Hi! this is a set of NodeJS scripts that can be used to attack Njrat servers
Njrat uses a TCP socket to communicate to it's server, here's a (not complete) description of some of its packets
Packets are sent in the following pattern: (COMMAND)|'|'|argument1|'|'|argument2|'|'|...
| Command | Function | Arguments (in order) |
|---|---|---|
| ll | Identifies the client. Is sent at the start of the connection | base64(Name), PC, User, Install date, (idk), OS, Webcam avaliability, Version, Ping, base64(Current window), (idk) |
| CAP | Sends the image that appears in the "screen" column of the table | (JPEG buffer) |
| kl | Opens up the keylogger window in the server (doesn't need user interaction!!) | base64(text) |