How to - Convert Quasar RAT into Shellcode with Donut.exe

Рет қаралды 6,490

9 ай бұрын

Be better than yesterday
In this video, we will explore how we can convert .EXE payload files into shellcode with Donut.exe. The infamous Quasar RAT client .EXE file is used as an example.
This video provides step-by-step instructions and showcases how we can compile Donut.exe on a Windows x64 system, and use Donut.exe to turn the Quasar RAT client .EXE file (Client-built.exe) into a shellcode file. The video then demonstrates successful execution with the Quasar RAT shellcode file via a C# shellcode launcher program.
DISCLAIMER:
All content posted on this KZfaq channel is SOLELY FOR Educational and Awareness purposes ONLY. Any actions and/or activities related to the material presented in this KZfaq channel is entirely YOUR responsibility.
We DO NOT promote, support, encourage any illegal activities such as hacking, and we WILL NOT BE HELD responsible in the event of any misuse and abuse of the content resulting in any criminal charges.
Free Udemy Course on Introduction to Phishing:
www.udemy.com/course/intro-to...
Stay connected:
Twitter: / gemini_security
Udemy: www.udemy.com/user/gemini-88/
Github: github.com/gemini-security
Discord: / discord
References used:
Quasar RAT:
github.com/quasar/Quasar
Donut:
github.com/TheWover/donut
C# Shellcode Launcher:
github.com/mvelazc0/defcon27_...
Looking to donate?
BTC: 19HiqQ2Qw83mxK9dcdoWb8VfAcsNgmp52k

Пікірлер: 46

@darkphantom_01 6 сағат бұрын

thanx for the course man

@tlykuyiyhaa8382 9 ай бұрын

I'm going to try what you've done right now, I hope it works for me and thank you very much for the video

@wolfrevokcats7890 6 ай бұрын

Did it work for you? Didn't work for me :(

@tlykuyiyhaa8382 6 ай бұрын

@@wolfrevokcats7890 Yes, for me works, but you need change something, the video shows how to "start" but u need apply your

@JAI_SHREE_RAM_796 6 ай бұрын

Did it work for you?

@essabreahmed1391 9 ай бұрын

Great, thnks

@demoneditz2429 9 ай бұрын

Awesome Content

@gemini_security 9 ай бұрын

Thanks. I'm glad you've found it to be useful and interesting!

@jibhax2119 7 ай бұрын

Awesome video as always, keep it up brother. Successfully compiled it, but getting some error while running the exe saying cannot find a file named {my_exe_name_.deps.json} to load. I am gessing its related to .NET runtime error. Could you please tell me which version of .Net you are using to compile also the version you have installed in your system? Thnaks

@wolfrevokcats7890 6 ай бұрын

Had this problem before, I guess you must copy ConsoleApp1.exe to different folder. When you compile the app, it will generate a few file including ConsoleApp1.exe, ConsoleApp1.dll, ConsoleApp1.runtimeconfig.json, ConsoleApp1.deps.json. Copy loader.bin to that folder and run it. If 1 of the file missing, then that's it. "cannot find a file" error

@MasculineMotivatorForMen 6 ай бұрын

Got a "NMAKE : fatal error U1052: file 'Makefile.msvc' not found Stop." Any fix what so ever?

@MasculineMotivatorForMen 6 ай бұрын

Fixed the Problem this was extremely helpful this video, as there are no videos remotely like this

@blvnt2 Ай бұрын

@@MasculineMotivatorForMen how?

@filippodeluca9464 4 ай бұрын

how do you have the commands and the tool bar below in the dashboard please help thanks... i dont have them

@uzzairkhanniyazi5038 5 ай бұрын

Love you bro for helping

@saritacontreras-mq3rr 9 ай бұрын

Hello! When i put it nmake -f Makefile.msvc show error 'nmake' is not recognized as an internal or external command, operable program or batch file. Help me, please and thanks.

@gemini_security 9 ай бұрын

Hi, make sure you have Visual Studio installed and you opened up the correct Command Prompt for Visual Studio. You will need C++ development tool installed in Visual Studio. You should be able to get more detailed troubleshooting and help if you Google the error.

