How to Hack and Control someone’s PC by Remote Access Trojan

Hack and Control someone’s PC by RAT:-

Today I will demonstrate to you best practices to Hack and Control PC by the assistance of RAT. Remote Administration Tool is a malware program that incorporates an indirect access for managerial control over the objective PC. RATs are generally downloaded imperceptibly with a client asked for project -, for example, a diversion – or sent as an email connection. When the host framework is traded off, the gatecrasher may utilize it to disperse RATs to other defenseless PCs and build up a botnet.


To make this sort of assault conceivable programmers tie it or disseminate and get it introduce on the casualty’s computer.After establishment of server record programmer can control casualty’s PC mouse to webcam and numerous all the more thing sitting thousand miles away.

Underneath I will specify about some popular RAT and their components. On the off chance that you need you can download them from their particular webpage.

1. Netbus:~

NetBus is a product program for remotely controlling a Microsoft Windows PC framework over a system. It was made in 1998 and has been extremely questionable for its capability of being utilized as a secondary passage.


There are two parts to the client–server structural planning. The server must be introduced and keep running on the PC that ought to be remotely controlled. It was an .exe record with a document size of just about 500 KB.


1.Keystroke logging

2.Keystroke infusion

3.Screen catches

4.System dispatching

5.Document scanning

6.Closing down the framework

7.Opening/shutting CD-plate

8.Burrowing convention (NetBus associations through various frameworks

2. ProRat:~

ProRat is a Microsoft Windows based indirect access trojan horse, all the more generally known as a RAT (Remote Administration Tool). Likewise with other trojan stallions it utilizes a customer and server.


ProRat opens a port on the PC which permits the customer to perform various operations on the server (the machine being controlled). ProRat is known for its server to be verging on difficult to uproot without cutting-edge antivirus programming.


  • Logging keystrokes
  • Stealing passwords
  • Full control over files
  • Drive formatting
  • Open/close CD tray
  • Hide taskbar, desktop, and start button
  • Writing on-screen
  • Movement of cursor
  • Feed the cat
  • Take screenshots
  • View system information
  • View webcam
  • Download & run files
  • Password Protect your bound server from being used by anyone else

3. Beast:~

Beast is a Windows-based secondary passage trojan horse, all the more regularly referred to in the underground hacking group as a Remote Administration Tool or RAT. It is equipped for tainting renditions of Windows from 95 to 8.1.


It utilized the ordinary client–server model where the customer would be under operation by the assailant and the server is the thing that would contaminate the casualty. Mammoth was one of the first trojans to highlight a converse association with its casualties, and once settled it gave the aggressor complete control over the contaminated PC. It for the most part focused on three disease locale:-

  • C:\Windows\msagent\ms****.com (Size ranging from 30KB to 49KB)
  • C:\Windows\System32\ms****.com (Size ranging from 30KB to 49KB)
  • C:\Windows\dxdgns.dll or C:\Windows\System32\dxdgns.dll (Location dependent on attacker’s choice)

On a machine running Windows XP, evacuation of these three records in experimental mode with framework restore killed would clean the framework.

The default ports utilized for the immediate and opposite associations were 6666 and 9999 separately, however the aggressor had the choice of evolving these. Monster accompanied an implicit firewall bypasser and had the capacity of ending some Anti-Virus or firewall forms. It additionally accompanied a fastener that could be utilized to join two or more records together and after that change their symbol.


  • Direct or Reverse connection option
  • DLL injection location (e.g. explorer.exe)
  • Server name change option
  • Server installation directory (e.g. <windir>)
  • Various IP and Server info notification options (e.g. email, icq, cgi, etc.)
  • Startup keys selection
  • Anti-Virus and firewall killing
  • Other miscellaneous options (e.g. automatic server file deletion, fake error messages, offline keylogger, icon changer, etc.)
  • File Manager – along with browsing victim’s directories it could upload, download, delete, or execute any file
  • Remote Registry Editor
  • Screenshot and Webcam capture utility
  • Services, Applications, and Processes Managers, providing the ability of terminating or executing any of these
  • Clipboard tool that could get currently stored strings
  • Passwords tool capable of recovering any stored passwords in the victim’s computer
  • Power Options (e.g. shutdown, reboot, logoff, crash, etc.)
  • Some tools mainly for creating nuisance (e.g. mouse locking, taskbar hiding, CD-ROM operator and locker, URL opener, wallpaper changer, etc.)
  • Chat client providing communication between the attacker and the victim
  • Other tools such as a Remote IP scanner, live keylogger, offline logs downloader, etc.
  • Server Controls (e.g. server deleter, updater, terminator, info provider, etc.)

4. SubSeven:~

SubSeven, is a remote organization device/trojan project (RAT—where the “T” can have a double significance for this situation). Its name was inferred by spelling NetBus in reverse (“suBteN”) and swapping “ten” with “seven”.

Since its common utilization is to permit undetected and unapproved access, Sub7 is typically portrayed as a trojan horse by security specialist.


Additionally Sub7 has some features deemed of little use in legitimate remote administration like keystroke logging.
Sub7 worked on the Windows 9x and on the Windows NT family of operating systems, up to and including Windows 8.1


  • recording:
    • sound files from a microphone attached to the machine
    • images from an attached video camera
    • screen shots of the computer
  • retrieving a listing of recorded and cached passwords
  • taking over an ICQ account used on the target machine (back then the most popular messaging service); added in version 2.1. This included the ability to disable the local use of the account and read the chat history
  • features which were presumably intended to be used for prank or irritating purposes including:
    • changing desktop colors
    • opening and closing the optical drive
    • swapping the mouse buttons
    • turning the monitor off/on
    • “text2speech” voice synthesizer which allowed the remote controller to have the computer “talk” to its user
  • penetration testing features, including a port scanner and a port redirector.


  •  Remember one thing “To run a VIRUS you need a HUMAN BEING“.
  • “This tutorial is only for Educational Purposes,do not use it to Hack someone PC”.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s