Requested by Office. This is everything I have done to create my working orcus server, including links to all the resources used.
Here's a quick run down on how orcus works so you understand what we are trying to accomplish.
Basically you run an orcus "server" which can be placed on your own computer or VPS which connects the clients (ratted victims) to the administrators (you). The server is what does all the actions, you just tell it what to do with your from your computer with the control panel. Here's a hq activity diagram I have made on paint. A vpn can be put on the server as well as on the administrator computer but doing so would slow down the connection even further, but that is the price of security.
The first thing you're gonna want to do is buy https://www.nulled.t...sion-131-stable Orcus Rat. After you download it and open it up you're gonna be faced with this screen here.
You're gonna want to click the create new server button in the top right hand corner of the dialog box and be faced with this screen. Just type in the localhost 127.0.0.1 and click add, with the default port.
Now get onto your VPS, I use DasVPS https://dasvps.com/ and they're a pretty swell provider (Don't suspend me pls babe) and find the local IPv4 for your computer. If you need instructions on how to do that you should probably leave but just type ipconfig into cmd and it's the on that says IPv4 address. For your home computer the equivalent would be like 192.168.0.44 or 10.0.0.33 or some shit depending on your ISP. I'm not posting a screenshot because I don't want dasvps knowing which computer on their network is doing this stuff just to be safe in case they don't like that.
So just type that IPv4 into orcus with the default port again and click add like you do with the 127.0.0.1 address. Now just type in a password that you'll use to log into the rat. Also if you want the rat to display the country that the victim is connecting from click the register button, make an account, verify the account and put the details into the provided boxes. I couldn't be fucked tbh. Now just click the build button and click ok. make sure that a new folder called server is created and that the server files are not placed in the same directory as the other orcus files. eg @/desktop/orcus-cracked/server is good. Now zip up that server file to make it as small as possible if you have shit Australian internet like me and copy the server files across to your VPS.
Now depending on your VPS the port forwarding will be different for everyone. My vps control panel had no options for portforwarding so i simply went to the server manager within the vps, clicked the configuration tab on the left and clicked the firewall.
Now click on your firewall properties.
Go to the three tabs and turn the firewall completely off for each of them. An alternate method would be to go through the firewall settings and add exclusions for the chosen port but it's way easier to just disable the firewall (less secure but oh well it gets the job done). Once you're done go to canyouseeme.org and check to see if your port is open. If it isn't, don't stress it could just be that it isn't showing as open because there is no software listening on that port. Check again after you have set up and started the server and make sure you are checking the right port. If it still isn't working then i'm sorry but your VPS must be different, you could try contacting their support and say you want to open a minecraft server or something or their online control panel may have settings for opening ports.
Now extract the server folder from the archive and put it on your desktop or anywhere you want (probably somewhere not obvious). And open the executable. A screen to this effect will come up, make sure to type in the password if it isn't already there. The server should start up straight away and say shit like creating tables and stuff. On the right it says "is running: true" which is good it means it's working. Administrators is how many "orcus control panel's" are running which is what is used to send commands to the server. Clients is how many victims are currently connected.
Now what you're going to want to do is set up a DNS. We'll be using no-ip even though it's shit, keeps logs and is not recommended just because when I first set it up I didn't know how shit no-ip was and it's too much hard work for me to change now. So go to your chosen DNS provider and sign up for a free (or paid if you're about that life) account and get your dns. There are many tutorials on that on the internet, I think I even made one myself tbh... Yes I did, you can see how to set it up in the first bit of this tutorial here https://www.nulled.t...ding-free-vpn/. Download the software that comes with it for if your IP ever changes so it will be automatically updated.
Now, go back to your computer and the orcus login page should still be open unless you closed it. (This one), simply type in the DNS you made, make sure the port is right and type in your password. If everything is done correctly you will then be logged in and taken to the orcus control panel.
This tutorial is big as fuck already holy shit. Appreciate my effort pls ^.
Go to the build tab on the left in the navbar.
!!!If you are going to be crypting this you need to make sure to disable all the extra features!!!
