need a HQ DNS that keeps no logs, most are paid but one I recommend is FagDNS, it's free and easy to use. I do not recommend No-IP as they keep logs and will rat you out to the feds if they think something is going on.
For this guide I'll use FagDNS but it should be similar on other DNS. To make a DNS you need to think of a creative and unique token and enter it in 'Your Token' then agree to everything and click Login/Register.
You have to first choose a host name, you can choose whatever you want because this isn't going to matter, it's only an address that's going to be used to point to your IP. If you're using No-IP be sure to choose no-ip.biz as the suffix. Your IP should automatically be in the box in both FagDNS and No-IP, so once you have picked a DNS host name click create. It might take a bit of time for the DNS to get setup and redirect to your IP
When you are using a VPN, be sure to visit FagDNS, log into your account with your token, and update the IP to your current public IP, if you don't know how to find your public IP, just go to: http://www.ipchicken.com/ and you should see it.
No-IP:
If you're using No-IP, get No-IP DNS Update Client (DUC) from here: http://www.noip.com/download?page=win
After it's installed you want to open it, sign in with your No-IP credentials then click 'Edit Hosts', lastly tick the host you have just added and then click save.
*To test if your DNS is working and routing traffic, open up cmd and type 'ping examplehostname.fagdns.com' without the ' and replace examplehostname with your host name and if it's online it should ping back. As I mentioned before, it might take some time to get the DNS set-up and running so don't be worried if it takes a couple of minutes to an hour.
Port Forwarding (Not needed if you're using a VPN)
*SKIP THIS STEP IF YOU WILL BE USING A VPN
Go on the Start menu and type in 'cmd' then open it. When the terminal shows up enter 'ipconfig' (don't type the '), then look for Default Gateway. It should have something like 192.168.1.1 or 192.168.0.1 or 192.168.1.254 write it down or copy it into notepad.
Open up a web browser and type in that IP and sign in when it prompts for username and password. If you're not sure what that is, try the default user:pass, you can find this easily if you Google your router model along with 'default password' orCLICK HERE, for a default password list for most routers.
Now that you're in the Router settings go to the Advanced Settings or Application Settings, depending on your router and click 'Port Forwarding' or 'Forwarding', once you're there open a port, it doesn't matter which one but I recommend a 3 or 4 digit one ex. 689. You need to forward that port with both TCP and UDP protocol. Fill in the IP Address area with your computer IP (IPV4 ), it can be found in 'ipconfig' also. Once you're done, remember to tick enabled on both of them and click save/apply. If you're still confused on how to port forward CLICK HERE.
VPN & Portforwarding
* SKIP THIS STEP IF YOU'RE NOT USING A VPN
This step if if you want to use a VPN with your RAT which is generally a good idea no matter what you're doing with it. First you want to get a VPN, DO NOT get a VPN that keeps logs. Also make sure your VPN supports portforwarding, I recommend both 143 VPN and RA4W VPN if you are looking to buy relatively cheap ones (both have lifetime deal for under $25). They both keep no logs and offer portforwarding.
Now lets move on to actually port forwarding with the VPN. I will be using 143 VPN for this guide but it should be similar on most VPNs. There are two methods you can port forward, you can do it from within the client (if it's supported) or you can do it on the website. I prefer to use the client because it is more convenient. So first open the VPN, go to the port forwarding section, then type your username (for 143 VPN it's your email) and password if it asks for them, choose the server you want to forward the port on, type in the port, then click open port. It should display a message saying the port has been opened if you did it correctly.
Setting up your RAT
This is the easiest step out of them all. You first want to open up your RAT, for this guide I'll be using NanoCore. Once it's open go on your port manager, add the port you portforwarded on your Router or VPN in the steps above by either right clicking and choosing 'add port' or clicking the 'add port' button. Then right click on the port and click enable or whatever your RAT says.
Now your RAT is configured to get the clients that connect through that port. Last is the most important step, and that is making your stub. Without this you have no way of spreading your server to others and getting clients. Go on builder/builder settings on your RAT. Type in a name for what you will identify them as, for example if your program is supposed to be a 'Minecraft Premium Account Generator' name this Minecraft, just so you can remember what server of yours they ran, this isn't important or necessary but good for keeping clients organized.
Next fill the Connection Host with your DNS host name that you created (ex. examplehostname.fagdns.com) and enter the port that you forwarded either on the VPN or the Router into the Connection Port box. If you want the server to startup when the computer starts, you can tick the 'Run Client when the computer starts' but it's not recommended if you will be using a Crypter, it's better to use the Crypter's startup options.
Crypting (Optional but recommended)
If you don't want your stub to get detected it's recommended to use a Crypter, otherwise the victims Antivirus will detect your stub and get rid of it before it even executes. If you need a free Crypter check out Prism Lite Crypter which has updates very frequently to re-FUD or Enigma Crypter or if you want your stub to be Fully Undetectable (FUD) you can buy a HQ Crypter from the cryptography section here in HF! I'd suggest CyberSeal since it's a great Crypter but you have to take some time to experiment with the settings such as assembly, icons, startup, etc.
It's very important to test out how well your Crypted server does against AV's, you can do this by going to online virus scanning sites, but it's important to use ones that DO NOT distribute your scans, if you do your server will be picked up by more AV's faster and lose it's FUD. If you want to test out the detection rate of your server and want to use non distributing services, use the following sites VirusCheckmate, AnonScan, MaJyx, RazorScanner. Sites that distribute your scans and ARE NOT recommended for use are VirusTotal & NoDistribute.
That's it! You're all set, now all you have to do is spread your stub.
(THIS TUTORIAL IS FOR EDUCATIONAL PURPOSES ONLY, I WILL NOT BE HELD RESPONSIBLE FOR WHAT YOU DO WITH THIS KNOWLEDGE OR ANY DAMAGE IT HAS CAUSED)
0 comments:
Post a Comment