Python Server for PoshC2
 
 
 
Go to file
R H 6bf0ef9f02
Merge pull request #2 from nettitude/master
Update to fork from parent
2019-01-16 21:24:53 +00:00
Files Updated if statement in Sharp.cs 2019-01-11 18:01:56 +00:00
Images Initial Commit 2018-07-23 09:55:15 +01:00
Modules Added ability to load and execute LinuxPrivChecker in memory on *nix implants. 2019-01-13 16:16:09 +00:00
.gitignore Added ability to load and execute LinuxPrivChecker in memory on *nix implants. 2019-01-13 16:16:09 +00:00
AutoLoads.py Added ability to load and execute LinuxPrivChecker in memory on *nix implants. 2019-01-13 16:16:09 +00:00
C2Server.py Updated to fix TLS 1.0 issues. Server now supports TLSv1 and above. Powershell v2 Get-WebClient requires anything below TLSv1.2 2019-01-09 22:27:44 +00:00
C2Viewer.py Add time to new implant connected message 2018-09-14 12:55:12 +01:00
Cert.py Initial Commit 2018-07-23 09:55:15 +01:00
Colours.py Initial Commit 2018-07-23 09:55:15 +01:00
Config.py Update Config.py 2019-01-13 16:23:42 +00:00
CookieDecrypter.py Cookie Decryter 2019-01-02 21:10:01 +00:00
Core.py Added CSharp Implant/Dll/Shellcode - More functionality coming soon 2018-12-27 12:10:46 +00:00
DB.py Cookie Decryter 2019-01-02 21:10:01 +00:00
HTML.py Add ability to label implants 2019-01-01 13:20:11 +00:00
Help.py Added ability to load and execute LinuxPrivChecker in memory on *nix implants. 2019-01-13 16:16:09 +00:00
INSTALL.txt Updated INSTALL notes 2018-12-02 01:15:02 +00:00
INSTALL_Socks.txt Initial Commit 2018-07-23 09:55:15 +01:00
INSTALL_Windows.txt Initial Commit 2018-07-23 09:55:15 +01:00
Implant.py Added ability to load and execute LinuxPrivChecker in memory on *nix implants. 2019-01-13 16:16:09 +00:00
ImplantHandler.py Added ability to load and execute LinuxPrivChecker in memory on *nix implants. 2019-01-13 16:16:09 +00:00
Install.sh Updated to fix TLS 1.0 issues. Server now supports TLSv1 and above. Powershell v2 Get-WebClient requires anything below TLSv1.2 2019-01-09 22:27:44 +00:00
LICENSE Initial Commit 2018-07-23 09:55:15 +01:00
OfflineReportGenerator.py Add ability to label implants 2019-01-01 13:20:11 +00:00
Payloads.py Updated payload quickstart script 2019-01-09 22:40:47 +00:00
README.md Updated README 2018-12-12 16:23:57 +00:00
TabComplete.py Initial Commit 2018-07-23 09:55:15 +01:00
Tasks.py Updated ProxyImplant for C# 2019-01-02 20:41:10 +00:00
Update.sh Removed all versioning references 2018-12-31 18:01:08 +00:00
UrlConfig.py Adding files to enable custom URL generation. 2018-12-14 01:39:24 +00:00
changelog.txt Added CSharp Implant/Dll/Shellcode - More functionality coming soon 2018-12-27 12:10:46 +00:00
oldurls.txt Adding files to enable custom URL generation. 2018-12-14 01:39:24 +00:00
poshc2.service Initial Commit 2018-07-23 09:55:15 +01:00
requirements.txt Initial Commit 2018-07-23 09:55:15 +01:00
wordlist.txt Adding files to enable custom URL generation. 2018-12-14 01:39:24 +00:00

README.md

PoshC2

PoshC2 is a proxy aware C2 framework that utilises Powershell and/or equivalent (System.Management.Automation.dll) to aid penetration testers with red teaming, post-exploitation and lateral movement. Powershell was chosen as the base implant language as it provides all of the functionality and rich features without needing to introduce multiple third party libraries to the framework.

In addition to the Powershell implant, PoshC2 also has a basic dropper written purely in Python that can be used for command and control over Unix based systems such as Mac OS or Ubuntu.

The server-side component is written in Python for cross-platform portability and speed, a Powershell server component still exists and can be installed using the 'Windows Install' as shown below but will not be maintained with future updates and releases.

Linux Install of PoshC2_Python

Install using curl & bash

curl -sSL https://raw.githubusercontent.com/nettitude/PoshC2_Python/master/Install.sh | bash

Manual install

wget https://raw.githubusercontent.com/nettitude/PoshC2_Python/master/Install.sh
chmod +x ./Install.sh
./Install.sh

Windows Install of PoshC2

powershell -exec bypass -c "IEX (New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/nettitude/PoshC2/master/C2-Installer.ps1')"

Issues / FAQs

If you are experiencing any issues during the installation or use of PoshC2 please refer checkout the open issues tracking page within GitHub. If this page doesn't have what you're looking for please open a new issue and we will try to resolve the issue asap.

If you are looking for tips and tricks on PoshC2 usage and optimisation, you are welcome to join the slack channel below.

License / Terms of Use

This software should only be used for authorised testing activity and not for malicious use.

By downloading this software you are accepting the terms of use and the licensing agreement.

Documentation

We maintain PoshC2 documentation over at https://poshc2.readthedocs.io/en/latest/

Find us on #Slack - poshc2.slack.com (to request an invite send an email to labs@nettitude.com)