Cobaltstrike xCommunityKit
The script will upgrade your CobaltStrike as officially and as possible as possible.
#!/usr/bin/env bash
#//
export RED_BOLD='\033[1;31m' ; export YELLOW_BOLD='\033[1;33m'
export PLAIN_BOLD='\033[1;37m' ; export GRAY='\033[0m\033[2m' ; export PLAIN='\033[0m'
#//
#// > check and install bins
apt-get update ; echo 'curl wget git' | tr ' ' '\n' | xargs apt-get -y install
#// > download musl
[[ ! -f '/usr/local/x86_64-w64-mingw32-cross/bin/x86_64-w64-mingw32-gcc' ]] && \
printf "${YELLOW_BOLD} [*] Downloading mingw32-musl-cross...\n\n${PLAIN}" && \
wget -qO- --show-progress https://musl.cc/x86_64-w64-mingw32-cross.tgz | tar xz -C /usr/local/ -- ; cd /tmp
#// > prepare env
export community_kit_path="/opt/cobaltstrike/cobaltstrike_community_kit"
rm -r "$community_kit_path" 2> /dev/null ; mkdir -p "$community_kit_path" ; cd "$community_kit_path"
printf "${YELLOW_BOLD} [*] Downloading latest project list...\n\n${PLAIN}"
curl -sL "https://raw.githubusercontent.com/Cobalt-Strike/community_kit/main/tracked_repos.txt" | \
grep 'BOF' > "$community_kit_path/tracked_repos.txt"
#// > need mgeeky too
echo 'BOF, mgeeky/cobalt-arsenal' >> "$community_kit_path/tracked_repos.txt"
function BUILD_BOFS() {
#//
#/////// [>] BEGIN //
while read in
do
author=$(echo "$in" | cut -d' ' -f2- | cut -d'/' -f1)
project=$(echo "$in" | cut -d' ' -f2- | cut -d'/' -f2)
printf "${PLAIN_BOLD} [*] Cloning $author/$project ${PLAIN_BOLD} ... "
git clone --quiet --depth 1 \
https://github.com/"$author"/"$project" "$community_kit_path"/"$author"/"$project"
find "$community_kit_path"/"$author"/"$project" \
-name ".git*" \
-name "README*" \
-name "LICENSE*" \
-name "*.jpg" \
-name "*.png" \
-name "*.gif" | xargs -L1 rm -rf 2> /dev/null
find "$community_kit_path"/"$author"/"$project" \
-name 'Makefile' > /tmp/.tocompile
if [ -n "$(cat /tmp/.tocompile 2> /dev/null)" ]
then
printf "${RED_BOLD} Need 2be compiled...\n${GRAY}\n"
cd "$community_kit_path"/"$author"/"$project"
while read in
do
cd $(dirname "$in")
sed -i 's+x86_64-w64-mingw32+/usr/local/x86_64-w64-mingw32-cross/bin/x86_64-w64-mingw32+g' \
Makefile 2> /dev/null
sed -i 's+i686-w64-mingw32+/usr/local/x86_64-w64-mingw32-cross/bin/i686-w64-mingw32+g' \
Makefile 2> /dev/null
make -j16 2> /dev/null | \
sed 's+/usr/local/x86_64-w64-mingw32-cross/bin/x86_64-w64-mingw32-gcc+\t> CC64+g' | \
sed 's+/usr/local/x86_64-w64-mingw32-cross/bin/i686-w64-mingw32-gcc+\t> CC86+g' | \
sed 's@/usr/local/x86_64-w64-mingw32-cross/bin/x86_64-w64-mingw32-g++@\t> CXX64@g' | \
sed 's@/usr/local/x86_64-w64-mingw32-cross/bin/i686-w64-mingw32-g++@\t> CXX86@g' | \
sed 's@/usr/local/x86_64-w64-mingw32-cross/bin/@\t> @g' ; rm Makefile
done < /tmp/.tocompile ; printf "\n${PLAIN}"
else
printf "\n${PLAIN}"
fi
done < "$community_kit_path/tracked_repos.txt"
# // [<] BEGIN ///////
}
#///////
#//
function BUILD_BOOK() {
#//
#////// [>] DO_BOOKS //#
export csh="/opt/cobaltstrike/cobaltstrike_community_kit/CKBOOK"
export rcsh="$csh/src"
rm -r "$csh" 2> /dev/null ; mkdir -p "$rcsh" /tmp/junk 2> /dev/null
curl -sL https://raw.githubusercontent.com/Cobalt-Strike/community_kit/main/tracked_repos.txt \
> "$csh"/.allrepos ; cat "$csh"/.allrepos | cut -d',' -f1 | sort -u > /tmp/junk/rc
[[ ! -f /usr/local/bin/mdbook ]] && \
printf " ${YELLOW_BOLD} [*] Downloading MDBOOK \n${PLAIN_BOLD}" && \
wget -qO- --show-progress \
