Jump to content
Report any bug Read more... ×
We're hiring! We are accepting applications for Developers, Teachers, Redactors and Junior Moderators. Read more... ×

Create an account on our board

or login and enjoy all the possibilities

Existing user? Sign In

Sign In



Sign Up

Learn Or Teach

You can learn computer security by practicing in the Dashboard, you can also be taught by a teacher. Or You can teach community members regardless of your specialty, and earn points for each person!

Learn or Teach

The Challenges

The new Challenges page is here. Take advantage of several vulnerable web applications to help train you such as, DVWA, XVWA, Mutillidae. You can also launch an existing or custom virtual machine.

Play Now !

Collaboration Room

The first categories of the forum are rooms that you can create or join in order to participate in events with the other members of the community. You can also create your room to make a teaching request, or attend your teacher's presentation. In this room you can create a private forum, store your information, invite other people etc.

Create Room

Create your club

You can create a club with your friends, earn points in teams. Creating a club gives you access to a team space. There you will have a private forum where you can store files, share information etc. Invite your friends and play together!

Create yours now!

VIP

Several VIP packs are available, understand that the survival of this site depends on it. Of course you can buy this pack with your points won during events. Formulas: Vip Member Vip Teacher Vip student

Buy
News
  • For new users read this
  • Challenges
  • for new users thank you to post in introduction and answer "Accept" on the topic of the rules to have access to the integrity of the forum and receive your Exploit-Code
  • The challenges board is being developed you are likely to encounter some bugs if this is the case report to an administrator.
Sign in to follow this  
Backtracking

DarkComet

Recommended Posts

Note: In this format, the RAT program will quite easily be detected by anti-virus software. In order to evade such detection you will have to crypto the DarkComet RAT. It must become undetectable in order to use stealthily. Or, the attacker might install such a program and add exceptions to the anti-virus.

The newest versions are always the most stable. Let’s say you use DarkComet 3.2. DarkComet 3.2 will be quite old by the writing of this blog. The system functions may have changed. DarkCoderSc has updated it to DarkComet 5.3.2 with the latest functions, it’s like buying a can of Pepsi then finding it has gone-off.

Here is the tutorial on how to setup DarkComet 5.3.1

  1. Go to the DarkComet website (http://darkcomet-rat.com). I would not get this RAT from anywhere else, lest it be crawling with gremlins.
    At the top, you will see a list of items. Click Downloads.

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  2. Next there will be a list of DarkComet-RAT product versions.
    Click the top one.

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  3. When you click Download, you will see three boxes. Tick them.

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  4. Click Download.
  5. Open the DarkComet RAR (You need WinRAR)
    It should look like this:

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  6. Make a folder on your desktop. Name it anything you want.

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  7. Drag the items from the WinRAR folder to the Tutorial folder at your Desktop.
    Now, everything should be there like this:

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  8. Open DarkComet.exe (Run as Administrator)

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  9. A TOS should show up.

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.

    Tick the box saying ‘Do not display again the EULA‘ that is located at the bottom left. 

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.

    Click ‘I accept‘  

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  10. At the bottom left, it will show up a Help Screen, tick ‘Do not show at startup‘ then click ‘Fine

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  11. Click DarkComet-RAT at the top left.

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  12. Click ‘Listen to new port (+Listen)

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.

    A new window should open, put in your Port then tick ‘Try to forward automaticaly (UPNP)

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.

    IN this case, I will do port 70 so I put that in, tick ‘Try to forward automatically (UpNP)‘ and click Listen.
  13. Move over to ‘Socket / Net‘ located at the very end of the top left border.

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.

    You should see something like this:

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.

    70 may not be your port, your port that you added in ‘Listen to new port‘ will be displayed, not specifically 70.
  14. Go to ‘www.canyouseeme.org

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  15. Put in the port that you are listened on.
    If all went well, it should look like this:

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  16. Now, click DarkComet-RAT again and click Server Module, then click Full Editor (Expert)

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  17. Name your Security Password anything you like, then click the Mutex a few times. We then have the Main Settings done.

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.

    Make sure you untick FWB (Firewall Bypass)
  18. Go to Network Settings.
    Now, go to

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
    and register
    Click Free DNS

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  19. Put in whatever you want for it. Make sure the email is valid because we will need it to validate. (if you don’t want to give your email, get a temp email at 10minutemail.com)

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.

    Sign in now.
  20. Now, at the Body you will see a list of options, click ‘Add Host’

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  21. Copy the settings:

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.

    Leave IP Address, as that will show as Default your IP address.
  22. Click Create Host.
  23. Go back to your DarkComet and put in the Ip/DNS and Port (DNS for the NO-IP you made a second ago and Port for the one you listened on!)

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  24. Then click ‘Add‘ and go to Module Startup.
    Tick the ‘Start the stub with windows (module startup)’
    Then leave everything but ‘Persistance installation ( always come back )
    Tick that.
    Now, it should look like this:

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  25.  Now go to ‘Stub Finalization‘ at the end.
    If you are going to get it crypted then don’t tick UPX (Ultimate Packer Executable) but if you are, I would leave it off and just have it on No compression.

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  26. Now tick the ‘Save the profile when stub succesfully generated’ and Build the Stub.
    Now there is one last thing.
  27. Go to the Client Settings in DarkComet-RAT and then Click NO-IP Updater

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  28. Then put in the NO-IP host, Username and Password, then tick ‘Auto update your no-ip dns when your IP change

    Hidden Content

      Give reaction or reply to this topic to see the hidden content.
  29. Now, run the stub that you generated in a Sandbox to test, and you should show up!

Here now, we have run through the entire thorough setup for DarkComet. Even your kid brother could follow this tutorial. Now what you need to do is some research into how to encrypt the EXE, so it can be installed remotely without an antivirus putting up a fuss. I know Metasploit has some pretty good encryption in it’s framework. I would start there. Watch out for others telling you they will encrypt it for you. This is usually a trick to just pack their own RAT into your stuff!

  • Like 1

Share this post


Link to post
Share on other sites

study like so cool

Share this post


Link to post
Share on other sites

Still alive this rat !

Thx for your poste 😄

Share this post


Link to post
Share on other sites
Sign in to follow this  

×