Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/MythicAgents/thanatos

Mythic C2 agent targeting Linux and Windows hosts written in Rust
https://github.com/MythicAgents/thanatos

Last synced: about 1 month ago
JSON representation

Mythic C2 agent targeting Linux and Windows hosts written in Rust

Host: GitHub
URL: https://github.com/MythicAgents/thanatos
Owner: MythicAgents
License: bsd-3-clause
Created: 2022-03-07T20:35:33.000Z (almost 3 years ago)
Default Branch: main
Last Pushed: 2024-07-07T19:25:31.000Z (5 months ago)
Last Synced: 2024-07-30T14:19:06.581Z (4 months ago)
Language: Rust
Size: 2.94 MB
Stars: 301
Watchers: 9
Forks: 41
Open Issues: 15
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE

Awesome Lists containing this project

awesome-hacking-lists - MythicAgents/thanatos - Mythic C2 agent targeting Linux and Windows hosts written in Rust (Rust)

README

        


  



# Thanatos

[![GitHub License](https://img.shields.io/github/license/MythicAgents/thanatos)](https://github.com/MythicAgents/thanatos/blob/main/LICENSE)

[![GitHub Release](https://img.shields.io/github/v/release/MythicAgents/thanatos)](https://github.com/MythicAgents/thanatos/releases/latest)

[![Release](https://github.com/MythicAgents/thanatos/workflows/Release/badge.svg)](https://github.com/MythicAgents/thanatos/actions/workflows/release.yml)

Thanatos is a Windows and Linux C2 agent written in rust.

# Installation

To install Thanatos, you will need [Mythic](https://github.com/its-a-feature/Mythic) set up on a machine.

In the Mythic root directory, use `mythic-cli` to install the agent.

```bash

sudo ./mythic-cli install github https://github.com/MythicAgents/thanatos

sudo ./mythic-cli payload start thanatos

```

Thanatos supports the http C2 profile:  

```bash

sudo ./mythic-cli install github https://github.com/MythicC2Profiles/http

sudo ./mythic-cli c2 start http

```

## Features

  - Background job management

  - Built-in ssh client

    * Connect to a machine and download/upload files between that machine and Mythic

    * Get directory listings from machines using sftp

    * Spawn agents on machines using ssh

    * ssh-agent hijacking

  - Streaming portscan

  - Stand up TCP redirectors

## Future Additions

  - v0.2.0

    * [ ] Socks proxying

    * [ ] Windows token manipulation

    * [ ] More browser script integration

    * [ ] DNS C2 profile

    * [ ] p2p capabilities

    * [ ] In memory shellcode execution `execute-shellcode`

## General Commands

Command | Syntax | Description

------- | ------ | -----------

cat | `cat [file]` | Output the contents of a file.

cd | `cd [new directory]` | Change directory.

cp | `cp [source] [destination]` | Copy a file from [source] to [destination].

download | `download [path]` | Download a file from the target system (supports relative paths).

exit | `exit` | Exit the agent.

getenv | `getenv` | Get the current environment variables.

getprivs | `getprivs` | Get the privileges of the agent session.

jobkill | `jobkill [job id]` | Shutdown a running background job.

jobs | `jobs` | List currently running background jobs.

ls | `ls [directory]` | List files or directories (supports relative paths).

mkdir | `mkdir [directory]` | Make a new directory.

mv | `mv [source] [destination]` | Move a file from [source] to [destination] (supports relative paths).

portscan | `portscan [popup]` | Scan a list of IPs for open ports.

ps | `ps` | Get a list of currently running processes.

pwd | `pwd` | Print working directory.

redirect | `redirect [:::]` | Setup a TCP redirector on the remote system.

rm | `rm [path]` | Remove a file or directory (supports relative paths).

setenv | `setenv [name] [value]` | Set environment variable [name] to [value].

shell | `shell [command]` | Run a shell command with `bash -c` on Linux or `cmd.exe /c` on Windows in a new thread.

sleep | `sleep [interval][units] [jitter]` | Set the sleep interval and jitter (supports unit suffixing).

ssh | `ssh [popup]` | Use ssh to execute commands, download/upload files or grab directory listings.

ssh-agent | `ssh-agent [-c ] [-d] [-l]` | Connect to running ssh agent sockets on the host or list identities.

ssh-spawn | `ssh-spawn [popup]` | Spawn a Mythic agent on a remote host using ssh.

unsetenv | `unsetenv [var]` | Unset an environment variable.

upload | `upload [popup]` | Upload a file to the host machine.

### Windows-specific Commands

Command | Syntax | Description

------- | ------ | -----------

powershell | `powershell [command]` | Run a command using `powershell.exe /c` in a new thread.