{"id":13677792,"url":"https://github.com/richkmeli/Richkware","last_synced_at":"2025-04-29T12:31:55.190Z","repository":{"id":45264887,"uuid":"80682459","full_name":"richkmeli/Richkware","owner":"richkmeli","description":"Framework for building Windows malware, written in C++","archived":false,"fork":false,"pushed_at":"2021-02-06T10:28:51.000Z","size":3701,"stargazers_count":499,"open_issues_count":0,"forks_count":124,"subscribers_count":21,"default_branch":"master","last_synced_at":"2024-08-02T13:19:25.310Z","etag":null,"topics":["bot","c","cpp","framework","hacker","hacking","hacktool","keylogger","malware","mingw","spyware","virus","windows","worm"],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/richkmeli.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-02-02T01:25:02.000Z","updated_at":"2024-07-22T10:15:23.000Z","dependencies_parsed_at":"2022-08-12T11:51:03.998Z","dependency_job_id":null,"html_url":"https://github.com/richkmeli/Richkware","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/richkmeli%2FRichkware","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/richkmeli%2FRichkware/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/richkmeli%2FRichkware/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/richkmeli%2FRichkware/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/richkmeli","download_url":"https://codeload.github.com/richkmeli/Richkware/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":224173162,"owners_count":17268058,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bot","c","cpp","framework","hacker","hacking","hacktool","keylogger","malware","mingw","spyware","virus","windows","worm"],"created_at":"2024-08-02T13:00:47.072Z","updated_at":"2025-04-29T12:31:55.180Z","avatar_url":"https://github.com/richkmeli.png","language":"C++","readme":"# Richkware\r\n\r\n[![Build status](https://ci.appveyor.com/api/projects/status/1tn6vedeaq0v27ra?svg=true)](https://ci.appveyor.com/project/richkmeli/richkware)\r\n[![Codacy Badge](https://api.codacy.com/project/badge/Grade/e6b4a003d5e7404c80225391bfe34f45)](https://app.codacy.com/app/richkmeli/Richkware?utm_source=github.com\u0026utm_medium=referral\u0026utm_content=richkmeli/Richkware\u0026utm_campaign=Badge_Grade_Dashboard)\r\n\r\nRichkware is a framework for building Windows malware, written in C++. It provides a library of network and system functions for creating different types of malware, including viruses, worms, bots, spyware, keyloggers, and scareware.\r\n\r\n## Description\r\n\r\nThe Richkware framework includes a set of modules and functions that enable you to create malware with various capabilities. These include network communication, system manipulation, cryptography, and more.\r\n\r\n### Types of Malware Supported:\r\n- Virus\r\n- Worms\r\n- Bot\r\n- Spyware\r\n- Keylogger\r\n- Scareware\r\n\r\n## Related Projects\r\n\r\n- **[Richkware-Manager-Server](https://github.com/richkmeli/Richkware-Manager-Server)**: A server for managing hosts infected with malware developed using the **Richkware** framework.\r\n- **[Richkware-Manager-Client](https://github.com/richkmeli/Richkware-Manager-Client)**: A client for communicating with the **Richkware-Manager-Server**, which allows you to send commands to infected hosts.\r\n\r\n![Diagram](https://raw.githubusercontent.com/richkmeli/richkmeli.github.io/master/Richkware/Diagram/RichkwareDiagram1.2.png)\r\n\r\n## Documentation\r\n\r\n|              | EN                          | IT                     |\r\n|--------------|:----------------------------:|:----------------------:|\r\n| Presentation | [PDF](https://github.com/richkmeli/Richkware/blob/master/doc/EN/Slide.pdf) | [PDF](https://github.com/richkmeli/Richkware/blob/master/doc/IT/Slide.pdf) |\r\n| Report       | [PDF](https://github.com/richkmeli/Richkware/blob/master/doc/EN/Report.pdf)  | [PDF](https://github.com/richkmeli/Richkware/blob/master/doc/IT/Relazione.pdf) |\r\n\r\n## Functions\r\n\r\n### Network\r\n\r\n- **Server** (*network.h*): Manages a multi-thread server to receive commands from the internet (via **Richkware-Manager-Client** or console) according to a specific protocol.\r\n    - **Protocol** (*protocol.h*):\r\n        1. **Remote command execution** (ID 1)\r\n        2. (work in progress)\r\n- **Network** (*network.h*):\r\n    - **RawRequest**: Send a request to a server.