ProRat

To show you an example of a malicious program, I will use a well known Windows Trojan, ProRat.
1. Download ProRat. Once it is downloaded right click on the folder and choose to extract it. A password prompt will come up. The password will be “pro”.
2. Open up the program. You should see the following:



3. Next we will create the actual Trojan file. Click on Create and choose Create ProRat Server.
4. Next put in your IP address so the server could connect to you. If you don’t know your IP address click on the little arrow to have it filled in for you automatically. Next put in your e-mail so that when and if a victim gets infected it will send you a message. We will not be using the rest of the options.



5. Click on the General Settings button to continue. Here we will choose the server port the program will connect through, the password you will be asked to enter when the victim is infected and you wish to connect with them, and the victim name. As you can see ProRat has the ability to disable the windows firewall and hide itself from being displayed in the task manager.



6. Click on the Bind with File button to continue. Here you will have the option to bind the trojan server file with another file. Remember a trojan can only be executed if a human runs it. So by binding it with a legitimate file like a text document or a game, the chances of someone clicking it go up. Check the bind option and select a file to bind it to. In the example I will use an ordinary text document.





7. Click on the Server Extensions button to continue. Here you choose what kind of server file to generate. I will stick with the default because it has icon support, but exe’s looks suspicious so it would be smart to change it.



8. Click on Server Icon to continue. Here you will choose an icon for your server file to have. The icons help mask what the file actually is. For my example I will choose the regular text document icon since my file is a text document.



9. Finally click on Create Server to, you guessed it, create the server file. Below is what my server file looks like.



10. A hacker would probably rename it to something like “Funny Joke” and send it as an attachment to some people. A hacker could also put it up as a torrent pretending it is something else, like the latest game that just came out so he could get people to download it.
11. Now, I will show you what happens when a victim installs the server onto his computer and what the hacker could do next.
12. I’m going to run the server on my own computer to show you what would happen. Once I run it the trojan will be installed onto my computer in the background. The hacker would then get a message telling him that I was infected. He would then connect to my computer by typing in my IP address, port and clicking Connect. He will be asked for the password that he made when he created the server. Once he types it in, he will be connected to my computer and have full control over it.



13. Now the hacker has a lot of options to choose from as you can see on the right. He has access to all my computer files, he can shut down my pc, get all the saved passwords off my computer, send a message to my computer, format my whole hard drive, take a screen shot of my computer, and so much more. Below I’ll show you a few examples.



14. The image below shows the message I would get on my screen if the hacker chose to message me.



15. Below is an image of my task bar after the hacker clicks on Hide Start Button.



16. Below is an image of what the hacker would see if he chose to take a screen shot of the victims screen.



As you saw in the above example, a hacker can do a lot of silly things or a lot of damage to the victim. ProRat is a very well known trojan so if the victim has an anti-virus program installed he most likely won’t get infected. Many skilled hackers can program their own viruses and Trojans that can easily bypass anti-virus programs.

Countermeasures

There are a couple things you can do to prevent yourself from being infected by the malware discussed in this chapter.
1. Make sure you have good and up-to-date anti-virus software installed on your computer. Also if there is an automatic update option on your anti-virus software, make sure it is enabled.
2. Make sure you have a firewall installed on your computer and make sure that it is actually enabled. Firewalls protect against unauthorized inbound and outbound connections.

ADMIN , can you tell me what's the PROrat real use for ??
sorry to asking , I'm a newbie

Dude all rats are only for one use that is Accessing other pc .

RAT means Remote Administrator Tool

All rats have their own capacity .

Some flood nicely , some are not easily detectable .

Pro rat is software which not easy to detect via antivirus .

nice share but good

I like this Thanx Admin XP!

OK Now how do u send it if its a Norton protected site like yahoo and cant send viruses

I tried everything here as the tutorial states but i dont seems to get it right, i guess am still missing smthing.
admin can you help ? sending you a pm

oh sry, didn't know there's a limitation on pm's till certain amount of post is reached.
admin i actually wanted to ask you to add me up on icq, skype or any im.
Can you pls kindly pm me details ?
Thanks in advance.

Hi, Nicely put. I want to discuss it further.
1).once server is made on attcker's machine. How to make if Fully Undetectable. So that Victim's Antivirus could not detect it., Otherwise what i have seen is AV are automatically deleting Prorat's server.

2). Second, How to make server with .Jpeg extensions.

Regards to all
Hackajn

[b]hi i was wanting to know could this be used as a keylogger? get a file sent to email every few mins or whatever you set it to be? sorry im kinda new to this