Skip to content

1 ‐ Exploration C2

Maxime dcb edited this page Nov 15, 2024 · 7 revisions

What it is

Exploration is a redteam Command and Control framework.

Introduction

The TeamServer is a stand alone application, coded in c++, that handle listeners. The client, coded in python, communicate with the TeamServer through GRPC.
Beacons run on the victime host. Each Beacons which connects back to the TeamServer open a new session. This session is used to control the Beacon, send commands and receive results.
Listener and Beacons can communicate through TCP, SMB, HTTP, HTTPS and Github issues depending on the situation.

alt text

A compiled version of the TeamServer is ready to use in the Releases of C2TeamServer, with some default certificates for GRPC communication and HTTPS Listener:

The TeamServer binary compiled for linux is in Release/TeamServer:

user-[~]$ cd Release/TeamServer  
user-[~/Release/TeamServer]$ ./TeamServer

The python client is in Release/Client:

# For the client
pip3 install pycryptodome
pip3 install grpcio==1.66.1
pip3 install PyQt5
pip3 install pyqtdarktheme
pip3 install protobuf==5.27.0

# For Generate WindowsExecutable & Generate GoWindowsExecutable
sudo apt install gcc-mingw-w64
sudo apt install g++-mingw-w64
sudo apt search golang-go
user-[~]$ cd Release/Client 
# --dev is to specify that the GRPC hostname in the SSL certificat will not be checked
# --ip is the ip of the TeamServer
user-[~/Release/Client]$ python3 GUI.py --ip 127.0.0.0 --port 50051 --dev
Clone this wiki locally