Writing a RAT and other things infosec

January 2021 update

It has been three weeks since my last post, and progress has been slow. I will be trying to write small status updates semi-regularly both to keep myself motivated and try to document the development of RustRAT. Since last time, I have written code for running WebAssembly programs and for calling arbitrary functions from DLLs at run-time using libffi, more specifically with the libffi-rs bindings. Currently, I am working on trying to put these two parts together using a lot of ugly and unsafe Rust. The code gluing these two parts together will not be easy to read, even harder to alter, and quite possibly impossible to debug, but I am hoping to have something that works (for certain values of work) in a few weeks.

RustRAT is not dead

It has been more than six months since I wrote the first blog post about RustRAT. During these months, the closest I have come to actually doing something has been to build myself a new computer with many cores in order to compile code faster or something like that. However, rather than develop RustRAT I have been busy playing all the games I have been unable to play the last ten years due to lack of a computer able to play recent games. It is about time for me to actually attempt to create RustRAT. The plans are mostly unchanged since the last blog post, but I have made one significant change.

Introducing RustRAT

I am writing this blog as I started developing a RAT during the spring of 2020 and wanted a place to document my ideas and progress with this project. This is something I have been planning on doing for a couple of years, but I did not get around to actually writing any code until this spring. RustRAT is as its name suggests, a Remote Access Trojan written in rust, and even though it is not included in the name, lua.