Go to the connection tab and type in the DNS and the port that you made earlier. This is important as if your VPS is taken down, you can open the no-ip program on your home computer and run it on your own computer so the DNS then points towards towards your personal IP so you don't lose all your slaves, and can set it up on a new VPS later. Delete the entry that is already there and replace it with your dns.
If you're crypting this (highly recommended if you actually want to get executions) then go though the protection and installation tabs and make sure to uncheck any options in there that are activated. Plugins are fine, I recommend turning them all on apart from the file pumper and extension spoofer unless you want your server to be a smaller size. MAKE SURE TO TURN ON ORCUS PATCHER! This makes it run in the background of the computer otherwise the rat goes out of its way to alert the user that they've executed a rat. Then just click build and set a location to save it to.
Now to crypt it I suggest Deluxe Crypter which can be bought here,https://hackforums.n...php?tid=5389008 This is because it is cheap and is great with keeping FUD. it stays 0/35 for days and the highest i've seen the detection ratio is 1/35 after 5 days. This is just from personal experience. Cloud crypter aka cloud protector is also good but I had troubles in the past with it becoming detected within a couple days and im talking like 9-12/35, this was a while ago though.
So get your crypter and choose all the settings you want. Set the icon and file binding options to whatever you want depending on how you're spreading your rat, there are many tutorials online for this. The goal is to make the victim not be suspicious as they will not go to great lengths to remove your rat from their system. I suggest making a long name and either using the RTL exploit to make it appear as a .jpg/.png file or do .exe.png. an example filename could be 322194085a1946d494a27c3b7d169fb49ed23e858f471c17f39eeafec6b28a3e.png.exe or using the RTL exploit. I usually just encrypt a word to sha256 cuz it makes a legit looking long filename. Some antiviruses detect the RTL exploit and will detect files just for having it.
Here's what the scan is, last reFUD 12/11/16. It always seems to be ESET NOD32 lol.
Now you just gotta spread this shit and you're good to go. Thanks for reading my wall of text lol hope it helps. Put a lot of effort into it because i'm hungry for the contrib, only 41 likes left...
Here's a quick run down on how orcus works so you understand what we are trying to accomplish.
Basically you run an orcus "server" which can be placed on your own computer or VPS which connects the clients (ratted victims) to the administrators (you). The server is what does all the actions, you just tell it what to do with your from your computer with the control panel. Here's a hq activity diagram I have made on paint. A vpn can be put on the server as well as on the administrator computer but doing so would slow down the connection even further, but that is the price of security.
The first thing you're gonna want to do is buy https://www.nulled.t...sion-131-stable Orcus Rat. After you download it and open it up you're gonna be faced with this screen here.
You're gonna want to click the create new server button in the top right hand corner of the dialog box and be faced with this screen. Just type in the localhost 127.0.0.1 and click add, with the default port.
Now get onto your VPS, I use DasVPS https://dasvps.com/ and they're a pretty swell provider (Don't suspend me pls babe) and find the local IPv4 for your computer. If you need instructions on how to do that you should probably leave but just type ipconfig into cmd and it's the on that says IPv4 address. For your home computer the equivalent would be like 192.168.0.44 or 10.0.0.33 or some shit depending on your ISP. I'm not posting a screenshot because I don't want dasvps knowing which computer on their network is doing this stuff just to be safe in case they don't like that.
So just type that IPv4 into orcus with the default port again and click add like you do with the 127.0.0.1 address. Now just type in a password that you'll use to log into the rat. Also if you want the rat to display the country that the victim is connecting from click the register button, make an account, verify the account and put the details into the provided boxes. I couldn't be fucked tbh. Now just click the build button and click ok. make sure that a new folder called server is created and that the server files are not placed in the same directory as the other orcus files. eg @/desktop/orcus-cracked/server is good. Now zip up that server file to make it as small as possible if you have shit Australian internet like me and copy the server files across to your VPS.
Now depending on your VPS the port forwarding will be different for everyone. My vps control panel had no options for portforwarding so i simply went to the server manager within the vps, clicked the configuration tab on the left and clicked the firewall.
