Hacknetics
  • Hacknetics
  • Active Directory Management
    • How to Join a Windows 11 PC to a Domain
    • Allow RDP in the domain
  • Active Directory AD Attacks
    • Bloodhound
      • Bloodhound Cypher Queries
    • Impacket-install
    • Kerberos cheatsheet
    • Domain Controllers
    • Overpass The Hash/Pass The Key (PTK)
    • Bloodhound Python
    • Rubeus to Ccache
    • Silver Ticket
    • Golden Ticket
    • Abusing GPO Permissions
    • AppLocker Bypasses
    • SharpView Enumeration
    • DonPapi
    • AD Overview
    • Enumerating Forests
    • NOPAC Priv esc
  • buffer-overflows
    • Buffer Overflows
  • c2-frameworks
    • Sliver
    • Powershell Empire
      • IronPython Empire
    • Metasploit
      • Metasploit Basics
      • Custom MSF Resource Scripts
      • Meterpreter Device Survey
      • Paranoid Mode
    • Pwncat-cs
    • Cobalt Strike
    • Dcrat
      • Modules
      • Builder
      • Dcrat AV Evasion
      • C2 Comms
    • FFM Documentation
  • covering-tracks
    • Evading Logging and Monitoring
    • Linux Logging
    • Tor
    • Windows Log Clearing
    • Ghost Writing Binaries
    • Backdoor Linux Commands
  • Data Exfiltration
  • Exploit Development
    • ROP Finding the vulnerable function
    • Useful Tools for Exploit Dev
    • ropeme
    • Obtaining MSFT Patches for Analysis
    • Mutiny Fuzzer
    • GDB
  • file-transfers
    • Transfering Files
  • lateral-movement
    • Pivoting Enumeration
      • Proxychains and FoxyProxy
      • SSH Tunneling and Port Forwarding
      • Plink.exe
      • socat
      • Chisel
      • SShuttle
  • lin-priv-esc
    • Linux Privilege Escalation
    • Bash Jails
    • ssh agent
  • Things I have Pwn'd before
    • Tomcat
    • Jenkins
  • persistence
    • Linux Persistence
    • Windows Persistence
      • Assign Group Memberships
      • Guest Windows Account Persistence
      • WMI Persist With Event Filters
      • SAM SYSTEM Exfil / Pass The Hash
      • Backdoor Executable
      • Special Privileges and Security Descriptors
      • RID Hijacking
      • Task Scheduler
      • Hijacking File Associations
      • Abusing Services
      • Logon Triggered Persistence
      • MSSQL Enabling xp cmdshell
      • Sticky Keys
      • Using Web Shells
  • recon-enumeration
    • Exploit Research
    • Pentesting DNS
    • Pentesting Kerberos
    • Pentesting FTP
    • Pentesting Email
    • Pentesting SMB
    • Pentesting Redis
    • Banner Grabbing
    • Pentesting Rsync
    • Pentesting MsSql
    • Scanning
    • Pentesting SNMP
    • Pentesting NFS
    • Pentesting LDAP
    • Pentesting Finger
    • User Recon
  • resources
    • resources
    • Youtube / Book List
    • CS/Software Engineer Resources
  • shells
    • Shells
    • web-shells
      • PHP Reverse Shell
      • wwwolf's PHP web shell
  • tool-guides
    • Asymmetric File Encrypt and Decrypt
    • Aws Buckets
    • cewl-crunch
    • Creating a Custom Wordlist
    • evil-winrm
    • Git
    • gobuster
    • Hashcat
    • Hydra User Guide
    • John
    • Linux Basics
    • Mimikatz
    • netcat
    • Nmap
    • nuclei
    • PowerView
    • r2
    • Resources
    • tcpdump
    • T-Shark User Guide
    • tmux
    • ssh
    • Vim
    • Wireshark
    • kwp
    • LAPS
    • KeePass KeeThief
    • FileCryptography.psm1
    • Impacket Pastable Commands
    • crackmapexec Pastable Commands
    • feroxbuster
    • NetExec
    • Ligolo-ng
    • gs-netcat
    • Scarecrow
  • Web Path
    • Testing for LFI
    • Testing for RFI
    • Testing for SQL
    • Testing for XSS
    • Authentication Bypass
    • Cmd Injection
    • Javascript Vulnerabilities
    • SSTI
    • Web Servers
    • JWT Tokens
    • Adobe Coldfusion
    • NoSQL Injection
    • vhost Enumeration
  • Wifi/Bluetooth/ZigBee/SDR/SmartCards
    • Wifi Capture Filters
    • Bluetooth Basics
    • Wifi Overview
    • Bettercap Bluetooth / Wifi
    • Aircrack-ng
    • Airdecap-ng
    • Aireplay-ng
    • RTL-SDR Radio
    • Bluetooth Low Energy
    • Smart Cards
    • Airodump-ng Airgraph-ng
    • gqrx
  • Windows
    • powershell-cheatsheet
    • Windows Privlage Escalation
    • Anti-Virus Evasion
    • Windows Registry
    • exploits
      • printspoofer
    • Windows Kernel Vulnerabilities
    • Windows Defender
    • AMSI Bypasses
    • pktmon Packet Capture Windows
    • Powershell Constrained Language Mode
    • Windows Survey
    • Windows Persistence
    • Windows World Writeable Dirs
  • firewalls
    • iptables
    • ufw
    • netsh advfirewall
  • Malware Analysis
    • Malware Analysis Fundamentals
    • Packer Identification by File section names
    • Analyzing Malicious Documents
    • In Depth Malware Analysis
    • Reversing Malicious Code
  • Infrastructure Development
    • SSL Cert Generation
    • Pfsense
      • OpenVPN Server on Pfsense
    • Proxmox OVA Import
  • Python3 Reference
    • Python3 Cheatsheet
    • Regex Python3
  • EDR
    • Velociraptor EDR
  • Host Forensics
    • Windows Host Forensics
    • Windows NT Versions
    • Windows Logs
  • Cloud
    • AWS
  • OSINT
    • Spiderfoot
    • Shodan Dorks
  • Phishing
  • Random
  • Linux
    • awk
    • cut
    • grep
    • sort
    • Cups CVE2024
  • Windows Malware Development
    • Win32 API
    • Processes Threads Handles
      • Message Box Example (Basic)
      • CreateProcess Example (Basic)
  • Golang
  • Mikrotik
    • Implementing a Password Reset Function for Persistent Access in MikroTik RouterOS
    • Cleaner Wrasse
  • Firmware Reversing
Powered by GitBook
On this page
  • Remote Shell
  • Remote Screen
  • Remote Camera
  • Remote Regedit
  • File Manager
  • Process Manager
  • Netstat
  • Record
  • Program Notification
  • Send File
  • Run Shellcode
  • MessageBox
  • Chat
  • Visit Website
  • Change Wallpaper
  • Keylogger
  • File Search
  • DDOS
  • Ransomware
  • Disable WD
  • Password Recovery
  • Disable UAC

Was this helpful?

Edit on GitHub
  1. c2-frameworks
  2. Dcrat

Modules

  • See below for each modules documentation

  • To get to modules right click a call back and you will see the following options

Surveillance

Remote Shell

Remote Screen

Remote Camera

Remote Regedit

File Manager

Process Manager

Netstat

Record

Program Notifications (Start | Stop)

Remote Shell

  • Exactly what it sounds like

  • Click on the module wait for below to appear

Microsoft Windows [Version 10.0.20348.1787]
(c) Microsoft Corporation. All rights reserved.

  • This is a cmd.exe prompt not a powershell prompt!

  • Use the white bar at the bottom to execute commands

Remote Screen

  • Also exactly what it sounds like

  • View the remote screen of the remote system

  • It can take a second to load, please be patient.

  • Screen sharing can be controlled (off/on) with the Start button at the top left

  • Option to View only or control the remote machine via your mouse and keyboard

  • To turn either on press the respective button at the top

  • Can also take auto screenshots with the Camera button also at the top

    • By default it will capture the screen every ~3 seconds

    • IMO that is far too fast, I am working on tuning it to roughly every 30 seconds to drop the amount of network traffic that is required with the screenshots.

Remote Camera

  • View the remote systems webcam

  • Requires loading RemoteCamera.dll into memory which will happen automatically

  • If no camera if found the pop up will exit automatically

Remote Regedit

  • Remotely view the registry in addition to creation of new keys or modification of existing keys

  • To create a new key click on Edit at the top and follow the prompts

  • It is nearly identical to the normal Regedit program on Windows

File Manager

  • File manager for remote upload, download, compressing and general file manager options

  • Just point and click

  • To move up a directory after traversing down the file system ensure you Right Click --> Back

    • That took me longer to figure out than I care to admit pubically

  • When you download a file a ClientsFolder will get created, you can find your exfil'ed file there

DcRat\Binaries\Debug\ClientsFolder\1427F5A9B444217138E1 #String is client id

Process Manager

  • Exactly like it sounds

  • View running process

  • Right Click to Refresh or Kill a specific process

  • Refreshes pulls a up to date process list

  • It is better opsec to not constantly upload as that can greatly increate the amount of network traffic

Netstat

  • Exactly like it sounds

  • View network connection on the remote host

  • Right Click and select Refresh or Kill

  • Selecting Kill attempts to kill the process creating that network connection

Record

  • Record the audio off the remote systems microphone

  • If the remote system has no microphone you will get an error in the logs

  • Requires the Audio.dll file to be automatically loaded onto the remote systems memory

Program Notification

  • Alert the operator when a specific remote process is launched on the system

  • Defaults to Uplay,QQ,Chrome,Edge,Word,Excel,PowerPoint,Epic,Steam

  • Currently changed to:

Chrome,Edge,Firefox,Word,Excel,PowerPoint,Task Manager
Control

Send File -->

From URL

Send File to Disk

Send File to Memory

Run Shellcode

Message Box

Chat

Visit Website

Change Wallpaper

Keylogger

File Search

Send File

Run Shellcode

MessageBox

Chat

Visit Website

Change Wallpaper

Keylogger

File Search

Malware

DDOS

Ransomware -->

Encrypt

Decrypt

Disable WD

Password Recovery

Disable UAC

DDOS

Ransomware

Disable WD

Password Recovery

Disable UAC

-- All modules not currently listed yet

PreviousDcratNextBuilder

Last updated 1 year ago

Was this helpful?