RAT malware: C++/C# Source Code

[waka1116]

A RAT written in C++ or C# then:
1/ Which language should be given priority?
2/ What criteria are used to evaluate good quality RAT and poor quality RAT?

Thanks all.

 

[DildoFagins]

Which language should be given priority?

C++ if you are experienced in programming, C# if you are less experienced.

What criteria are used to evaluate good quality RAT and poor quality RAT?

Stability, error resilience, rich feature set.

 

[Voirus]

C++ if you are experienced in programming, C# if you are less experienced.


Stability, error resilience, rich feature set.

Which is the best current rat of the moment without taking in mind pricing

 

[pentesterMaster]

if you wish to be the best Write in C++.. i give you much control to the OS but it is difficult to understand it... Dedication and Consistency

 

[Psycopath]

Which language should be given priority?

In order to write efficient RAT software, you should definitely use C++ because :

• Easily RAM controlling abilities, you can write efficient RAT by proper work with pointers so the victim won't notice high RAM usage
• Win32 API which is an official Microsoft API for windows developers, you can easily manipulate different parts of the system like Network, or Data and Storage.
• This language is a low level programming language so it performs its tasks quicker then C# for example.

You can check online all the RATs that was discovered were written in low level programming languages

What criteria are used to evaluate good quality RAT and poor quality RAT?

Well RAT is Remote Access Trojan, so before starting the project identify your goals, what abilities you want that RAT to have, and what is the purpose of your RAT, these steps are necessary because in that case you will be organized and knowing exactly what to focus on.

Now from the coding perspective you should concentrate on efficiency that is expressed by RAM usage, don't let your soft use unnecessary RAM space, also it important to control the processes and the threads you are running. And finally masking you software is also important, first step is infecting your victim, the victim will probably uninstall your soft if its going to be some shitty program, so make sure you save the software as "Legit looking" program.

One more important part is the communication part, you have to decide if the RAT will operate as a client side or server side. this part also requires knowledge.
if you will write the RAT to act as a server you would be able to connect to it from anywhere which increases anonymity but wouldn't be able to condense all your victims in the same place.
But if you will write the RAT to operate as a client, you would be able to condense many clients into a server that you will control. but will be more limited in the functionality perspective.

There are a lot of asspects that you have to take a look on them, so before you start the work build a plan and gain knowledge.

 

[DildoFagins]

• Easily RAM controlling abilities, you can write efficient RAT by proper work with pointers so the victim won't notice high RAM usage
• Win32 API which is an official Microsoft API for windows developers, you can easily manipulate different parts of the system like Network, or Data and Storage.
• This language is a low level programming language so it performs its tasks quicker then C# for example

None of that doesn't really matter. Dotnet runtime doesn't eat up much RAM and you can force GC collection at any point, Chrome is written in C++, and it can pretty much eat up a few gigs of RAM. You can call any Win32 API from C#, and you can call any library with C's ABI. MSIL is JIT compiled, so it is not like Python kind of slower than C++, RAT is neither RAM, nor CPU intensive thing, where using C++ will make a difference.

 

[Psycopath]

Dotnet runtime doesn't eat up much RAM

That's true but we are talking about a RAT, when its a legit software and you want to sacrifice RAM for easier coding process then its fine, but when one of the most important concept is "invisibility" then its definitely better to use a language where you can manipulate RAM in efficient way. Never saw a C# example of RAM manipulations.

Chrome is written in C++, and it can pretty much eat up a few gigs of RAM

The example of Chrome is right but it doesn't mean that it's the languages fault, their devs just didn't use it properly.

RAT is neither RAM, nor CPU intensive thing, where using C++ will make a difference.

Right about the CPU, RAT doesn't require that much of CPU usage, but it also depends on how efficient is your usage of threads and processes, but when talking about RAT it is intensive RAM usage, because we are streaming data. And it also depends on how you build the RAT, if you want it to run 24/7 then RAM is working intensively. every program uses RAM if you will have tons of unused variables that will uselessly take RAM space then it doesn't matter in which language you write the RAT.

 

[RedNode]

I Will recommend c++ for different reasons one of the reasons is c++ more dynamic and can also remove crt and disable Default libs and load every thing dynamically This gives you the ability to run your exe on any Windows version fresh installed so it gives you better back connection result , .net if you compiled the exe to .net version are not installed on target machine the exe will not work