(EXCLUSIVE) DarkComet-RAT updated to v3.0.1

DarkComet-RAT (Remote Administration Tool) is software design to control in the best condition and confort possible any kind of Microsoft Windows machine since Windows 2000.
This software allow you to make hundreds of functions stealthly and remotely without any kind of autorisation in the remote process.
This software is a long time project , started the August 2008 , DarkComet-RAT is now one of the best and one of the most stable RAT ever made and totally free.

Changelog

  • [Server startup]Now server module install correctly in Windows and System dir (if user got privileges).
  • [Edit Server] Server generation is now 50x faster and safe threaded
  • [Edit Server] File binder , Plugins disabled for EOF mode (only), it was corrupting the EOF settings, use RES mode to bind/add plugins to server, the rest still working fine with EOF mode.
  • [File Manager] No more random errors when browsing files
  • [File Manager] Now even if you browse large amount of files, for example system32 it will works fine without any problems
  • [File Manager] Now you can put arguments when you run a file (SHOW and HIDDEN)
  • [Fun reader] No more error display if it fail
  • [Edit Server] Plugins error managed
  • [Mistakes, Small bug fixed] Some mistakes fixed also other small bugs

Features

General :

  • Reverse Connectivity [Server(master) <– Client(slave)]
  • Routers firewall bypass
  • UpNP (Universal Plug And Play) support
  • Windows XP,Vista,Seven [32 & 64 bit] full support
  • If correctly setup : UAC Bypass
  • Traffic encryption 256 bit RC4 [HEX]
  • Schedules tasks for arrival slaves
  • Multithread and multi slaves control support
  • Safe threaded using in both side pure Winsock2 API and W32 Thread API
  • No-IP auto updater support
  • Pushme notification (Iphone/Ipod) support
  • Flag geolocalisation support
  • Multi port (listen in many port at the same time)
  • Plugin support for control & builder
  • Ressource String and EOF (End of file) support for settings
  • ASM (Assembler – FASM) small downloader included (2KiB)
  • Binder/Joiner included (Drop & Exec or Run from res –> injected)
  • Broadcast functions support
  • Web server security tester (HTTP Flood,TCP & UDP Flood)
  • Persistant install/process

Control functions :

  • System info
    • System monitor : Charts and gauge about RAM/CPU uses
    • Computer info : Several information about the computer
    • Trace Map : Geolocalisation with google map API, also display several information about position
  • Fun functions :
    • Fun Manager : Have fun with some functions of the computer
    • Piano : Play piano in the remote computer (Support octave down/up)
    • MessageBox : Send custom messagebox to remote computer (support injection)
    • Microsoft Reader : Send text to remote computer and make it read by a robot
  • System Functions :
    • Process Manager : Get a full control of remote process and assigned modules
    • Remote Registry : A remote regedit like if you were in your own computer
    • Remote Shell : A remote MS-DOS shell by pipe redirection
    • Windows List : List remote visible and/or hidden windows (and play with them)
    • Uninstall Application : Grab the list of the remote installed application (Also remove/uninstall)
    • System Privilege : Get the assigned remote system privileges
    • Hosts File : Get/Edit the remote hosts file ‘%SYS32%/drivers/etc/hosts’
  • Remote MSConfig :
    • Services Startup : Get/Edit/Add/Delete/Start/Stop any services startup
    • Registry Startup : Control the HKCU/HKLM Run keys (add , delete , clean…)
  • Remote Scripting :
    • Html Scripting : Remote code and execute some HTML/CSS code
    • Batch Scripting : Remote code and execute some Batch code
    • VB Scripting : Remote code and execute some VBS code
  • Files Manager : Control the whole remote files drives(any kind of storage) with a hudge amount of features
  • Passwords/Datas
    • Stored Passwords : Retrieve all the remote passwords (MSN,RAS,AIM,ICQ,FIREFOX,IE…)
    • µTorrent Downloads : Retrieve all µTorrent files used even deleted one from µTorrent client
  • MSN Functions :
    • MSN Control : Control the status of the remote MSN session and get some informations about
    • MSN Contacts : Grab the remote MSN session contact list with their current status/name and play with them
  • Spy Functions :
    • Webcam Capture : Watch the choosen webcam(driver) in real time (FAST and SMOOTH), support recording
    • Sound Capture : A very fast microphone recoarding in pure streaming (FAST and SMOOTH), support local talking too
    • Remote Desktop : A powerfull remote desktop capture with many possibility (Keyboard , Mouse , Move , Shortcuts etc…)
    • Keylogger : A very good keylogger using any hooks and recoarding even the special keys like symboles and key binding
  • Network Functions :
    • Active Ports : Get the remote TCP/UDP active connections list and decide to kill or not the connection or process
    • Network Shares : Get the shared folders/files with some nice informations such as the display name , path , description even password
    • LAN Computers : Scan for vulnerable computers , it will get their LAN IP and NAME (Computer Name)
    • Net Gateway : Get the remote gateway list
    • IP Scanner : A simple multithread port scanner
    • Url Download : A remote multithread file downloader/Execute with status
    • Browse Page : Open a remote webpage in default browser
    • Redirect Ip/Port : Share temporary your actual slave connection to another computer
  • Misc Functions
    • Print Manager : Print text in the remote default printer
    • Clipboard : Control the remote clipboard content (Files/Text, Send/Get)
  • Control the computer power
  • Control the Client/Server socket
  • Update via URL or File the slave
  • Take notes

