Post by xtr4nge on Feb 22, 2017 9:14:17 GMT
Original: GitHub: FruityC2-101
In the current version (0.1 alpha), FruityC2 restricts the access to the API by source IP, so it is required to add the IP from where FruityC2-Client will be executed into the allowed list.
Edit the configuration file {FruityC2}/config/settings.conf section [source][control] allow, and add the IP. You can add multiple IPs.
After installing all the dependencies, you just need to start the server executing FruityC2.py.
The default port for the server is 50000, but it can be changed from the settings.conf file.
To run the client, open index.html from FruityC2-Client. You can run the client locally just using a web browser, but feel free to move all the files into a webserver if you want.
In the initial window, you need to add the Host where FruityC2 is running. In this example I used 127.0.0.1 just because the server and the client are in the same machine.
Set the Port (50000 by default), and a User. The user is just a nickname, so you can put anything there. The Token is not implemented yet, so you don’t need to do nothing with it.
After login into FruityC2-Client, you will see the following screen
To start using FruityC2, first you need to create a listener. The listener will be used by the targets/agents to interact with FruityC2.
The code generator also uses the listeners, because the payload is related with it.
Click on the Listener tab to setup the listeners.
To create a listener you just need to click “+” on “+ Listeners”. Add a Name, Host (this needs to be FruityC2 IP) and Port. In the current version, SSL is not yet implemented.
After creating the listener, you will see that the status is “disabled”.
To start the listener just click on “disabled” and the status will change to “enabled”. Now the listener is up and running, ready to be used.
On this initial tutorial, I will show you how to do a quick test to verify if everything is working as expected.
We are going to create a single line powershell encoded command that we can run manually on a Windows machine.
Open the code generator from the main menu (gears icon), select the created listener (in this case “B-HTTP”), for Type select “powershell-command” and hit submit.
Copy the code from the payload box.
To test the generated code, open cmd on a Windows machine, paste the code and press enter.
In FruityC2-Client you will see a machine in the targets/agents list, and now you can interact with it.
Click the machine on the list and run any command, for example “shell ipconfig”.
In the current version (0.1 alpha), FruityC2 restricts the access to the API by source IP, so it is required to add the IP from where FruityC2-Client will be executed into the allowed list.
Edit the configuration file {FruityC2}/config/settings.conf section [source][control] allow, and add the IP. You can add multiple IPs.
After installing all the dependencies, you just need to start the server executing FruityC2.py.
The default port for the server is 50000, but it can be changed from the settings.conf file.
To run the client, open index.html from FruityC2-Client. You can run the client locally just using a web browser, but feel free to move all the files into a webserver if you want.
In the initial window, you need to add the Host where FruityC2 is running. In this example I used 127.0.0.1 just because the server and the client are in the same machine.
Set the Port (50000 by default), and a User. The user is just a nickname, so you can put anything there. The Token is not implemented yet, so you don’t need to do nothing with it.
After login into FruityC2-Client, you will see the following screen
To start using FruityC2, first you need to create a listener. The listener will be used by the targets/agents to interact with FruityC2.
The code generator also uses the listeners, because the payload is related with it.
Click on the Listener tab to setup the listeners.
To create a listener you just need to click “+” on “+ Listeners”. Add a Name, Host (this needs to be FruityC2 IP) and Port. In the current version, SSL is not yet implemented.
After creating the listener, you will see that the status is “disabled”.
To start the listener just click on “disabled” and the status will change to “enabled”. Now the listener is up and running, ready to be used.
On this initial tutorial, I will show you how to do a quick test to verify if everything is working as expected.
We are going to create a single line powershell encoded command that we can run manually on a Windows machine.
Open the code generator from the main menu (gears icon), select the created listener (in this case “B-HTTP”), for Type select “powershell-command” and hit submit.
Copy the code from the payload box.
To test the generated code, open cmd on a Windows machine, paste the code and press enter.
In FruityC2-Client you will see a machine in the targets/agents list, and now you can interact with it.
Click the machine on the list and run any command, for example “shell ipconfig”.