
Overview
ToRat is a Cross Platform Remote Administration tool written in Go using Tor as its transport mechanism currently supporting Windows, Linux, MacOS clients.
DISCLAIMER
USE FOR EDUCATIONAL PURPOSES ONLY
Wiki
How to install and use ToRat Docker Image
Demo
Current Features
Architecture
- RPC (Remote procedure Call) based communication for easy addition of new functionality
- Automatic upx leads to client binaries of ~6MB with embedded Tor
- sqlite via gorm for storing information about the clients
- client is obfuscated via garble
Server Shell
- Cross Platform reverse shell (Windows, Linux, Mac OS)
- Supports multiple connections
- Welcome Banner
- Colored Output
- Tab-Completion of:
- Commands
- Files/ Directories in the working directory of the server
- Unique persistent ID for every client
- give a client an Alias
- all Downloads from client get saved to ./$ID/$filename
Persistence
- Windows:
- Multiple User Account Control Bypasses (Privilege escalation)
- Multiple Persistence methods (User, Admin)
- Linux:
- Multiple Persistence methods (User, Admin)
Tor
- Fully embedded Tor within go
- the ToRAT_client communicates over TLS encrypted RPC proxied through Tor with the ToRat_server (hidden service)
- anonymity of client and server
- end-to-end encryption
- optional transport without Tor e.g. Use Tor2Web, a DNS Hostname or public/ local IP
- smaller binary ~3MB upx’ed
- anonymity of client and server