DarkComet Quick review

Strong Traffic Encryption : DarkComet assure you to protect the best possible your privacy , all the Client/Server comunications are encrypted in RC4-256b using a dynamic encryption key to prevent people to reverse the program and find the generic key, also if you choose a password for connection (recommanded) it will bind the RC4 generic key with your password then it will be totally impossible to guess/find the key.
Server settings are also totally encrpyted with the same cipher to protect at 100% your privacy data.
Full Microsoft Windows Compatibility : DarkComet is design with the latest IDE of Delphi with the last windows graphic API, then the user interface is really clear / profesionnal and easy to use , also it allow you to use DarkComet in any kind of Microsoft Windows platform since Windows 2000 in 32bit and 64bit systems.
Use it even on Mac / Linux : DarkComet is also design specialy for Windows platform emulator like , then you can run it without any problem under Linux and/or Mac and have the same confort than in a real Microsoft machine.
Graphics wont be crashed all will be display correctly and no dependency needed.


You don’t need to forward your ports : You don’t need to forward manually the ports in your router , since version 2.1 i include the UpNP (Universal Plug n Play) system , if your router is compatible (most) with UpNP then don’t worry about the ports all will be done automatically and with the best security , when you don’t use DarkComet the port will be automaticaly close to prevent attacks.


Works in chinese systems : The client is coded in a full natif Unicode environement then it can easily use and traduce in China, also since version 2.1 it works in all kind of Chinese operating system and display the correct Unicode characters.


Works in NAT via Virtual Machine : DarkComet since the version 2.1 works under Virtual Machine using NAT (Shared connection), then you don’t need to force a bridged connection , you can use NAT without any flux transfer problem , its also still very stable and fast even with a shared connection.


Unlimited possibility’s : DarkComet is the Remote Administration Tool that have the biggest amount of function , explore hundreds of functions and possibility like (Remote Capture,Webcam Capture,File Explorer, Process Manager,Registry Manager,Remote Shell,Password Grabber,Keylogger, Window Manager,Startup Manager,Remote Scripting,Fun Manager,System Informations,Msn Manager… and a lot more).


Multithread Technologie : DarkComet totally proffit of the wonderfull multithreading , you can do several actions at the same time with one or many users in same time , also the whole socket / threads are coded in pure Win32 API even for Client , that mean no components or VCL Class are use then i have control of the wholes windows events/message then its more fast and stable.

DarkComet 3.0 List improvement

– 09/10/2010 : RC4 traffic encryption done , its encrypt all plain text and data flux with a RC4 encryption 256 bit , all your private data are now totally secured and DarkComet is impossible to flood / exploit .

– 09/10/2010 : Dynamic RC4 256 bit Key added when you choose a password on DarkComet , thats mean if you want to be secured at 200% when you choose a password in server it will bind the actual RC4 key with your password then without the correct client password the data wont be correctly decrypted then nothing will work without your password.

– 09/10/2010 : Now edit server settings are totally encrypted in RC4 256 bit too then its no more possible to reverse and read your personnal settings , again you are totally secured now ;)

– 10/10/2010 : New column added in connection list (SIN) , now you can see the RAM usage/Total RAM and Free RAM.

– 10/10/2010 : New column added in connection list (SIN) , now you can see the country code/country localisation(geo) and the default system langage

– 10/10/2010 : New column added in connection list (SIN) , now you can see the first execution data/time of the server if it just been executed and not installed it display the current date/time.

– 10/10/2010 : Now you can choose if you want to display the default language flag or the geo ip flag :)

– 10/10/2010 : In OS collumn windows installed drive added (its where windows was installed)

– 12/10/2010 : Clipboard manager have been recoded , now you can resize the textbox and listview for a better confort

– 12/10/2010 : Two functions added in Clipboard manager , get the remote clipboard text in your clipboard , and send your clipboard text to the remote clipboard.

– 12/10/2010 : Process Manager got now a real better compatibility on 64 bit OS, now it list all process :)

– 12/10/2010 : Process Manager list the process 3x faster.

– 12/10/2010 : If you use a password for protecting connection it will be display in tray icons with a locker to remind you ! ;)

– 16/10/2010 : New toast style made , now you it display more information and have a better design.

– 16/10/2010 : Clipboard copy problem fixed in password manager , also the whole system is more stable now.

– 30/10/2010 : New edit server design fixed and recoded at 100% , more fast , more stable , more options.

– 30/10/2010 : New profile save/load system with many options possibility’s such as Encrypt/Decrypt your custom profile with password

– 30/10/2010 : Ultra verbose system added on edit server.

