Lightweight Adversary simulation command and control platform created by @PPh3nX
LightC2 is an modulable lightweight Adversary simulation command and control platform. It includes modules execution, cli interface, web api, custom agents/shellcodes, custom methods ...
This platform is destinated to cybersecurity experts for pentest/red team operations purposes. It is currently under development
The installation process is pretty simple:
sudo apt install python3 python3-pip
git clone https://github.com/Ph3nX-Z/LightC2.git
cd LightC2
python3 -m pip install argon2-cffi Flask readchar
nimble install winim
You can now use LightC2 😁
Global usage:
usage: LightC2 [-h] [--password PASSWORD] [--user USER] [--register] [--register-key REGISTER_KEY] [--teamserver TEAMSERVER] mode
Minimalist C2 for short offensive missions
positional arguments:
mode Specify if the script is in server mode (teamserver), or in client mode
options:
-h, --help show this help message and exit
--password PASSWORD, -p PASSWORD
Specify a password for client mode
--user USER, -u USER Specify a user for client mode
--register, -r If set, will register the user you passed in argument (need the register key)
--register-key REGISTER_KEY, -k REGISTER_KEY
Specify the key to register to team server in client mode
--teamserver TEAMSERVER, -t TEAMSERVER
Specify the host (https://host:port) to connect to the team server in client modeServer side example:
python3 main.py serverClient side example:
python3 main.py client -u "user" -p "password" --teamserver "https://127.0.0.1:8080"Client side example with register (will register user and password):
python3 main.py client -u "user" -p "password" --teamserver "https://127.0.0.1:8080" --register --register-key <registerkey from teamserver>tool usage:
| Feature | Category | Status |
|---|---|---|
| Argon2 | Password hashing | Implemented |
| XChaCha20 | Vault Storage | Implemented |
| Sqlite3 | Global Storage | Implemented |
| Multiprocess | Global Api | Implemented |
| HTTP/S | Listener | Implemented |
| Tasking in db | Jobs | Implemented |
| Nim Agent | Agent | In progress |
| thread safe input func | Cli Client | Implemented |
| thread safe print func | Cli Client | Implemented |
| Ekko sleep obfuscation | Agent | Implemented |
Generate (following the listener id)
- Stager --> generate client side (and specify the listener specified in generate)
- shellcode for stage 0 : generate client side --> send to ts (host shellcode following the listener specified in the generate)
Modules:
- shellcode for modules : generated client side --> send to ts (hosted on all the listeners)
- when module is called, method:module sent to the agent --> basic shellcode loader and output looting in the default named pipe.
To add:
- Token Vault (steal token in session and reuse it in another session)