(adsbygoogle = window.adsbygoogle || []).push({});
Hello, I have seen that there has been loads of reports for RAT's found in the Black Ops 3 Modding Tools section. This is the time to learn how to check applications for RAT's. If you are one of those people who do not know how I suggest you read the whole thread to learn, this thread is a full tutorial on how I check applications and how I recommend you guys should.
What is a RAT? for the people who do not know.
The term "RAT" is new, however. Trojans are programs that run in the background and give unauthorized access to your computer. It is up to the person who has Ratted you what do do with your computer, but they have several options once you accidentally install a RAT on your system. RATs are usually executable files you download from the internet. It could be masked as another program or a malicious coder could add one to an application which seems normal.
So without further ado, lets get straight into this tutorial.
I do all of these steps so I recommend that you should do the same. All steps are not required it's just the way I do it to make sure.
Opening an application in sandboxie.
First thing people should be doing is opening the exe you are checking in sandboxie. If the application opens there is a possibility that there is no RAT. But not 100%, there still is a slight possibility that there is a RAT, as i said before a malicious coder could add one to an application which seems completely normal.
1. Download sandboxie if you do not have it already. I recommend to download it
You must login or register to view this content.. Just click
Download from this site when on the page. You will be downloading a setup so go through the setup, it is easy to do. Here is what the web page will look like
You must login or register to view this content., the red box shows where to download from.
2. It is pretty easy to open an application in sandboxie. Just simply
right click on the exe and click
Run Sandboxed. Make sure
Default Box is highlighted on the popup then click
OK, it will look like this
You must login or register to view this content.. You will need to make sure you have all the dlls in the same location as the exe to run the application. If the application opens there still is a possibility that there is a RAT so don't close the application straight away. If the application does not open and just crashes sandboxie skip to the next part, if not keep reading the next step.
3. If the application opens we will need to check our processes using Task Manager. Open Task Manager and Click on the
Performance tab. Where we can click
Open Resource Monitor at the bottom of Task Manager. This is where we can see all of the hidden processes along with all of the ones what will normally show. This
You must login or register to view this content. shows what It will look like, the red square shows the application I have opened with sandboxie, which is an application I have made myself.
This could be different on other Windows. This is on Windows 10, I am sure you will find the same way on other windows. Next to where the application shows in Task Manager you can normally see the RAT's. They all have different names, they will all stand out like
Anonymous Login or
Remote Access Login. If that shows you can pretty much stop there, shows that there is a RAT with the application. If nothing shows we will go to the next part for checking for a RAT.
Opening an application using a virtual private server and or a virtual machine.
VPS
If you don't know what a VPS is, it stands for
virtual private server and is basically a virtual machine sold as a service by an Internet hosting service. Basically just runs its own copy of an operating system.
I know that you guys may not be able to buy this but I recommend 100%, it always helps when checking for remote logins and is very cheap. Some VPS are different when setting up, you can just search them on the internet and use Windows Remote Desktop Connection to connect to your server.
If you guys have one and or decided to get one just simply open the exe on the server and check your processes using Task Manager the same way we did in step 1. Just simply open Task Manager, then click the
Peformance tab, then right down the bottom you will see
Open Resource Monitor click on that and there is where you can see all processes along with all the hidden ones. This
You must login or register to view this content. shows what It will look like, the red square shows the application I have opened with sandboxie which is an application I have made myself.
VM
You can also use a Virtual Machine (VM), which is free, you will just need to do a simple download from
You must login or register to view this content..
A VM is an emulation of a particular computer system. Virtual machines operate based on the computer architecture and functions of a real or hypothetical computer, and their implementations may involve specialized hardware, software, or a combination of both. VM and VPS are almost the same.
1. When done the setup you will have a Oracle VM VirtualBox shortcut on your desktop, open it. You will have something like
You must login or register to view this content..
2. Click
New at the top located
You must login or register to view this content.. Name it what ever you want. Select your
type, I recommend to use the same software you are on. So I would choose Microsoft Windows. Choose the operating system you wish to install, I will install windows 8.1 for the time being. Click
Next.
3. Select your memory your machine is going to have. This depends on how much memory you need. I recommend to use use like 1/4 - 1/2 of your current system. I am going to set it as
3096 for the time being. Keep in mind if this is to high it may cause issues on your hosts machine. Click
Next.
4. Now time to create Virtual Hard Disk. Select the the
Create a virtual Hard Disk now radiobutton. Go ahead and select
Virtual Disk Image (VDI). Click
Next.
5. You need to choose Dynamically allocated, it is better to use. Fixed size is highly not recommended. Click
Next.
6. Put
20gb for size and click
Create. And there we go we now have our very own virtual machine. It should look something along the lines like
You must login or register to view this content..
7. There is a couple of things I highly recommend doing. Click
settings at the top of virtualbox, found
You must login or register to view this content.. It should look like
You must login or register to view this content.. Click the
advanced tab on the settings popup. On both
Shared Clipboard and
Drag'n'rop set as
Host To Guest and click
OK. This allows us to copy files over to the virtual machine.
8. Then you will need to install an operating system just like your computer and you're good to go.
Well that is going to bring this tutorial to an end. I really hope this thread will help you guys out a lot. If I made some sort of mistake somewhere let me know.
Thank you