Nuclear RAT Beta 8 (29/05/2006)

[whit3_sh4rk]

Nuclear RAT Beta 8

Coder: Caesar2k
Programado em Delphi

Shot:

Descrição (inglês):
   Changed the screencapture engine mainly, and some other stuff, that might help to decrease the problems everybody's been having with the client, but good to update your servers as well
Current feature list of this program:
- Colored connected computers listings according to their ping
- Online keylogger
- Screencapture (with mouse gestures) using PNG compression
- Webcam capture (with driver selection) using PNG compression
- Computer information with a wide variety of information
- Mouse control
- Script editor for VBS and BAT, no need for uploading files
- Screen resolution control
- Socks5 with NOAUTH
- Webserver for downloading and browsing files on the remote computer
- Remote shell
- Filemanager with treeview style with:
- Download
- Download folder
- Upload file
- Run
- Run hidden
- Rename file
- Delete file
- Play wav and mid files
- File properties
- Filter folder contents
- Diferent view styles for the file list
- Global search files
- Rename folder
- Create folder
- Delete folder
- Folder properties
- Sort by filename, size of type (ascending and descending)
- Auto refresh on folder click
- Auto open some types of readable files, such as txt, rtf, png, gif, bmp, jpg, etc
- Windows manager with:
- Send keys
- Show/Hide/Disable and more features for each window
- Find window by handle or by title
- Get all windows (visible or not) or just the visible ones
- Process manager with:
- Module manager (unload DLL and unload DLL from all processes)
- Process manager (kill and inject server into process)
- Registry manager in treeview style with:
- Delete key
- Create key
- Rename value name
- Delete value name
- Set value with all types of registry values available (REG_SZ, REG_EXPAND_SZ, REG_MULTI_SZ, REG_DWORD, REG_BINARY)
- Create value
- Transfer manager with downloads/uploads with the modes of queue (downloads and uploads in sequence) and
multi-threaded (download and upload many at once)
- Clipboard manager with Set/Get/Clear functions
- Plugins manager with:
- Client side extensions
- Upload plugin function
- Connections manager to break any connection thats getting through the client
- Shutdown computer with log off, shutdown and restart
- Message box
- Web download feature
- IP Range scanner
- Chat
- shellExecute
- Port redirect function with multiple redirections, and IN and OUT traffic information
- TCP tunnel with multiple connections allowed and various ports
- Quick floating menu to have your most used functions in hand and external programs and files!
- Share Server, make the server connect to another IP and port temporarily (reverse connection)
- Remote connection manager you can check all the connected IPs to the server
--------------- Client abilities ---------------------
- EurekaLog protected client, so you can send logs directly to my email
- Multi-Threaded client, you can perform many tasks at once
- Lag meter and pingtimeout for servers not responding after 3 tries (or you define the timeout tries)
- Average speed, in/out global traffic, even for plugins
- Broadcast commands to your online server list: download, execute plugin command, disconnect,
close, update, uninstall
- Every single request made from the client is using one port, so you wont need to forward a lot
of ports again when using reverse on a computer behind a router
- Update/Uninstall/Close/Disconnect servers simpliest task ever
- Support for reverse and direct connections simultaneously
- Saves spaces by using right-click menus and not having big buttons for everything
- Built-in help for most of functions, just click the question marks around the client
- Sounds for downloads, connections and disconnections
- Plugin system compatible with most languages, since they use stdcall as export, Delphi and C++ tested
- Hybrid server mode: listen on a port or reverse connect at same time on the same server!
- Flow control for commands, you wont get content before the last ends!
---------------- Server abilities ---------------------
- Server can either be injected to a lot of targets at same time or be loaded by the server exe
- Possibility for creating reverse or direct connection servers
- Fake error message on execution
- Bind plugins with the server and execute its functions on load
- Make plugins as generic (no gui needed), client based (using a gui plugin on client side) and
extension (add functionality to the server)
- The server has a lot of error checking, to guarantee its going to be stable
- Encrypted information between client-server
- Relatively small exe, considering all its functions
- PHP script logging enabled, keep track of your direct and reverse connections

Download

[]s

[Anonymous]

Boa White!!

Eu já havia baixado ese RAT e ele é muito bom!! 
Tem muitas ferramentas e a configuração é minuciosa.
Se tivesse uma versão indetectável, seria maravilhoso.

Até breve,

[OnlyOne]

eu acho mais interessante o codigo da aplicaçao , mas como eu sei q o caesar2k ,nao vai passar os fontes ......

[J.spY]

Pelo menos AVG e AVAST! atualizados ele está undec pois instalei aqui para testar...