@saritacontreras-mq3rr 8 ай бұрын

@@gemini_security Thanks, when i open ConsoleApp1 show windows cmd, if i close this windows cmd lost connection in quasar. What I can do?

@bang1338 9 ай бұрын

nice, can i use c++ to launch shell code?

@gemini_security 9 ай бұрын

I have not tried it personally but it should be possible!

@SonVan-zh8rj 9 ай бұрын

Nice video ❤ ! I don't understand, what is entropy ???

@firosiam7786 9 ай бұрын

Entropy is simply the amount of randomness I think in the code right ??

@gemini_security 9 ай бұрын

The donut.exe console menu will explain how specifying the entropy level will affect the output file.

@_zxXxX_ 2 ай бұрын

@@gemini_securityFriend, how can I compile the .exe in release mode directly from Visual Studio? Without using the operator's builder.

@BabyTaxiVN 9 ай бұрын

nmake is not a recognized command batch file ??? 1:50 Thanks you

@wolfrevokcats7890 6 ай бұрын

Did you run it from "x64 Native Tools Command Prompt for VS 2022" or from normal CMD?

@DJ-jy5mu 8 ай бұрын

How can I run it to .exe because it is not working anytime I run it is 5k size

@wolfrevokcats7890 6 ай бұрын

Which one? What error? Can you paste it here? My ConsoleApp1.exe is 137KB, ConsoleApp1.dll is exactly 5KB Your ConsoleApp1.exe code must be point to loader.bin file and it must be on the same directory

@H088YHaX0R 9 ай бұрын

Nice Video. I would launch the ConsoleApp1.exe in PowerShell like this < Start-Process -FilePath ".\ConsoleApp1.exe" -WindowStyle Hidden >, so you can close the PowerShell and not have the client disconnect from Quasar.

@gemini_security 9 ай бұрын

That is a useful tip!

@GenevieveTibona 3 ай бұрын

Good job, but that is not bypass av

@sementinha9937 3 ай бұрын

que video objetivo amigo , obrigado pelo conteudo

@claudeorigi8764 9 ай бұрын

Hi mr gemini havoc c2 defender bypass thechnique video

@gemini_security 9 ай бұрын

Hello, Once I have the time to setup Havoc c2 i will make a video on it. It is definitely on my to-do list. Cheers!

@j233wfyw 8 ай бұрын

can you make a tutorial how to use quasar? i mean when im sending the client to my other laptop and run it nothing happens in my quasar host, it won't connect but when i run it my self the client is connected, i need help hope you understand my shitty english >_

@gemini_security 8 ай бұрын

That seems like a network firewall problem. Can you even reach the other laptop in the first place? Maybe try setting up a web server and connecting to it, or ping the other laptop.

@j233wfyw 8 ай бұрын

@@gemini_security it work, im using portmap and openvpn for port forwarding, thank you for your answer

@j233wfyw 8 ай бұрын

but i want to ask you 1 thing, is there anyway to bypass microsoft defender for this quasar client so it can be undetectable?

@clinton3098 Ай бұрын

Guys could you tell me is it dangerous to use gitshub?

@Vix1n__ 11 күн бұрын

No, it is perfectly safe, but very aware that some people post RATs (Remote Access Trojans) that gains info and can control your computer or iOS/android device.

@onurkacmaz2641 8 ай бұрын

it gives werfault with orcus and njrat. Could you help please

@gemini_security 8 ай бұрын

I am not sure if Donut.exe supports all executable types. You can check out the official Github page and give it a read. You need to ensure that the file format type of "orcus" and "njrat" is supported by Donut.

@jibhax2119 7 ай бұрын

You can only convert exe to shellcode if the rat was written in c#. Donut doesn't support other languages yet for the shellcode.

@onurkacmaz2641 7 ай бұрын

@@jibhax2119 ım working on native stubs previously. ı hope gemini share tutorial to intagrate the code with sleep obf. Thanks. Also is it possible to set up custom dns server with any script ? I mean can we set payload using instead playit or any dns forward service?

@jibhax2119 7 ай бұрын

@@onurkacmaz2641 make it a little bit clear. By saying "custom dns server" do you mean tunneling or proxying for getting the reverse connection?