Tuesday, March 22, 2011

how-to-setup-cybergate-rat





In This Tutorial You'll Learn Following:

Cybergate 1.07.5 Set Up - Download Cybergate RAT Here -- The AV Detection Is False Positives, Dont worry

Setting Up An No-IP

Spreading

Setting Up An No-IP Duc - Download Here!


 
Setting Up The No-IP & Client

1. Start Off By Going To; No-IP.com And Register. If You Have An Account There Already, Then Just Log In.

2. Once You've Logged In, Press "Add Host"
 

  

 3. Now It's Time To Choose Your Host Name!



Hostname: Your Host Name, EG:  

YourHostName.no-ip.biz
Host Type: DNS Host (A)

Dont Care About The Rest, Once You've Choosen Your Host Name, Press "Create Host" In The Lower Right Bottom.

  


 The Host Is Now Finished! Lets Move On To The No-IP Client.

1. The No-IP Client You Downloaded In The Beginning, Extract It To Your Desktop & Install It.

2. Now When You've Installed It, Open It Up & Log In With Your No-ip Username & Password.

3. When You're Logged In Press "Select Hosts" And Then Check That Little Box With Your Hostname.



-// Note: Always Have No-IP Open When You Have Cybergate Open!

There! Your No-IP Host & Your No-IP Duc Is Now Sat Up!

Setting Up Cybergate 1.07.5

1. Extract The Cybergate File You Downloaded In The Beginning To Your Desktop! Once Extracted, Open It & Wait 20 Seconds For The Agreement To Pass! :)

2. When It's Open, Press: Control Center -> Start.

3. Press: Control Center -> Options -> Select Listening Ports


 
  
4. Once You've Pressed The "Select Listening Ports" This Window Should Appear:


5.Firstly, Write "100" In That Little Box And Press The Blue Arrow. Then It Should Appear Under "Active Ports"

Active Ports: The Port You Will Forward Later!

Connections Limit: The Max Amount Of Victims You Can Have.

Connection PW: The Connection Password. Use "123456"

[V] Show Password: (Shows Password)

Once This Is Done, Press "Save"!

6. Now We'll Go To The: Control Center -> Build -> Create Server.



User: First, Press "New" And Name It To: "Plutonium". Once Done, Press "OK"

Now Just Double Click On "Plutonium" Or Press "Plutonium" And Then Press "Forward"

7. Now We're In The "Connection" Tab


First, Press "127.0.0.1 - 999" And Then Press Delete.
Now Press "Add" And Write Your Hostname In It + :100.
Like This: 


YourHostName.No-ip.biz:100

 Change The Identification To: Cyber
Change The PW To: 123456

**Note, If You Want To Try The Server On Yourself, Then Delete Both:

- 127.0.0.1:999
- YourHostName.No-ip.biz

And Replace Them With; 127.0.0.1:100 Since 127.0.0.1 Means "Local Computer & LAN Internet"

Make The DNS/HostName Server First Though! :)

DNS: Your Host Name, EG: 

YourHostName.no-ip.biz

  Port: The Port You Will Forward Later.
Identification: The slave Name
PW: The Password You Wrote In The Options, "123456"

8. Once You're Done With Theese, You'll Move On To The "Installation" Tab.

9. Have The Same Settings As I Do, And Follow The Instructions In The Image!

--//--//--//--//--//--//

Install Directory: Where The Server Installs, 

%System%
%Windows%
%Root%
%Program Files%
%Other%

Use The "System"! :).

Boot: This Is The "Startup" Option. Have Everything Checked & Press "Random" 5 Times And It Will Startup On Your slave Everytime They Start Their Computer!

Directory: Where The Virus Folder Installs
File Name: What The File Will Be Inside The Folder.

Inject Into. What Process It Injects into, Use Default Browser!

[V] Persistance: Keeps Trying To Inject Until Succed.
[V] Hide File: Hides The File, (Not FUD Though!)
[V] CCD: Changes The Creation Date From 16th July To 4 September 2005.

Mutex: Mutex Of The Server, Just Press Random A Couple Of Times!

There We Go, You've Now Completed The "Installation" Tab!

--/ Skip The Message & Keylogger Since They Are Pre-Set Already!

10. You Should Now Have Trumbled Into The "Antis" Tab, Have Everything Checked! (Except SANDBOXIE If You Are Gonna TRY IT ON YOURSELF!)


Ok, The Final Tab.. "Creation Of The Server". Have Every Setting As Me!

[V] Use Icon: Yes
[V] Delayed Execution: (How Many Seconds It Takes Until Your Server Injects And They Pop Up In Your RAT)
[V] Google Chrome PW: Yes, Steals Their GC Passwords :)
[X] Bind Files: No, Get An Real Binder Instead! (Have Your Server Crypted Though First!)
[X] Compress With UPX: Makes The Server Smaller But More AV's Detects It!

There! Your RAT Is Now Fully Sat Up.

No comments:

Post a Comment