JSRAT – Secret Command and Control Channel Backdoor to Control Victims Machine Using JavaScript

There are a number command and controls tools that can use a variety fof methods in order to hide malicious traffic or execute implants in various formats. Casey Smith originally developed a prototype tool which is using JavaScript as a payload and it connects back to a listening web server. A security researcher 3gstudent extended Casey Smith work and developed JSRat in PowerShell which provides some additionally functionality. Other variations of this tool exist in Python so the master host can be either a Linux machine or a Windows. Similarly another C2 tool that can generate JavaScript implants is called PoshC2 from Nettitude.

JSRat is a command and control tool which is using JavaScript payloads and the HTTP protocol for communication between the server and the target hosts. There are two implementations one in Python and one in PowerShell which their usage is described below.

Read full news article on pentestlab