- 📖 〢 Description
- 🔰 〢 Features
- 🔗 〢 Discord
- 📥 〢 Install
- 📷 〢 Preview
- 📚 〢 Changelog
- 🥷 〢 Contributors
⚠️ 〢 Bugs Or Errors- 🧾 〢 License
This is the server-side of Rose RAT. It will create a SocketIO Server to communicate between the victim's client & the attacker client. This can be hosted on repl.it or any other server. This is still under development and way more commands will be released soon.
When a grabber created with Rose (with the RAT enabled) is opened, it'll try to connect to a SocketIO Server.
The server will create a SID
for the victim's client (which is a temporary ID) that is going to be deleted once the victim's client is shutdown.
The server will then send a WebHook that a victim has connected with his IP
and his SID
(Preview)
Then, it'll wait for the Server command and execute it in the background.
Now, the attacker has to execute the attacker_client.py
file.
The attacker's client will connect to the server and will be able to send command
The attacker can now write command in the GUI, then write the SID
of the victim's PC he would like the command to be executed on.
The attacker's client sends the information to the server which sends it to the specified SID
Once a victim's client receives a command, it executes it and send a WebHook of the output if needed
See the victim's pc screen on live (screenshare)
🟢Make a Screenshot and send it (screenshot)
🟢Make a MessageBox with any text (messagebox <text>)
🟢Executing shell command (shell <text>)
🟢Playing TTS (Text to speech) (voice <text>)
🟢Changing the volume to 0%/100% (volumemax/volumezero)
🟢Shutdown the PC (shutdown)
🟢Make a Webcam PIC and send it (webcampic)
🟢More commands will be released soon ...
🟣
🟢 = Working | 🟡 = To Do | 🟣 = Working on it | 🔴 = Not Working
- First, create a new repl and use Python as principal language
- Download this repository as a zip and upload all the files to the repl
- Go back to your repl and click on
shell
in the top right corner - Enter
pip install -r requirements.txt
- Click on the
Run
green button at the top of the page - Copy the URL
- Build a victim's client with Rose-Grabber using the URL you just copied
- Start
attacker_client.py
then paste the server URL - Whenever a victim starts the grabber, a WebHook will be sent to inform you,
- You're now ready to execute commands.
When a victim's client connects:
An example of using the shell dir
command:
All Notable Changes will be noted soon
This program, is intended solely for educational purposes, to demonstrate the vulnerabilities of computer systems and to promote awareness of cybersecurity. The program should only be used in controlled environments with explicit permission from the system owner.
While the program may be used to assess the security of computer systems, it should not be used for malicious purposes or any activity that may cause harm or damage to computer systems or networks. Any misuse or illegal activity resulting from the use of this program is strictly prohibited and the responsibility lies solely with the user.
The author of this program is not liable for any damage, harm, or legal consequences resulting from the use or misuse of this program. By using this program, you acknowledge that you understand the potential risks and agree to assume full responsibility for any actions taken using the program.