Now click on your firewall properties.
Go to the three tabs and turn the firewall completely off for each of them. An alternate method would be to go through the firewall settings and add exclusions for the chosen port but it's way easier to just disable the firewall (less secure but oh well it gets the job done). Once you're done go to canyouseeme.org and check to see if your port is open. If it isn't, don't stress it could just be that it isn't showing as open because there is no software listening on that port. Check again after you have set up and started the server and make sure you are checking the right port. If it still isn't working then i'm sorry but your VPS must be different, you could try contacting their support and say you want to open a minecraft server or something or their online control panel may have settings for opening ports.
Now extract the server folder from the archive and put it on your desktop or anywhere you want (probably somewhere not obvious). And open the executable. A screen to this effect will come up, make sure to type in the password if it isn't already there. The server should start up straight away and say shit like creating tables and stuff. On the right it says "is running: true" which is good it means it's working. Administrators is how many "orcus control panel's" are running which is what is used to send commands to the server. Clients is how many victims are currently connected.
Now what you're going to want to do is set up a DNS. We'll be using no-ip even though it's shit, keeps logs and is not recommended just because when I first set it up I didn't know how shit no-ip was and it's too much hard work for me to change now. So go to your chosen DNS provider and sign up for a free (or paid if you're about that life) account and get your dns. There are many tutorials on that on the internet, I think I even made one myself tbh... Yes I did, you can see how to set it up in the first bit of this tutorial here https://www.nulled.t...ding-free-vpn/. Download the software that comes with it for if your IP ever changes so it will be automatically updated.
Now, go back to your computer and the orcus login page should still be open unless you closed it. (This one), simply type in the DNS you made, make sure the port is right and type in your password. If everything is done correctly you will then be logged in and taken to the orcus control panel.
This tutorial is big as fuck already holy shit. Appreciate my effort pls ^.
Go to the build tab on the left in the navbar.
!!!If you are going to be crypting this you need to make sure to disable all the extra features!!!
Go to the connection tab and type in the DNS and the port that you made earlier. This is important as if your VPS is taken down, you can open the no-ip program on your home computer and run it on your own computer so the DNS then points towards towards your personal IP so you don't lose all your slaves, and can set it up on a new VPS later. Delete the entry that is already there and replace it with your dns.
If you're crypting this (highly recommended if you actually want to get executions) then go though the protection and installation tabs and make sure to uncheck any options in there that are activated. Plugins are fine, I recommend turning them all on apart from the file pumper and extension spoofer unless you want your server to be a smaller size. MAKE SURE TO TURN ON ORCUS PATCHER! This makes it run in the background of the computer otherwise the rat goes out of its way to alert the user that they've executed a rat. Then just click build and set a location to save it to.
Now to crypt it I suggest Deluxe Crypter which can be bought here,https://hackforums.n...php?tid=5389008 This is because it is cheap and is great with keeping FUD. it stays 0/35 for days and the highest i've seen the detection ratio is 1/35 after 5 days. This is just from personal experience. Cloud crypter aka cloud protector is also good but I had troubles in the past with it becoming detected within a couple days and im talking like 9-12/35, this was a while ago though.
So get your crypter and choose all the settings you want. Set the icon and file binding options to whatever you want depending on how you're spreading your rat, there are many tutorials online for this. The goal is to make the victim not be suspicious as they will not go to great lengths to remove your rat from their system. I suggest making a long name and either using the RTL exploit to make it appear as a .jpg/.png file or do .exe.png. an example filename could be 322194085a1946d494a27c3b7d169fb49ed23e858f471c17f39eeafec6b28a3e.png.exe or using the RTL exploit. I usually just encrypt a word to sha256 cuz it makes a legit looking long filename. Some antiviruses detect the RTL exploit and will detect files just for having it.
Here's what the scan is, last reFUD 12/11/16. It always seems to be ESET NOD32 lol.
Now you just gotta spread this shit and you're good to go. Thanks for reading my wall of text lol hope it helps. Put a lot of effort into it because i'm hungry for the contrib, only 41 likes left...