Last updated: 2021-06-09

Version 0.1

Finished

• Basic rat functionality
  • Load compiled WASM, execute specified functions
  • Ability to execute Win32 API functions
• Basic server
  • Accept incoming connections from rats, issue commands to rats
    • The sqlite database has to be manually edited to do this at the moment
• Communication
  • ~A communication protocol
  • Communication over HTTP
• Secure communications
  • Key exchange
  • Encryption
• Communication from rats
  • Check in
  • Retrieving tasks
• Basic logging capabilities
• Ability to get output back from rats

Started

• Console UI to issue commands to rats
  • List of RATS
  • Ability to execute WASM blobs and display output
  • Figure out why the server UI sometimes fails to start

Not started

• Some kind of useful capabilities
  • Execute .net assemblies?

Version 1.0

• Moving client .exe and .dll to separate crates
• Allow for cross compilation (compiling rats for Windows on Linux)
• Define traits(?) for servers, allow them to be configured/started/stopped
• Define traits(?) for various functionality in rats, in preparation of allowing functionality to be swapped out at runtime
• Make it possible to collect/display (arbitrary?) metadata about rats
• Add functionality to persist and reuse wasm
• Web UI for the server
• TLS support for listeners
• Functionality to help with FFI calls and error handling from the WebAssembly side
  • Link FFI calls to WASM runtime directly?
  • Make working with pointers prettier
  • This could make it easier to allow for 32-bit rats by defining “native” pointer types

Further work

• Make it possible to reconfigure rats at runtime
• Optimize WebAssembly code (for size)
• General optimizations for rat binaries (mainly size)
• GUI for the server side (probably HTTP)
• Communication over DNS / DoH
• Support more operating systems
• Functionality to avoid hooked API functions?
• More capabilities
• More communication possibilities

Other things to consider

• Update wasm3-rs if it stays unmaintained
• sRDI-like shellcode generator
  • https://github.com/b1tg/rust-windows-shellcode
  • https://github.com/2vg/blackcat-rs/tree/master/crate/mini-sRDI
• Encryption of strings and other included resources
  • https://github.com/not-matthias/include_crypt
  • https://github.com/kgv/crypto-literal
• Support for passing String between wasm and rust