Já no NOD32, não.

[DarkGenesis]

He he he...

Passando pelo AVG e Avast é só alegria, a " grande massa" de users da net só usa eles.  :o

[HadeS]

Ótimo post whit3_sh4rk!

Me parece ótima essa ferramenta.

HadeS

[whit3_sh4rk]

Lançamento: 09/07/06
Coder: caesar2k

Nuclear RAT Beta 9

Changes in this version

For those fixes to be applied, you need to update your server on the remote machine, there may be unknown problems if you use a new client with an older server, or vice-versa:
# Screencapture with a better error handling
# Modified change.php and logger.php scripts
# Fixed timers with webcam and screencapture
# Fixed big file downloads and uploads
# Screencapture is now smaller if you set smaller scale
# Fixed resume for upload and downloads
# Fixed screencapture with chat crash bug
# Changed the way the download folder works, now it will ask if you want to download x files and x folders and the total size of the entire folder
# Fixed reconnection issue, that the server would disappear when the client crashed or closed, etc.
# Fixed rename function when downloading uploading
# Folder properties now show the correct folder size
# Added timeout for connections, if the server doesnt receive data for 5 minute, it will disconnect and reconnect (the ping is data, so dont worry about connected servers)
# Next thing to do for the next version: Add unicode support for filenames and unicode fonts for all the menus and contents
# Fixed order by size in filemanager
# Fixed "Average Speed" that would stuck at 9b/s when idle
# Increased timeout for incoming connections, with the old timeout, some data could be lost and the client would hang. Increased from 30 seconds to 10 minutes
# Download folder will now download EVERYTHING in the folder, and in all subfolders

Current feature list of this program:
# Firewall bypass method: DLL injection
# Simultaneous direct and reverse connection, all traffic through one port, easier to configure
# Can inject the dll in multiple processes to ensure functionality
# Three startup methods
# Plug-in enabled server and client, with 3 kinds of plugins: generic, client based and extension
# Easy-to-understand clean client GUI
# PHP logging enabled server
# Lossless PNG compression for screencapture and webcam capture
# Filemanager with all types of functions, including the Download folder function, that will download everything inside the desired folder, including subfolders
# Configurable ping system and color matching the ping latency (green < 200ms, orange > 200ms and < 500ms, maroon > 500ms and < 1000ms, grey > 1000ms)
# Turn the remote computer on a SOCKS5 daemon
# Live keylogger with adjustable font for unicode computers
# TCP Tunnel to reach services that are in computers behind routers and LANs, like game servers, SOCKS daemons, FTP daemons, virtually anything that cant be reached through routers and LANs
# Port redirect for a fill & click redirection service
# Chat with the remote computer
# Remote IP and Port range scanner, use the speed of the remote computer for doing your port scans
# Melt server, assign name, configure the server the way you want, show a custom message upon execution
# Window manager with send keys feature
# Process manager and module manager. Terminate processes and unload DLLs from remote processes
# Registry manager that support REG_DWORD, REG_BINARY, REG_SZ, REG_MULTISZ, REG_EXPANDSZ. Create values and keys on-the-fly
# Clipboard manager, can retrieve up to 32Kb of clipboard data from the remote computer
# Intuitive webserver, that you can browse and download all the files from the remote machine using your browser
# Remote shell for executing remote cmd.exe commands and a BATCH and VBS execution function
# Update your servers with a few clicks and entering your information for the update
# Transfers queue or multi transfer methods while upload/downloading your files
# Support for download/upload huge files, up tp 1Pb (pentabyte)
# Sorting feature for file manager, sorte by filename, size or file type
# Plugin SDK in two languages to help you develop your own plugins, C++ and Delphi
# And many more features! Just use and see all of its potential

Download -> http://www.nuclearwintercrew.com/

[]s

[fffteam]

E parece ser um bom trojan mas a notificação dele que não é boa trojan bom para
min é aquele que evia o ip para o email os melhores são o prorat e o beast o resto
servem para pouca coisa,mas é um bom trojan,ótimo post vai ajudar muita gente.

[whit3_sh4rk]

[fffteam]
Nisso eu discordo.. Conexão reversa = notificação em tempo real.. Qdo o cara é infectado, PIMBA, aparece lá no RAT.. Bem melhor do que por email..

[]s

[Anonymous]

Invalid URL. Access the site from www.nuclearwintercrew.com ?

[#phobia]

Aki ta entrano normal cara...   =/

[DarkGenesis]

Nova versão, vou testar agora mesmo.  :o

[caesar2k]

valeu gente, espero que gostem =)

[locator.dll]

caesar2k está de parabéns..

vlw

locator.dll