– 30/10/2010 : Edit server doc started.

– 31/10/2010 : Now you can test if the connection will be successfully established with verbose (it test localhost/lan and WAN)

– 07/11/2010 : Now disable/enabled taskmanager works like a charm for all Windows without beeing administrator.

– 07/11/2010 : Now disable/enabled registry (regedit) works like a charm for all Windows without beeing administrator.

– 07/11/2010 : Disable UAC added to server shield

– 07/11/2010 : DNS Poisoning added in edit server , you can add some dns rules in hosts file very easily and also clean the whole host file before applying your custom changes

– 11/11/2010 : Icon Pack with list added in the new Edit server , you can also drop some new icon in the Icons folder they will apear then in the list

– 12/11/2010 : Binder totally recoded and use now his own ressource section

– 12/11/2010 : Now in file binder you can choose if you want the file(s) to be drop in temp folder and executed or if you want them to be inject to default browser directly from resource without extracting it

– 12/11/2010 : Edit server plugins system done, now you can code your own plugins that will be load at server startup, the system is safe threaded (It wont block the main application).

– 14/11/2010 : New screen capture, more fast, more stable and new settings

– 14/11/2010 : Now screen capture control functions are safe threaded then more fast

– 14/11/2010 : Now you can choose interval capture for screen capture

– 14/11/2010 : Now you can automaticaly save snapshots like for webcam

– 14/11/2010 : Now batch commands works even if UAC enabled

– 14/11/2010 : Now VBS commands works even if UAC enabled

– 14/11/2010 : New function added in control center / fun section : Microsoft reader allow you to make speak the remote computer

– 16/11/2010 : Screen capture speed improved and comsume less CPU and RAM, also now it compare the previous picture with the new one in less than 10Ms :)

– 16/11/2010 : Some part of the design had been refund, more compatible for Linux Wine, Windows 2000 and WinXP Classic theme also the design is more pro

– 20/11/2010 : Trace route tab had made a fusion with trace map , stability improved it doesn’t use browser anymore it is only a PNG picture and you can choose the size , zoom of this picture.

– 20/11/2010 : Unremote webserver trace route ip module updated to v2.0

– 20/11/2010 : A small SIN connection thumnail issue fixed

– 20/11/2010 : CPU/RAM monitor GUI as changed it is more clean, and have nice progressbar colours ;) (for Vista and Windows 7 only) on XP and lower it will be normal progress bars.

– 20/11/2010 : Two buttons added in Html scripting, batch scripting and visual basic scripting (Past clipbaord code and copy code to clipboard)

– 20/11/2010 : Msn control tab better design

– 20/11/2010 : Multithread file downloader design is now better and also you can now clear the downloaded items but all current download must been finished first.

– 20/11/2010 : SIN Form design had changed now it is more pro , better for the eyes.

– 20/11/2010 : General Settings panel change , i remove the SIN settings & General settings and make a fusion of the both its more clear.

– 20/11/2010 : Now you can hide/show local files in File Manager

– 20/11/2010 : New function added in system functions (control center) you can now get the remote hosts file and edit it (Require Admin state – UAC)

– 21/11/2010 : Server downloader added in Edit Server menu popup, the downloader is coded in ASM then size = 2ko before editing and few byte more after edit cause of the setting The downloader code is open source.

– 21/11/2010 : New function added in File Manager , called Run file > Injected to default browser , it will inject the file to default browser (32bit) and load it (Works on 64bit if the file to run is 32bit)

NJ Ouchn

"Passion is needed for any great work, and for the revolution, passion and audacity are required in big doses"
Strengthening Security: ToolsWatch Welcomes Dr. Magda Lilia Chelly and Vivek Ramachandran to Black Hat Arsenal’s Board of Review

Strengthening Security: ToolsWatch Welcomes Dr. Magda Lilia Chelly and Vivek Ramachandran to Black Hat Arsenal’s Board of Review

GISEC Armory Edition 1 Dubai 2024 – Call For Tools is Open

GISEC Armory Edition 1 Dubai 2024 – Call For Tools is Open

Black Hat Arsenal 2024 Next Stop Singapore !

Black Hat Arsenal 2024 Next Stop Singapore !

ToolsWatch introducing Armory at Gisec 2024 in Dubai: A New Arena for Cybersecurity Open Source Tools Announced

ToolsWatch introducing Armory at Gisec 2024 in Dubai: A New Arena for Cybersecurity Open Source Tools Announced

Unveiling the Awesome Lineup for Black Hat MEA Arsenal 2023 in Riyadh, KSA

Unveiling the Awesome Lineup for Black Hat MEA Arsenal 2023 in Riyadh, KSA

Announcing the First Black Hat / ToolsWatch SecTor Toronto 2023 Arsenal Tools and Their Impact on the Community

Announcing the First Black Hat / ToolsWatch SecTor Toronto 2023 Arsenal Tools and Their Impact on the Community