Introduction

In order to better understand what a C2 framework is at its most basic level, think of a Netcat listener (the C2 server) that is capable of handling many reverse shells calling back at once (C2 Agents). It’s a server but for reverse shells. Unlike Netcat, almost all C2 frameworks require a special payload generator. This is usually a feature that is built into the framework itself. For example, Metasploit is a C2 Framework that has its own payload generator, MSFVenom.

We covered the second part of Command & Control Servers. We explained how to setup Metasploit as a C2 server which includes configuring a redirector on Apache2 or any other webserver to forward the callbacks. This is a protective measure designed to hide C2 servers from being reported by blue teams. Using Metasploit as a C2 server depends on our knowledge about the protections configured on the target. Obfuscating the created payloads is an inevitable part of using Metasploit in real engagements as security solutions and firewalls can identify Metasploit and Meterpreter traffic easily. This was part of TryHackMe Intro to C2 Servers | Red Team Pathway

Get OSCP Certificate Notes

Challenge Answers

What is the term for the software on a compromised computer that communicates back to a command and control (C2) server?

What is the beaconing option that introduces a random delay value to the sleep timer?

What is the term for the first portion of a Staged payload?

What is the name of the communication method that can potentially allow access to a restricted network segment that communicates via TCP ports 139 and 445?

Which listener should you choose if you have a device that cannot easily access the internet?

Which listener should you choose if you’re accessing a restricted network segment?

Which listener should you choose if you are dealing with a Firewall that does protocol inspection?

What is the Administrator’s NTLM hash?

What flag can be found after gaining Administrative access to the PC?

What flag can be found after gaining access to Ted’s user account?

What is Ted’s NTLM Hash?

What setting name that allows you to modify the User Agent field in a Meterpreter payload?

What setting name that allows you to modify the Host header in a Meterpreter payload?

Video Walkthrough(s)

About the Author

Mastermind Study Notes is a group of talented authors and writers who are experienced and well-versed across different fields. The group is led by, Motasem Hamdan, who is a Cybersecurity content creator and YouTuber.

View Articles