Introduction
DRat is a cutting-edge Decentralized Remote Administration Tool (RAT) designed to enable remote control and configuration distribution without relying on centralized servers or configuration hosts. Leveraging the power of Ethereum Name Service (ENS) for decentralized config delivery and Telegram for serverless communication, DRat redefines stealth and efficiency in remote administration.
Supported Platforms
- Windows
- Linux (Submit an issue for other tested systems)
- Ubuntu 22.04 ✔️
Key Features
Serverless Control
DRat operates without a dedicated server. Simply send commands through a Telegram group to execute remote control seamlessly.
Built-in Proxy
Due to Telegram’s access requirements, DRat comes with an integrated proxy, ensuring hassle-free connectivity.
ENS-Based Configuration
Utilize decentralized ENS for secure and efficient configuration file distribution.
Command List
|
Command |
Function |
Status |
|
/help |
Display help |
✔️ |
|
/rce start |
Start RCE session |
✔️ |
|
/rce stop |
Stop RCE session |
✔️ |
|
/rce |
Execute command (auto-starts RCE if not active) |
✔️ |
|
/sysinfo |
Retrieve system information |
✔️ |
|
/restart_drat |
Restart DRat |
✔️ |
|
/shutdown_drat |
Shut down DRat |
✔️ |
|
/dump_navicat |
Export Navicat connection info |
✖ |
|
/dump_xshell |
Export Xshell connection info |
✖ |
|
/dump_browser |
Export browser passwords |
✖ |
|
/download |
Download file |
✖ |
|
/upload |
Upload file |
✖ |
|
/wechat info |
Retrieve WeChat info |
✖ |
|
/wechat history |
Access WeChat chat history and contacts |
✖ |
Got more needs? Submit an issue on GitHub!
Getting Started
Clone the Repository
git clone https://github.com/SpenserCai/DRat.git
ENS Domain Registration
- Install MetaMask and create an account.
- Obtain testnet tokens via Goerli Faucet.
- Switch MetaMask to the Goerli Test Network.
- Register an 8-character ENS domain at ENS Domains.
Configuration File
The configuration file follows this format:
{
"TELBOT_TOKEN": "",
"TELBOT_CHAT_ID": 1234567890, // Telegram group ID (omit the '-')
"CLASH_CONN_STR": "proxy_type:address:port:encryption:password:udp_support", // Obtain from Clash
"LOCAL_PROXY_PORT": 7890,
"ENS_DOMAIN": "" // ENS domain updates not supported yet
}
Option 1: Automated Config Upload
Use the DRatConfig tool to encrypt and upload your configuration automatically. All you need is a registered ENS domain.
Option 2: Manual Config Upload
python encode_config.py
This generates an AES-encrypted string. Copy and paste it into your ENS domain’s description field at ENS Domains. Save and wait for the configuration to propagate.
Compilation
# 'cli' for debug mode, 'spy' for background execution
# Windows
python build.py cli windows
# Linux
python build.py cli linux
Testing
Run the program and test commands in your designated Telegram group.
Disclaimer
This project is for educational and research purposes only. Use at your own risk.
Source
0 Comments