⚠️ WARNING: This software is for educational purposes only. Misuse of this software may be illegal in your jurisdiction. Use responsibly and only on systems you own or have explicit permission to access.
R.A.T (Remote Access Tool) is a system that enables remote command execution on target systems. It allows operators to securely execute shell commands on remote computers, phones, or IoT devices.
- Features
- Architecture
- Prerequisites
- Installation
- Usage
- Configuration
- Troubleshooting
- Contributing
- Security
- References
- Remote shell command execution
- Agent auto-registration system
- Job queuing and management
- Real-time command output
- Cross-platform support
- Encrypted data exchange
The system consists of three main components:
-
Agent: The client-side software that:
- Runs on the target system
- Handles command execution
- Manages system registration
- Reports execution results
-
Server (Command & Control):
- Manages agent connections
- Handles job distribution
- Stores execution results
- Provides API endpoints
-
Client CLI:
- User interface for operators
- Agent management
- Job creation and monitoring
- Result retrieval
---
config:
theme: default
look: handDrawn
---
sequenceDiagram
participant N1 as Client
participant N2 as Server
participant N3 as Agent
Note over N1,N3: Registration phase
N3 ->> N2: registration info: username, fullname, ip address
N2 ->> N2: store agent info in database
N2 ->> N3: registration response: agent_id
N3 ->> N3: store agent_id on target computer
Note over N1,N3: Sending command to the agent
N1 ->> N2: send command to execute
N2 ->> N2: create a job for the command
N2 ->> N2: store job in database
N2 ->> N3: send job to agent
Note over N1,N3: Agent command execution and querying
N3 ->> N3: execute command on traget computer
loop Pooling
N2 ->> N3: query for jobs update
N3 ->> N2: return state of jobs
N2 ->> N2: update jobs in database
end
N3 ->> N2: send response to the server
Note over N1,N3: Getting info with client
N1 ->> N2: get agents
N2 ->> N1: return info for all agents
N1 ->> N2: get jobs
N2 ->> N1: return info for all jobs
- Rust toolchain (1.70 or later)
- Docker and Docker Compose
- PostgreSQL (if running without Docker)
- Make
- Clone the repository:
git clone https://github.com/yourusername/rat.git
cd rat- Build all components:
make build- Start the server (with Docker):
make docker
make composeAlternative server setup (without Docker):
# Start PostgreSQL
# Configure environment variables (see Configuration section)
cargo run --release --bin server- Install the agent on target system:
cargo install --path agenttarget/release/agent# List all registered agents
target/release/client agents
# View all jobs
target/release/client jobs
# Execute command on specific agent
target/release/client exec --agent <AGENT_ID> "<SHELL_COMMAND>"
# Get job result
target/release/client job <JOB_ID>The server can be configured using environment variables:
DATABASE_URL: PostgreSQL connection stringSERVER_PORT: HTTP server port (default: 8080)LOG_LEVEL: Logging level (default: info)
The agent stores its configuration in:
- Unix: ~/.rat_agent_id
- Windows: %USERPROFILE%/.rat_agent_id
-
Agent can't connect to server
- Check if server is running
- Verify network connectivity
- Check firewall settings
-
404 Not Found errors
- Ensure agent is properly registered
- Verify agent ID is correct
- Check API endpoint URLs
-
Database connection issues
- Verify PostgreSQL is running
- Check connection string
- Ensure migrations are applied
- Fork the repository
- Create your feature branch
- Make your changes
- Submit a pull request
- All connections should be secured via HTTPS in production
- Implement proper authentication
- Use secure credential storage
- Regular security audits recommended