Und3rf10w / external_c2_framework

Python api for usage with cobalt strike's External C2 specification

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Refactor Cobalt Strike c2 client

Und3rf10w opened this issue · comments

The client needs to be further abstracted, this will provide the base logic that is required for the server core to be refactored.

The following list of desired features should be taken into account when designing the refactor, however they do not need to be implemented in time for the beta release.

  • The client should be able to eventually support the usage of multiple transports and encoders. - ignore for beta target, this will be tracked by #22
  • Transports and encoders should be abstracted enough to easily support the dynamic loading and unloading of them.
  • Support reconfiguration of the block timer.
  • Support both synchronous and asynchronous transports
  • Support the encryption and decryption of certain strings that can be used by anything (such as the c2_pipe_name)

The only thing that NEEDS to be added to the client is:

  • Implement the ability to handle BOTH batch and normal encoding of data. (e.g. encode and upload images one by one, vs encoding data as base64 then sending it.) - #13

Consider the following UML diagram for the client refactor, subject to change:

image