TechNowHorse RAT (Remote Administrator Trojan) Generator for Windows/Linux systems

Tools & Scripts
1

TechNowHorse

TechNowHorse is a RAT (Remote Administrator Trojan) Generator for Windows/Linux systems written in Python 3.

                    This small python script can do really awesome work.

image
image1206×511 131 KB

Features

  • Works on Windows/Linux
  • Notify New Victim Via Email
  • Undetectable
  • Does not require root or admin privileges
  • Persistence
  • Sends Screenshot of Victim PC’s Screen via email
  • Give Full Meterpreter Access to Attacker
  • Didn’t ever require metesploit installed to create trojan
  • Creates Executable Binary With Zero Dependencies
  • Create less size ~ 5mb payload with advance functionality
  • Obfusticate the Payload before Compiling it, hence Bypassing few more antivirus
  • Generated Payload is Encrypted with base64, hence makes extremely difficult to reverse engineer the payload
  • Function to Kill Antivirus on Victim PC and tries to disable the Security Center
  • Awesome Colourful Interface to generate payload
  • On Attacker Side: While Creating Payload, Script Automatically Detects Missing Dependencies & Installs Them
  • Able to add custom Icon to evil file
  • Built-in Binder which can bind Keylogger to Any File [.pdf, .txt, .exe etc], Running legitimate file on front end & evil codes in back-end as a service.
  • Checks for Already Running Instance on System, If running instance found, then only legitimate file is executed [ Multiple Instance Prohibiter ].
  • Attacker can Create/Compile for Both Windows/Linux OS Using Linux System, But Can only Create/Compile Windows Executable using Windows Machine
  • Retrieves Saved Passwords from victim System and sends it to Attacker.

Supported Retrives, Tries to Retrive Saved Passwords from :
Chrome Browser
WiFi

Note: Custom Stealer is Coded, does not relies on LaZagne

Tested On

Kali) Kali Linux - ROLLING EDITION

Windows) Windows 8.1 - Pro

Windows) Windows 7 - Ultimate

Following is the limitations of meterpreter payload generated using metasploit:-

  • Have to run the Metasploit Listener before executing backdoor
  • Backdoor itself don’t become persistence, we have to use the post exploitation modules in order to make backdoor persistence. And post exploitation modules can only be used after successful exploitation.
  • Didn’t Notify us whenever payload get executed on new system.

We all know how powerful the Meterpeter payload is but still the payload made from it is not satisfactory.

Following are the features of this payload generator which will give you a good idea of this python script:-

  • Uses Windows registry to become persistence in windows.
  • Also manages to become persistence in linux system.
  • Payload can run on LINUX as well as WINDOWS.
  • Provide Full Access, as metasploit listener could be used as well as supports custom listener (You can Create Your Own Listener)
  • Sends Email Notification, when ever payload runs on new system, with complete system info.
  • Generates payload within 1 minute or ever less.
  • Supports all meterpreter post exploitation modules.
  • Payload Can be Created on Windows as well as Linux system.

New Screenshots:

Getting Help

Generating payload

Also Refer These Old Images

~Old Screenshots:

Getting Help

Running paygen.py Script

When RAT runs, it adds Registry to become persistence

Makes copy of itself and saved it inside Roming

Report sended by RAT

Getting Notification From Victim PC

3 Likes
2

Man, that’s intimidating. :mask: