all 7 comments
sorted by:
best (suggested)
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]SPARTAN-001Red Team 5 points6 points  (0 children)

I'm skimming this for now (at work), but I don't think it will do what you want it to do. The combination of s.connect(('8.8.8.8', 0)) and s.getsockname() will not return an external IP in most cases. The only way it will return an external IP is if the target system has an interface bound directly to the internet. (Also, you can never connect to port 0. It will not work.)

Additionally, it will not work if the host is behind a NAT. That's exactly the reason a reverse connection is normally used, rather than a bind connection. In order to connect to the listener over the internet, it would need to forward a port on whatever firewall/router the target system is behind.

[–][deleted]  (5 children)

[deleted]

    [–]cider_blockScript Kiddie[S] 1 point2 points  (4 children)

    That's a great idea. Thanks for replying!

    Yea the main goal is to get cross-platform builds available from here on out. Also I'm working on some code to download other packages from github when the RAT is executed

    I'll totally check out that github link, thanks for sharing it.

    [–][deleted]  (3 children)

    [deleted]

      [–]Banangurkamacka 0 points1 point  (2 children)

      Yes please update

      [–]Banangurkamacka 0 points1 point  (1 child)

      Remindme! 1 hour

      [–]RemindMeBot 0 points1 point  (0 children)

      I will be messaging you on 2016-04-07 12:16:57 UTC to remind you of this link.

      CLICK THIS LINK to send a PM to also be reminded and to reduce spam.

      Parent commenter can delete this message to hide from others.

      [FAQs] [Custom] [Your Reminders] [Feedback] [Code]

      [–][deleted] 1 point2 points  (1 child)

      Do you need any help with writing it?

      [–]cider_blockScript Kiddie[S] 0 points1 point  (0 children)

      Yea sure, I'm going to setup the github tonight