Usage RATelServer
Before you start, I invite you to read: https://github.com/FrenchCisco/RATel/wiki/Documentation-RATelServer-Argument
This documentation explains how to use RATelServer.py.
RATelServer works with a mode system. Each mode has its specific commands
The main mode is the main mode of the server. It allows you to do many things like:
| Argument | Syntax | Commant |
|---|---|---|
| -h / --help | --help |
Displays all main mode commands. |
| -ls / --list | --list |
Displays all customers with their information. |
| -t / --target | --target <session_ID> |
This command allows you to select a client (Session Mode). |
| -cde / --connectionDisplayEnable | -cde |
Enable the display of information about the client (connection and disconnection). |
| -cdd / --connectionDisplayDisable | -cdd |
Disable the display of client information (connection and disconnection). |
| --broadcast | --broadcast |
Starts the broadcast mode. |
| --exit | --exit |
Stop the server. |
The session mode allows you to select a session (client) and to interact with it, for example: Execute command, start persistence, etc.
| Argument | Syntax | Commant |
|---|---|---|
| -h / --help | --help |
Displays all main mode commands. |
| -c | -c <"command"> |
Executes a command on all clients and does not send the result (don't forget to put the command in quotation marks). |
| --command | --command |
Starts a command prompt (cmd .exe) on the remote machine. |
| --powershell | --powershell |
Starts a Powershell command (powershell.exe) on the remote machine. |
| --persistence | --persistence |
Makes the customer persistent at startup by changing keys of the register |
| --destruction | --destruction |
Deletes and disconnects all clients. |
| --disconnection | --disconnection |
Comming soon. |
| -b / --back | --back |
Back to menu. |
Warning: any commands executed with the '--command' or '--powershell' function will not be encrypted on the network. If you want to execute encrypted commands, use the argument -c .
The broadcast mode allows to send an order to all customers.
| Argument | Syntax | Commant |
|---|---|---|
| -h / --help | --help |
Displays all session mode commands. |
| -ls / --list | --list |
Starts a command prompt (cmd .exe) on the remote machine. |
| -c | -c <"command"> |
Executes a command on all clients and does not send the result (don't forget to put the command in quotation marks). |
| --persistence | --persistence |
Makes all clients persistent at startup by modifying the registry keys. |
| --destruction | --destruction |
Removes all clients on all clients and cuts connections. |
| --disconnection | --disconnection |
Comming soon. |
| -b / --back | --back |
Back to menu. |
broadcast> -c "explorer.exe" Sends to all customers the explorer.exe command
