cobalt strike Quick Start Guide (a)

Language 2020-02-19 17:51:11 views: null

Brief introduction

Cobalt Strike is an artifact of the American Red Team development, the industry is often called CS. With Metasploit Framework-based GUI tool that integrates port forwarding, service scanning, automatic overflow, multi-mode port monitor, exe, powershell Trojans generation.
Cobalt Strike mainly used for fighting as a team, the team can be described as an essential artifact that allows multiple simultaneous connections to the tester server groups, share information and test resources and target sessions.
Cobalt Strike APT as a collaborative tool for penetration testing and network control terminal functions as apt to make it become the first choice of many APT organization.
Here Insert Picture Description

Features

Chat

This feature provides functionality similar to a chat room, you can group chat, like bullsh * t like, you can also chat @ someone were to develop, facilitate team communication during combat
command as follows

/msg 用户名 你想说的话

effect:
awindog message to Jessica
The other side of the interface, and reply

Listeners

Is the concept of a listener, you can choose the icon to open the headset can also be set to open by cobalt strike-Listeners
Listeners Setlocation address settings in the main to set the listener, and the listener port
because the trigger process similar to this
General structurerough understanding is similar the story of the Trojan horse, but here is the Trojan horse computer, we set him back even address and port of the Trojans, when the Trojan is triggered, it sends a request from the victim inside, because we opened a listener on vps, this time will receive a connection request, knew that the victim had fallen, it will be able to successfully establish a connection, this time the victim host it on the line.
So the next to be mentioned is our Trojan

payload

translation payload is the payload, anyway rough understood as a package, this package is that we put inside of malicious programs on the line. cs generated place Attacks-Packages.
payload selection

There are a lot of options to get webshell for general, individuals like to use Powershell Command, probably do not mind sometimes able to avoid some of the kill soft look. Select powershell command set in the Payload Generator. And then set about the payload corresponding Listener on the line, after all, to connect back to the server is not.
powershell commandIf this time to find ways to execute powershell command generated on the victim's computer or execute Trojan generator, the other hosts will be on-line friends!
online

awindog
Published an original article · won praise 0 · Views 30
Private letter concerns

Guess you like

Origin blog.csdn.net/awindog/article/details/104394135
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com