zoukankan      html  css  js  c++  java
  • DropboxC2 工具原理总结——就是通过dropbox文件来间接做c2控制和交互。

    视频:https://vimeo.com/197902404

    可以看到就是一个利用dropbox的C2,不过他是通过dropbox的文件API在做C2控制的,如何做到的呢?其实很简单,C2的agent轮询服务器上是否有文件更新,有的话就下载下来,其实这里面就是C2交互的内容,而C2上传的信息又通过文件形式传到dropbox。C2的server也是通过这样的方式,间接和agent打交道。

    代码:https://github.com/Arno0x/DBC2/blob/master/lib/dropboxHandler.py,使用API:

    self.dropboxAPI = {
    			'listFolder': 'https://api.dropboxapi.com/2/files/list_folder',
    			'uploadFile': 'https://content.dropboxapi.com/2/files/upload',
    			'downloadFile': 'https://content.dropboxapi.com/2/files/download',
    			'deleteFile': 'https://api.dropboxapi.com/2/files/delete',
    			'getMetaData': 'https://api.dropboxapi.com/2/files/get_metadata',
    			'shareFile': 'https://api.dropboxapi.com/2/sharing/create_shared_link_with_settings',
    			'getSharedLink': 'https://api.dropboxapi.com/2/sharing/list_shared_links'
    		}
    

      

    Architecture(看他的架构)

    DBC2 Architecture

    Features

    DBC2 main features:

    • Various stager (Powershell one liner, batch file, MS-Office macro, javascript, DotNetToJScript, msbuild file, SCT file, ducky, more to come...)
    • Single CLI commands (one at a time, no environment persistency)
    • Pseudo-interactive shell (environment persistency) - based on an idea from 0xDEADBEEF00 [at] gmail.com
    • Send file to the agent
    • Retrieve file from the agent
    • Launch processes on the agent
    • Keylogger
    • Clipboard logger (clipboard recording/spying)
    • Screenshot capture
    • Run and interact with PowerShell modules (Endless capabilities: PowerSploit, Inveigh, Nishang, Empire modules, Powercat, etc.)
    • Send key strokes to any process
    • Set persistency through scheduled task and single instance through Mutex
    • Can run within (w|c)script.exe thanks to the DotNetToJScript stager (javascript2)
    • Can be injected into any process thanks to the nativeWrapper and its corresponding position independant shellcode !
  • 相关阅读:
    【ABAP系列】SAP ABAP OOALV 动态设置单元格可否编辑
    【HANA系列】SAP HANA使用XS和HTTP创建proxy
    【HANA系列】SAP HANA SLT在表中隐藏字段并传入HANA的方法
    【BW系列】SAP 讲讲BW/4 HANA和BW on HANA的区别
    【HANA系列】SAP HANA 2.0 SPS00 SDA(Smart Data Access)连接Hadoop
    【BW系列】SAP BW on HANA 迁移问题
    【HANA系列】SAP HANA行列转换
    【HANA系列】SAP ECLIPSE中创建ABAP项目失败原因解析
    开放-封闭原则
    单一职责原则
  • 原文地址:https://www.cnblogs.com/bonelee/p/15200778.html
Copyright © 2011-2022 走看看