Published on November 12th, 2017 | Post Views: 473 Hits0
TrevorC2 – Command and Control via Legitimate Behavior over HTTP
1. trevor2_server.py - edit the file first, and customize, what website you want to clone, etc. The server will clone a website of your choosing and stand up a server. This server is browsable by anyone and looks like a legitimate website. Contained within the source is parameter that (again is configurable), which contains the instructions for the client. Once a client connects, it searches for that parameter, then uses it to execute commands. 2. trevor2_client.py - all you need in any configurable option is the ability to call out to a website, parse some basic data, and then execute a command and then put the results in a base64 encoded query string parameter to the site. That's it, not hard.
pip install -r requirements.txt
First edit the trevor2_server.py – change the configuration options and site to clone.
Next, edit the trevor2_client.py – change the configuration and system you want it to communicate back to.