Linux RAT

[pebcak]

Looking for ideas on implementing a RAT, allowing access to my Ubuntu machines in case of theft, and/or just for giggles.

I have a domain ready to go, but I have no clue how to go about setting this up.

[proxx]

Looking for ideas on implementing a RAT, allowing access to my Ubuntu machines in case of theft, and/or just for giggles.

I have a domain ready to go, but I have no clue how to go about setting this up.

Ugh.

You don't have any linux experience do you ?
This is a typical windows point of view.

Just setup a reverse SSH shell that always connects back to point x.
Fucking forget the term "RAT" not only because it pisses me off but coz *nix is built this very principle.
Logging onto a remote terminal etc etc.
What the fuck go read book.
*some other lines that Im too lazy to write*

[Kulverstukas]

Yeah basically what Proxx said is all you need. Since you opt to use linux, then you should use linux tools and forget about RATs. SSH is basically the tool you want to use, but in case of theft, I would recommend projects such as http://preyproject.com/ that are built specifically for that purpose.

[b0whunter]

Fucking forget the term "RAT" not only because it pisses me off but coz *nix is built this very principle.

Exactly!! damn its stings inside, i dont know why, but it does every time I hear/read RAT... geez even netcat can do the trick, but proxx is spot on.

[I_Learning_I]

I will sort of HiJack this thread and take it on a different direction, the one I thought the thread was about.

What about making a "RAT" for Linux?
Sure you can configure SSH or telnet and just use it, but what about an "hidden" connection? Create another SSH/telnet user that can only be seen by a certain user or edit/add .php files being ran by Apache to allow remote control (I believe this would have to be a poorly configured server)

I do believe all these files need to be sudo'd in order to be edited, so unless there's a jailbreak or you "bind it" should be impossible.

Care to comment?

[c64]

Sounds like a job for a rootkit if stealth is an issue.

[Fl0urite]

Try using metasploit to create a backdoor
 http://www.offensive-security.com/metasploit-unleashed/Meterpreter_Backdoor
just use payload/linux/x86/meterpreter/reverse_tcp

[proxx]

Try using metasploit to create a backdoor
 http://www.offensive-security.com/metasploit-unleashed/Meterpreter_Backdoor
just use payload/linux/x86/meterpreter/reverse_tcp

I suggest not doing that because of the dangers involved.
Giving yourself a way into anything means giving someone else a potential entrance.
Especially with just a plain TCP reverse shell.

Would personally configure a second SSH(d) running on some obscure UDP port connecting back to a central point isolated in jail or something along those lines.

[I_Learning_I]

Would personally configure a second SSH(d) running on some obscure UDP port connecting back to a central point isolated in jail or something along those lines.

This is what I was talking about. The thing is you would still have to have the port not reply/firewalled (in case of an NMAP scan), which means you would probably also need to configure something on iptables, but then again the configuration would pop up and would be noticeable if you ever got hacked.

[qwk]

http://jrat.su/ works on almost every OS that running java. You could also use netwire and it could be found here: http://www.worldwiredlabs.com/netwire_/

[pebcak]

HA!

I must have been blasted out of my fucking gourde to post shit like this.

The correct answer to my question was, "Don't run *nix as a host machine...ever, you fucking fuck."

[0E 800]

I was just going to mention Prey.

https://preyproject.com/

[r3verend]

There are tons of ways instead of "Rating" your self, lmao.
SSH, VNC, etc

[jitterbud]

Yeah basically what Proxx said is all you need. Since you opt to use linux, then you should use linux tools and forget about RATs. SSH is basically the tool you want to use, but in case of theft, I would recommend projects such as http://preyproject.com/ that are built specifically for that purpose.

Thanks for introducing this, gonna use it. Its nothing new but cool to see shit like this for nix.
[update] I just tried using prey on my ubuntu machine and its a bitch to setup.
Software repo doesn't install it. So you have to cd /usr/lib/prey/current/bin/ && sudo ./prey config gui. Now it'll run only when you run the script. Restart and it won't run, you have to set it to run on boot.

[Kulverstukas]

Thanks for introducing this, gonna use it. Its nothing new but cool to see shit like this for nix.
[update] I just tried using prey on my ubuntu machine and its a bitch to setup.
Software repo doesn't install it. So you have to cd /usr/lib/prey/current/bin/ && sudo ./prey config gui. Now it'll run only when you run the script. Restart and it won't run, you have to set it to run on boot.

Yeah, but that's linux...