【超详细 | 附下载】还在内卷CS?快来享用Havoc
2023-3-5 22:22:16 Author: 渗透Xiao白帽(查看原文) 阅读量:42 收藏

点击上方“蓝字”,关注更多精彩

搭建Havoc C2

Havoc是一个现代的、可塑性强的后渗透C2框架,go版本的cs

设置环境

apt update -y && apt upgrade -y
# ①.仅适用于基于 Debian 的发行版
sudo apt install -y git build-essential apt-utils cmake libfontconfig1 libglu1-mesa-dev libgtest-dev libspdlog-dev libboost-all-dev libncurses5-dev libgdbm-dev libssl-dev libreadline-dev libffi-dev libsqlite3-dev libbz2-dev mesa-common-dev qtbase5-dev qtchooser qt5-qmake qtbase5-dev-tools libqt5websockets5 libqt5websockets5-dev qtdeclarative5-dev golang-go qtbase5-dev libqt5websockets5-dev libspdlog-dev python3-dev libboost-all-dev mingw-w64 nasm
# ②.Ubuntu 20.04 / 22.04
sudo apt install build-essential
sudo add-apt-repository ppa:deadsnakes/ppa
sudo apt update
sudo apt install python3.10 python3.10-dev

下载havoc

git clone https://github.com/HavocFramework/Havoc.git

搭建服务端

cd Havoc/Teamserver
bash Install.sh
make
vim profiles/havoc.yaotl
./teamserver server --profile profiles/havoc.yaotl -v

默认账号密码为5pider/password1234

搭建客户端

cd Havoc/Client
make
./Havoc

客户端会弹出如下窗口,填写一下相关信息连接即可

接着就成功进入Havoc的界面

点击View - Listeners设置侦听器,然后在最底下找到Add点击添加

接着点击Attack - Payload选择Windows Shellcode,点击Generate将shellcode保存

设置 Harriet Payload 框架

Harriet可以将加密 shellcode 和函数调用,使用 SigThief 使用伪造的 Microsoft 证书对二进制文件进行签名

安装Harriet

git clone https://github.com/assume-breach/Home-Grown-Red-Team.git
cd Home-Grown-Red-Team/Harriet
bash setup.sh
bash Harriet.sh

这里我们选用Fully-Automated AES Encryption,将之前保存的demon.bin路径输入进行编译

接着设置web服务

最终测试一下免杀效果,成功上线

END

看完记得点赞,关注哟,爱您!

点击下方名片回复"havoc2"获取

仅用于学习交流,不得用于非法用途

如侵权请私聊公众号删文


文章来源: http://mp.weixin.qq.com/s?__biz=MzI1NTM4ODIxMw==&mid=2247497153&idx=1&sn=f2f7190afbf2d655c9195d9dff9ee2f6&chksm=ea340a9bdd43838d2da9f53f633ae59edabc0f6ad3b05ad07549624f41ff6335e24df85f53a9#rd
如有侵权请联系:admin#unsafe.sh