emerg: clear commits due to fwd server leak
This commit is contained in:
commit
66fa3474b2
12 changed files with 1081 additions and 0 deletions
52
README.md
Normal file
52
README.md
Normal file
|
|
@ -0,0 +1,52 @@
|
|||
# Skylink
|
||||
|
||||
Skylink is a 🚀blazingly fast🚀 🦀Rust🦀 RAT made for (primarily) trolling. It works via a client-server setup facilitated by WebSockets. The client runs as NT AUTHORITY/SYSTEM and receives "actions" (basically orders) from the server, and sends responses (e.g. success/error, pastebin link, URL, etc.)
|
||||
|
||||
The code is kind of "eldritch", because the program is intended to run as NT AUTHORITY/SYSTEM, have the ability to trigger low-level functions... while receiving commands via WebSocket. Another strange thing about this program is that in spite of being written in Rust, it can trigger a BSOD with two direct kernel calls (despite being in usermode), which isn't exactly a "Rust" thing to do.
|
||||
|
||||
## Roadmap / Todolist
|
||||
|
||||
- [x] Basic WebSocket Connection
|
||||
- [x] JSON-based "actions" structure
|
||||
- [x] BSOD action & payload
|
||||
- [x] Action parameters
|
||||
- [x] D&X (Download & Execute)
|
||||
- [X] D&X user-select capability
|
||||
- [ ] More logs from client to server
|
||||
- [ ] Fix D&X and/or make it not take 3 years to execute
|
||||
|
||||
## Q&A
|
||||
|
||||
Q: Why does it run as NT AUTHORITY/SYSTEM?
|
||||
A: The client runs at the highest user-mode permission level in order to enable the BSOD payload and avoid boilerplate on any D&X payloads that might need SYSTEM (You can easily escalate to SYSTEM from Administrator)
|
||||
|
||||
Q: Why WebSockets?
|
||||
|
||||
A: WebSockets were chosen because of the unusual structure where the client connects to the server, but the server sends requests and the client sends responses. This structure makes client setup easier, as it does not require port forwarding or reverse proxies. HTTP does not support this and server-pull techniques like long polling and SSE do not support client responses.
|
||||
|
||||
Q: Why Rust?
|
||||
|
||||
A:
|
||||
|
||||
1. I have lots of experience in Rust
|
||||
2. Rust is perfect for this: it has high level features (allowing easy implementation of WebSockets) on low level code (enabling shenanigans like the BSOD payload) and Windows Defender is the only major AV that detected my last Rust malware (solcrypt), so a single exclusion is all that's necessary to plant this on someone's computer and easy installation makes this _perfect_ for pranks and trolling.
|
||||
|
||||
Q: Why in the ever-loving **fuck** did you do this?
|
||||
|
||||
A: It's mad funny.
|
||||
|
||||
Q: Why does the README have brainrot?
|
||||
|
||||
A: It's satire. Furthermore, since this program is made for pranks, I think it's kind of justified that the README isn't serious at all.
|
||||
|
||||
## Setup notes
|
||||
|
||||
This program deviates from the standard Rust program setup one major way:
|
||||
|
||||
- After you've compiled the client, you need to use it as a payload in skylink-installer for the full RAT.
|
||||
|
||||
## Credits
|
||||
|
||||
- xorydev (lead dev)
|
||||
- ducc.dev and unwanted_guest (emotional support and occassional advice)
|
||||
- my psychiatrist (concerta prescription that made this possible)
|
||||
Loading…
Add table
Add a link
Reference in a new issue