infosecn1nja
/
C3
mirror of https://github.com/infosecn1nja/C3.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
223 Commits
3 Branches
3 Tags
39 MiB
Commit Graph

223 Commits (9df42c075f821ac5ac8c88a0c5b7254ba2579aea)

Author SHA1 Message Date
Grzegorz Rychlik 9df42c075f Update channel development tutorial 2020-03-03 09:38:38 +01:00
Grzegorz Rychlik 91dc3a1163 Update zlib to 1.2.11-f690224aeb (from vcpkg) 2020-02-27 10:28:12 +01:00
Grzegorz Rychlik 2e27198936 Update build script 2020-02-25 14:25:13 +01:00
Grzegorz Rychlik 088d2d47b0 Downgrade ResourceGenerator to dotnet 2.1 (LTS) to match WebController 2020-02-24 16:12:52 +01:00
Grzegorz Rychlik 66c671c169 Merge branch 'CovenantIntegrationMerge' into RC1.1 2020-02-24 16:01:39 +01:00
Grzegorz Rychlik f9122902bd Remove artifact from Common.vcxitems.filters 2020-02-24 12:50:24 +00:00
Tim Carrington 98d1b8ff87 Update ChannelLinterUsage.md 2020-02-22 11:48:12 +00:00
Tim Carrington 749658ab6a Add new file 2020-02-22 11:34:22 +00:00
Tim Carrington 98f269c13f Update ShellcodeUsage.md 2020-02-22 11:30:52 +00:00
Tim Carrington 31351f9207 Upload New File 2020-02-22 11:30:17 +00:00
Tim Carrington 0c42fff0eb Add new file 2020-02-22 11:29:08 +00:00
Tim Carrington e119aff35b Update CovenantUsage.md 2020-02-22 11:28:49 +00:00
Tim Carrington 95d5358f74 Update CovenantUsage.md 2020-02-22 11:28:24 +00:00
Tim Carrington a4339e9fca Update CovenantUsage.md 2020-02-22 11:27:49 +00:00
Tim Carrington b8056b9e55 Update CovenantUsage.md 2020-02-22 11:26:48 +00:00
Tim Carrington 1ef17dc4bf Update CovenantUsage.md 2020-02-22 11:26:00 +00:00
Tim Carrington bc655949bc Upload New File 2020-02-22 11:25:32 +00:00
Tim Carrington 94c6f1c80f Upload New File 2020-02-22 11:25:17 +00:00
Tim Carrington db146eb47a Add new directory 2020-02-22 11:20:48 +00:00
Tim Carrington f322516690 Add new file 2020-02-22 11:20:08 +00:00
Tim Carrington 311310e6d9 Update C2Integration.md 2020-02-22 10:57:05 +00:00
Tim Carrington 149d9567e2 Update C2Integration.md 2020-02-22 10:56:44 +00:00
Tim Carrington 9dcbe97c7f Update C2Integration.md 2020-02-22 10:56:11 +00:00
Tim Carrington de12108e4f Update C2Integration.md 2020-02-22 10:51:11 +00:00
Tim Carrington be177d0e23 Upload New File 2020-02-22 10:50:32 +00:00
Tim Carrington 363ab9797a Update C2Integration.md 2020-02-22 10:50:12 +00:00
Tim Carrington 3271dc4c5d Update C2Integration.md 2020-02-22 10:46:31 +00:00
Tim Carrington 9d3546cd89 Add new file 2020-02-22 10:45:03 +00:00
Tim Carrington 798e9f9ec8 Upload New File 2020-02-22 10:40:00 +00:00
tim.carrington 6a7f726f35 Merge branch 'CovenantIntegrationMerge' of git.f-secure.com:C3/C3 into CovenantIntegrationMerge 2020-02-21 09:51:38 +00:00
tim.carrington f9018412be update listening address for use with c2-bridge 2020-02-21 09:50:55 +00:00
Grzegorz Rychlik 727ee98f50 Merge branch 'Shellcode' into RC1.1 2020-02-19 15:20:02 +01:00
Grzegorz Rychlik 471ea7cc7a Add detailed help to channel linter 2020-02-19 15:04:37 +01:00
Grzegorz Rychlik e0b253f6aa Improve capability parsing error messages and add command execution logging 2020-02-19 12:14:46 +01:00
Grzegorz Rychlik a658af4e70 Better channel IO testing 2020-02-19 09:59:07 +01:00
Grzegorz Rychlik 22b15fc6e1 Better error message for missing form properties 2020-02-18 16:09:28 +01:00
Grzegorz Rychlik 3e9ca203c4 Add better error message for case typos 2020-02-18 15:54:09 +01:00
Grzegorz Rychlik a57c7b8559 Wipe DOS and NT heades after loading 2020-02-18 14:15:57 +01:00
Grzegorz Rychlik ec9a6cba21 Enable inline function expanstion for rwdi x86 2020-02-18 14:13:20 +01:00
Grzegorz Rychlik c7a18cec0d Merge branch 'Dotnet2.1' 2020-02-18 13:54:05 +01:00
Pawel Kurowski 3eb69d9780 Fix crash on shared_from_this 2020-02-07 17:37:32 +01:00
Grzegorz Rychlik 2262bf8f71 Downgrade WebController target framework to 2.1 2020-01-30 12:36:03 +01:00
Grzegorz Rychlik af219394af Detour GetModuleHandleExW function in x86 
vcruntime dispatches tasks to Windows thread pool. When task finishes
the completion callback is invoked. In order to ensure the dll that
contais that callback code is still loaded, the refcount for the dll is
incremented (via GetModuleHandleExW) when task is scheduled, and
decremented (vie FreeLibrary) after callback finishes.

FreeLibrary called with a handle to unregistered module returns an
error, which is converted into unhandled exception and resulting in
crash.
 2020-01-29 15:17:55 +01:00
Grzegorz Rychlik ba5617a5e1 Exclude RtlPcToFileHeader hook from x86 builds 
Exception info on x86 is absolute rather than relative (as x64) so
exception creation doesn't require this call.

Additionally Win8.1 SDK doesn't export `RtlPcToFileHeader` in
kernel32.lib for static linking, which causes linking to fail
 2020-01-28 10:50:25 +01:00
Grzegorz Rychlik f0e7ece23d Hook RtlPcToFileHeader function 
RtlPcToFileHeader is called when throwing exceptions, and creating
std::exception_ptrs.
Insert hook as import function address, not actual ntdll hook.
 2020-01-27 17:07:29 +01:00
Grzegorz Rychlik 1775a3980a Move Loader to separate file 2020-01-27 16:22:29 +01:00
Grzegorz Rychlik 820467f83b Separarte PE image utils 2020-01-27 15:55:11 +01:00
Andras Toth 2f3052a5c1 yarn build 2020-01-23 10:48:43 +00:00
Andras Toth 3ce4693570 Enable EDIT CONFIG on create gateway 2020-01-23 10:45:39 +00:00
Grzegorz Rychlik 8df9c1f62a Update Donut runtime libs 2020-01-22 13:30:15 +01:00