How to setup DarkComet RAT for Easy Access to a Target Computer

Share:Share on FacebookShare on Google+Tweet about this on TwitterShare on RedditPin on PinterestShare on StumbleUponEmail this to someoneDigg thisShare on LinkedInShare on Tumblr

Note: In this format, the RAT program will quite easily be detected by anti-virus software. In order to evade such detection you will have to crypto the DarkComet RAT. It must become undetectable in order to use stealthily. Or, the attacker might install such a program and add exceptions to the anti-virus.

The newest versions are always the most stable. Let’s say you use DarkComet 3.2. DarkComet 3.2 will be quite old by the writing of this blog. The system functions may have changed. DarkCoderSc has updated it to DarkComet 5.3.2 with the latest functions, it’s like buying a can of Pepsi then finding it has gone-off.

Here is the tutorial on how to setup DarkComet 5.3.1

  1. Go to the DarkComet website (http://darkcomet-rat.com). I would not get this RAT from anywhere else, lest it be crawling with gremlins.
    At the top, you will see a list of items. Click Downloads.
    DarkComet-RAT-01
  2. Next there will be a list of DarkComet-RAT product versions.
    Click the top one.DarkComet-RAT-02
  3. When you click Download, you will see three boxes. Tick them.DarkComet-RAT-03
  4. Click Download.
  5. Open the DarkComet RAR (You need WinRAR)
    It should look like this:
    DarkComet-RAT-04
  6. Make a folder on your desktop. Name it anything you want.
    DarkComet-RAT-5
  7. Drag the items from the WinRAR folder to the Tutorial folder at your Desktop.
    Now, everything should be there like this:
    DarkComet-RAT-07
  8. Open DarkComet.exe (Run as Administrator)DarkComet-RAT-08
  9. A TOS should show up.
    DarkComet-RAT-09
    Tick the box saying ‘Do not display again the EULA‘ that is located at the bottom left. DarkComet-RAT-10
    Click ‘I accept‘  DarkComet-RAT-11
  10. At the bottom left, it will show up a Help Screen, tick ‘Do not show at startup‘ then click ‘FineDarkComet-RAT-12
  11. Click DarkComet-RAT at the top left.
    DarkComet-RAT-13
  12. Click ‘Listen to new port (+Listen)
    DarkComet-RAT-14
    A new window should open, put in your Port then tick ‘Try to forward automaticaly (UPNP)
    DarkComet-RAT-14.5
    IN this case, I will do port 70 so I put that in, tick ‘Try to forward automatically (UpNP)‘ and click Listen.
  13. Move over to ‘Socket / Net‘ located at the very end of the top left border.
    DarkComet-RAT-15
    You should see something like this:
    DarkComet-RAT-16
    70 may not be your port, your port that you added in ‘Listen to new port‘ will be displayed, not specifically 70.
  14. Go to ‘www.canyouseeme.org
    DarkComet-RAT-17
  15. Put in the port that you are listened on.
    If all went well, it should look like this:
    DarkComet-RAT-18
  16. Now, click DarkComet-RAT again and click Server Module, then click Full Editor (Expert)
    DarkComet-RAT-19
  17. Name your Security Password anything you like, then click the Mutex a few times. We then have the Main Settings done.
    DarkComet-RAT-20
    Make sure you untick FWB (Firewall Bypass)
  18. Go to Network Settings.
    Now, go to http://www.no-ip.com and register
    Click Free DNS
    DarkComet-RAT-21
  19. Put in whatever you want for it. Make sure the email is valid because we will need it to validate. (if you don’t want to give your email, get a temp email at 10minutemail.com)
    DarkComet-RAT-22
    Sign in now.
  20. Now, at the Body you will see a list of options, click ‘Add Host’
    DarkComet-RAT-23
  21. Copy the settings:
    DarkComet-RAT-24
    Leave IP Address, as that will show as Default your IP address.
  22. Click Create Host.
  23. Go back to your DarkComet and put in the Ip/DNS and Port (DNS for the NO-IP you made a second ago and Port for the one you listened on!)
    DarkComet-RAT-25
  24. Then click ‘Add‘ and go to Module Startup.
    Tick the ‘Start the stub with windows (module startup)’
    Then leave everything but ‘Persistance installation ( always come back )
    Tick that.
    Now, it should look like this:
    DarkComet-RAT-27
  25.  Now go to ‘Stub Finalization‘ at the end.
    If you are going to get it crypted then don’t tick UPX (Ultimate Packer Executable) but if you are, I would leave it off and just have it on No compression.
    DarkComet-RAT-28
  26. Now tick the ‘Save the profile when stub succesfully generated’ and Build the Stub.
    Now there is one last thing.
  27. Go to the Client Settings in DarkComet-RAT and then Click NO-IP Updater
    DarkComet-RAT-29
  28. Then put in the NO-IP host, Username and Password, then tick ‘Auto update your no-ip dns when your IP change
    DarkComet-RAT-30
  29. Now, run the stub that you generated in a Sandbox to test, and you should show up!

Here now, we have run through the entire thorough setup for DarkComet. Even your kid brother could follow this tutorial. Now what you need to do is some research into how to encrypt the EXE, so it can be installed remotely without an antivirus putting up a fuss. I know Metasploit has some pretty good encryption in it’s framework. I would start there. Watch out for others telling you they will encrypt it for you. This is usually a trick to just pack their own RAT into your stuff!


Share:Share on FacebookShare on Google+Tweet about this on TwitterShare on RedditPin on PinterestShare on StumbleUponEmail this to someoneDigg thisShare on LinkedInShare on Tumblr
Tagged , , , , , , , , , , . Bookmark the permalink.

3 Responses to How to setup DarkComet RAT for Easy Access to a Target Computer

  1. Bush says:

    please can you help me with good contact for crypting my exe file so antivirus wont see it. pls reply to my email with id or email of who to contact..thankx

  2. Kashif says:

    Hi, I got an error when i hit the “Update” button from the No-Ip Updater window. The error message is:
    Can’t join the remote server, trying later.

    Please tell me how to accomplish that error.

  3. acoma says:

    where can i buy encrypt?

Leave a Reply to Bush Cancel reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>