这是一个学习安全的菜鸡脚本小子.欢迎多多交流学习.
✨ Golang.
📚 Game....
🎯 Vme50...
🎲 Sleep...
And 巴拉巴拉一堆.
WeChat: WebDemoSec
Email: [email protected]
Blog: https://www.nctry.com
猫猫Cs:基于Cobalt Strike[4.5]二开 (原dogcs二开移植)
这是一个学习安全的菜鸡脚本小子.欢迎多多交流学习.
✨ Golang.
📚 Game....
🎯 Vme50...
🎲 Sleep...
And 巴拉巴拉一堆.
WeChat: WebDemoSec
Email: [email protected]
Blog: https://www.nctry.com
根据大佬的READMD.md
,我没看懂CatServer.profile-name = cobaltstrike
这个参数是什么意思,我按照READMD.md
执行报如下错误:
root@test:~/cs# java -jar cat_server.jar script 10.211.55.21 3344 cobaltstrike 123456 demo.cna
[*] Loading properties file (/root/cs/TeamServer.prop).
[*] Properties file was loaded.
Hello,cobalt strike[cat]
[*] shutting down client
[-] Disconnected from team server.
我看了日志
root@test:~/cs# cat logs/230708/events.log
07/08 09:08:19 UTC *** cobaltstrike (10.211.55.21) joined
07/08 09:08:20 UTC *** cobaltstrike quit
07/08 09:09:34 UTC *** cobaltstrike (10.211.55.21) joined
07/08 09:09:35 UTC *** cobaltstrike quit
我理解cobaltstrike
应该是profile
名称,以*.profile
结尾,但我没想明白这个文件是怎么生成的或者它应该存在哪,默认文件只有jquery-c2.4.5.profile
,感谢支持。
您好,请问如何在windows上运行cat客户端和cat team服务器?
我刚开始以为我的问题,我用4.3的执行vnc可以,环境都是本地测试的。一执行就掉线Disconnected from server ([email protected])
crossc2无法上线linux
[!] client (1.1.1.1) read [Manage: xxx]: Connection reset
不知道是为啥,cs4.3好像没有遇到过这个问题。
是要自己修改profile吗,就用jquery4.5的是不是不行,然后就是CrossC2好像不支持4.5版本,本人菜鸡一枚不知道怎么整了,还望师傅告知
无法和crossc2配合使用
tgg yyds
通过境外CDN上线
只要listener设置的是域名不是server的ip,就不能上线
同样的方法到4.4版本就可以上线
rt
具体报错信息如下:
[19137.959s][warning][os,thread] Failed to start thread "Unknown thread" - pthread_create failed (EAGAIN) for attributes: stacksize: 1024k, guardsize: 0k, detached.
[19137.960s][warning][os,thread] Failed to start the native thread for java.lang.Thread "HTTP session handler"
Exception in thread "Web Server on port 443" java.lang.OutOfMemoryError: unable to create native thread: possibly out of memory or process/resource limits reached
at java.base/java.lang.Thread.start0(Native Method)
at java.base/java.lang.Thread.start(Thread.java:798)
at cloudstrike.NanoHTTPD$HTTPSession.(NanoHTTPD.java:239)
at cloudstrike.NanoHTTPD$1.run(NanoHTTPD.java:189)
at java.base/java.lang.Thread.run(Thread.java:829)
老哥5月1日啦,解压密码嘞
没有汉化包吗
stager上线选择监听时无法选择监听,Listener监听中存在监听设置。
没有文件,也没有下载链接了啊
no pass?
rt
是否能让client兼容jdk8
服务端显示 Dropped HTTP client from /192.168.179.129 (missing URI)
使用CrossC2 无法上线Linux
session color选择颜色不生效
请问下是BUG吗还是别的方式?我选中几个机器选color都没反应。
执行了shell whoami 复制不了结果
不知道是不是有问题还是我自己的问题 请教一下
我有的dns 上线的
cat_client 执行 sudo java -jar cat_client.jar
提示 usage: [client|version]
cat_client 执行 sudo java -jar cat_client.jar client
提示[!] client (1.1.1.1) read [TeamQueue Reader]: null
at_server在ubuntu中执行 cat_client链接是提示
[-] client (1.1.1.1) read [Manage: neo]: No location for 'e_lfanew'
java.lang.IllegalArgumentException: No location for 'e_lfanew'
at pe.PEParser.getLocation(Unknown Source)
at pe.PEEditor.setValueAt(Unknown Source)
at pe.PEEditor.removeRichHeader(Unknown Source)
at pe.PEEditor.insertRichHeader(Unknown Source)
at pe.MalleablePE.pre_process(Unknown Source)
at c2profile.Preview.getPE(Unknown Source)
at c2profile.Preview.summarize(Unknown Source)
at server.ManageUser.process(ManageUser.java:117)
at server.ManageUser.run(ManageUser.java:210)
at java.base/java.lang.Thread.run(Thread.java:829)
是我操作不对还是什么
[-] client (1.1.1.1) read [main]: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)
java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)
at java.base/javax.net.ssl.DefaultSSLServerSocketFactory.throwException(SSLServerSocketFactory.java:177)
at java.base/javax.net.ssl.DefaultSSLServerSocketFactory.createServerSocket(SSLServerSocketFactory.java:205)
at ssl.SecureServerSocket.(SecureServerSocket.java:168)
at server.TeamServer.B(TeamServer.java:67)
at ServerMain.main(ServerMain.java:33)
at Cobaltstrike.main(Cobaltstrike.java:26)
Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)
at java.base/java.security.Provider$Service.newInstance(Provider.java:1868)
at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:236)
at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:164)
at java.base/javax.net.ssl.SSLContext.getInstance(SSLContext.java:185)
at java.base/javax.net.ssl.SSLContext.getDefault(SSLContext.java:110)
at java.base/javax.net.ssl.SSLServerSocketFactory.getDefault(SSLServerSocketFactory.java:74)
at ssl.SecureServerSocket.A(SecureServerSocket.java:174)
at ssl.SecureServerSocket.(SecureServerSocket.java:167)
... 3 more
Caused by: java.security.KeyManagementException: keystore password was incorrect
at java.base/sun.security.ssl.SSLContextImpl$DefaultManagersHolder.(SSLContextImpl.java:942)
at java.base/sun.security.ssl.SSLContextImpl$DefaultSSLContext.(SSLContextImpl.java:1111)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:499)
at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:480)
at java.base/java.security.Provider$Service.newInstanceOf(Provider.java:1879)
at java.base/java.security.Provider$Service.newInstanceUtil(Provider.java:1886)
at java.base/java.security.Provider$Service.newInstance(Provider.java:1861)
... 10 more
我需要配置客户端公钥,但是teamserver没有生成beacon_keys
外部C2好像有点问题,用不了
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.