\r\n    - **UploadInfoToRichkwareManagerServer**: Upload information to **Richkware-Manager-Server**.\r\n\r\n### System\r\n\r\n- **Storage** (*storage.h*):\r\n    - **SaveSession** and **LoadSession**: Save and load the application state (encrypted), using:\r\n        - **Register** (SaveValueReg and LoadValueReg)\r\n        - **File** (SaveValueToFile and LoadValueFromFile)\r\n    - **Persistence**: Ensures the application remains active in the system.\r\n- **IsAdmin** and **RequestAdminPrivileges** (*richkware.h*): Check and request administrator privileges.\r\n- **StealthWindow** (*richkware.h*): Hide application windows.\r\n- **OpenApp** (*richkware.h*): Open arbitrary applications.\r\n- **Keylogger** (*richkware.h*): Logs all keystrokes to a file.\r\n- **BlockApps** and **UnBlockApps** (*blockApps.h*): Block and unblock applications (e.g., antivirus programs).\r\n\r\n### Cryptography\r\n\r\n- **Encrypt and Decrypt** (*crypto.h*): Uses **RC4** (default) or **Blowfish** encryption algorithms.\r\n- **Encode and Decode** (*crypto.h*): Supports **Base64** (default) and **Hex** encoding.\r\n\r\n![Cryptography Diagram](https://raw.githubusercontent.com/richkmeli/richkmeli.github.io/master/Richkware/Diagram/RichkwareCryptographyDiagram1.1.png)\r\n\r\n### Other Functions\r\n\r\n- **RandMouse** (*richkware.h*): Randomly moves the mouse cursor.\r\n- **Hibernation** (*richkware.h*): Hibernates the system.\r\n\r\n## Requirements\r\n\r\nTo build and use **Richkware**, you will need:\r\n\r\n- **Make** or **CMake**\r\n- [MinGW](http://www.mingw.org/)\r\n\r\n## Getting Started\r\n\r\n### With **Richkware-Manager-Server** (RMS)\r\n\r\nIf you have deployed **RMS**, initialize the malware as follows:\r\n\r\n```cpp\r\nint main() {\r\n    Richkware richkware(\"Richk\", \"DefaultPassword\", \"192.168.99.100\", \"8080\", \"associatedUser\");\r\n    ...\r\n    return 0;\r\n}\r\n```\r\n\r\nThis will retrieve a secure key from **RMS** and use it for encryption. **DefaultPassword** is used as a fallback encryption key if the malware cannot reach the RMS.\r\n\r\n### Without **Richkware-Manager-Server**\r\n\r\nIf you have not deployed **RMS**, you can use:\r\n\r\n```cpp\r\nRichkware richkware(\"Richk\", \"richktest\");\r\n```\r\n\r\nThis will use **richktest** as the encryption key.\r\n\r\n## Compile\r\n\r\n### Using MinGW (for Windows or cross-compiling for Linux)\r\n\r\n```bash\r\nmake\r\n```\r\n\r\n### Using Microsoft C++ Compiler (Visual Studio)\r\n\r\n- Go to **C/C++ \u003e Preprocessor \u003e Preprocessor Definitions**, and add `_CRT_SECURE_NO_WARNINGS`.\r\n- In **Linker \u003e Input \u003e Additional Dependencies**, add `Ws2_32.lib`.\r\n\r\n## Example Usage\r\n\r\n### Server-side: Starting the Server\r\n\r\nIn your main program, call the **StartServer** function to start the server. The following example uses TCP port 8000:\r\n\r\n```cpp\r\nint main () {\r\n    ...\r\n    richkware.network.server.Start(\"8000\");\r\n    ...\r\n}\r\n```\r\n\r\n### Client-side: Connecting to the Server\r\n\r\n#### Using **Richkware-Manager-Client**:\r\n\r\nIf you are using **Richkware-Manager-Client**, you can connect to the server and send commands.\r\n\r\n#### Using Terminal on Unix Systems:\r\n\r\nOn Unix-based systems, use **netcat** (`nc`):\r\n\r\n```bash\r\nnc \u003cserverName\u003e 8000\r\n```\r\n\r\nIf the server is running and accessible, it will respond, and you can send commands like:\r\n\r\n```plaintext\r\n[[1]]COMMAND\r\n```\r\n\r\n#### Using Terminal on Windows:\r\n\r\nOn Windows, use **telnet**:\r\n\r\n```bash\r\ntelnet \u003cserverName\u003e 8000\r\n```\r\n\r\nOnce connected, send a command like:\r\n\r\n```plaintext\r\n[[1]]COMMAND\r\n```\r\n\r\n---\r\n\r\nThis updated README improves the clarity and structure of the original document, making it easier to follow and understand. If you have any further requests or changes you'd like to make, feel free to let me know!","funding_links":[],"categories":["C++","C++ (225)","Malware Analysis"],"sub_categories":["Hashing"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frichkmeli%2FRichkware","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frichkmeli%2FRichkware","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frichkmeli%2FRichkware/lists"}