RedPacket Security

InfoSec News & Tutorials

Tools 

Geacon – Implement CobaltStrike’s Beacon In Go

admin , , , ,
Click the icon to Follow me:- twitterTelegramRedditDiscord
geacon 1 sc

Using Go to implement CobaltStrike’s Beacon

The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 12 cores and 24 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED ...
AMD Ryzen 9 3900X 12-core, 24-thread unlocked desktop processor with Wraith Prism LED Cooler $484.00
The world's most advanced processor in the desktop PC gaming segment Can deliver ultra-fast 100+ FPS performance in the world's most popular games 12 cores and 24 processing threads, bundled with the AMD Wraith Prism cooler with color controlled LED ... read more
(as of February 28, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
AMD's fastest 6 core processor for mainstream desktop, with 12 processing threads Can deliver elite 100+ FPS performance in the world's most popular games Bundled with the quiet, capable AMD Wraith Stealth cooler 4.6 GHz Max Boost, unlocked for overc...
AMD Ryzen 5 5600X 6-core, 12-Thread Unlocked Desktop Processor with Wraith Stealth Cooler $389.99 $377.10
AMD's fastest 6 core processor for mainstream desktop, with 12 processing threads Can deliver elite 100+ FPS performance in the world's most popular games Bundled with the quiet, capable AMD Wraith Stealth cooler 4.6 GHz Max Boost, unlocked for overc... read more
(as of February 28, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
System ram type: DDR4_sdram
AMD Ryzen 5 2600 Processor with Wraith Stealth Cooler - YD2600BBAFBOX $199.00 $189.99
System ram type: DDR4_sdram
(as of February 28, 2021 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)

This project is for learning protocol analysis and reverse engineering only, if someone’s rights have been violated, please contact me to remove the project, and the last DO NOT USE IT ILLEGALLY

How to play

  1. Setup the teamserver and start a http lisenter, the teamserver will generate the file .cobaltstrike.beacon_keys.
  2. Compile the BeaconTool with Jetbrains Idea, use command java -jar BeaconTool.jar to convert java keystore to PEM format.
  3. Replace the RSA key pair in the file cmd/config/config.go (the RSA private key is not required, I wrote it in the code just for the record)
  4. Compile the geacon whatever platform you want to run: for example, use the command export GOOS="darwin" && export GOARCH="amd64" && go build cmd/main.go to compile an executable binary running on MacOS.
  5. Having fun ! PR and issue is welcome πŸ˜‰
  6. Geacon has just been tested on CobaltStrike 3.14 and only support default c2profile, so many hardcode in the project and I will not try to implement more C2profile support at this moment.
  7. Thanks for @xxxxxyyyy‘s PR, And now Geacon supports CobaltStrike 4.0, please checkout the branch 4.0 to compile.
  8. Geacon’s branch master supports CobaltStrike 4.1, currently available functions include: executing commands, uploading, downloading, file browser, switching the current working directory, and exiting the current process.
  9. Geacon only focuses on protocol analysis, but if you want to experience more features, you can use another project of our partners, check out CrossC2 now!

Protocol analysis

To be continued, I will update as soon as I have time …

Todo

  1. Support CobaltStrike 4.x

  2. Fix the OS icon issue in session table

  3. String encoding issue

[email protected]

You may be interested in...

  • Ring Video Doorbell – newest generation, 2020 release – 1080p HD video, improved motion detection, easy installation – Satin Nickel
  • Lorex 1080p Wired Weatherproof Security System, 4 x 1080p HD Bullet Cameras w/with 4-Channel 1TB DVR | IR Night Vision | Advanced Motion Detection & Smart Search (4 Pack)
  • Pet Camera - Indoor Security Camera, Ucam by Tenvis & IoTeX. Home Security Camera with Motion Detection/Night Vision/2-Way Audio. Blockchain Authorization, 100% Data Privacy, Amazon Cloud & SD Storage
  • Swann 8 Channel 4 Camera Security System, Wired Surveillance 1080p HD DVR 1TB HDD, Audio Capture, Weatherproof, Color Night Vision, Heat & Motion Sensing Warning Light, Alexa + Google, SWDVK-845804WL
  • Safety Technology International, Inc. STI-6400 Exit Stopper Multifunction Door Alarm, Helps Prevent Unauthorized Exits or Entries Through Emergency Doors (Two Pack)

    • Download Geacon

    If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

    Discord

    Original Source

    You May Also Like

    osint

    A week in security (December 2 – December 8)

    admin
    osint

    APPLE-SA-2020-09-16-5 Xcode 12.0

    admin
    pexels anete lusina 5240544

    Tokyo Gas Discloses Data Breach Impacting Anime-style Dating Simulation Game

    admin