"$(curl -sL https://api.github.com/repos/rust-lang/mdBook/releases/latest | \
grep x86_64-unknown-linux-gnu.tar.gz | grep browser_download_url | \
head -1 | cut -d \" -f 4)" | tar -xvz -C /usr/local/bin/ --
[[ ! -f /usr/local/bin/filebrowser ]] && \
printf "${YELLOW_BOLD} [*] Downloading FILEBROWSER \n${PLAIN_BOLD}" && \
wget -qO- --show-progress \
"$(curl -sL https://api.github.com/repos/filebrowser/filebrowser/releases/latest | \
grep linux-amd64 | grep browser_download_url | \
head -1 | cut -d \" -f 4)" | tar -xvz -C /usr/local/bin/ --
printf "${YELLOW_BOLD} [+] Making BOOK. Indexing... \n${PLAIN}"
while read in
do
mkdir "$rcsh"/"$in"
cat "$csh"/.allrepos | grep "$in" | cut -d ',' -f2 | sed 's+ ++g' > /tmp/"$in"_r
while read tin
do
tname="$(echo $tin | awk -F'/' '{print $NF}').md"
tpath="$rcsh"/"$in"/"$tname" ; printf "\t\t${GRAY}... $in/$tname\n"
wget -c -q -O "$tpath" "$(echo $tin | \
sed 's+^+https://raw.githubusercontent.com/+g' | \
sed 's+$+/master/README.md+g')"
[[ "$(cat $tpath | wc -c)" -lt 50 ]] && rm "$tpath"
done < /tmp/"$in"_r ; printf "${PLAIN}"
done < /tmp/junk/rc
( find "$rcsh" -name "*.md" | sed "s+$rcsh+\.+g" > /tmp/junk/index
mdbook init --force --title 'COBALTSTRIKE CommunityKit' --ignore none "$csh" 2> /dev/null
printf '# Summary\n\n' > "$rcsh"/SUMMARY.md
rm "$rcsh"/chapter_1.md 2> /dev/null
while read in
do
cat "$csh"/.allrepos | \
grep "\<$in\>" | \
sed "s+$in, ++g" | \
sed 's+.*+#### [&](https://github.com/&)+' > "$rcsh"/"$in"/INDEX.MD
cat "$rcsh"/"$in"/INDEX.MD | \
cut -d'/' -f2 | \
cut -d']' -f1 > /tmp/junk/"$in"_d
echo '- [ZIN](./ZIN/INDEX.MD)' | \
sed "s+ZIN+$in+g" >> "$rcsh"/SUMMARY.md
while read in
do
echo ' - [ZIN](PATH)' | \
sed "s+ZIN+$in+g" | \
sed "s+PATH+$(cat /tmp/junk/index|grep $in)+g" >> "$rcsh"/SUMMARY.md
done < /tmp/junk/"$in"_d
done < /tmp/junk/rc
find "$rcsh" -name "*.md" | xargs sed -i '/.png\|.gif\|.jpg/{/https/p;d}'
rm -r /opt/cobaltstrike/BOOK 2> /dev/null ; mdbook build "$csh" -d /opt/cobaltstrike/BOOK ) 2> /dev/null
printf "\n\t${PLAIN_BOLD}Book DONE => /opt/cobaltstrike/BOOK${PLAIN}\n"
rm -r /tmp/junk 2> /dev/null
#// [>] DO_BOOKS /////#
}
#///////
#//
function GET_MYSKIN() {
#//
#//////// [>] GET_MY_SKIN //
[[ -z $(ls /usr/share/fonts/Terminess*) ]] && \
printf "${YELLOW_BOLD} [+] Downloading Terminus font... \n${PLAIN}" && \
wget -O /tmp/Terminus.zip -q --show-progress \
"y$(curl -fsSL https://www.nerdfonts.com/font-downloads grep 'Terminus' | cut -d'"' -f2 | head -n1)" && \
unzip -o /tmp/Terminus.zip -d /usr/share/fonts/ 2> /dev/null && \
fc-cache -fv 2> /dev/null
[[ -z $(ls /usr/share/fonts/VictorMono*) ]] && \
printf "${YELLOW_BOLD} [+] Downloading VictorMono font... \n${PLAIN}" && \
wget -O /tmp/Victor.zip -q --show-progress \
"y$(curl -fsSL https://www.nerdfonts.com/font-downloads grep 'Victor' | cut -d'"' -f2 | head -n1)" && \
unzip -o /tmp/Victor.zip -d /usr/share/fonts/ 2> /dev/null && \
fc-cache -fv 2> /dev/null
printf "
#Cobalt Strike (Aggressor) Configuration\n
#Sat May 11 11:11:11 UTC 1111\n
statusbar.foreground.color=\#cccccc\n
console.page_up.shortcut=pressedPAGE_UP\n
console.color_13.color=\#ff001b\n
console.showtimestamp.boolean=false\n
console.color_6.color=\#f8ddff\n
armitage.required_exploit_rank.string=great\n
console.show_colors.boolean=true\n
console.find.shortcut=ctrlpressedF\n
console.color_10.color=\#a3c7ff\n
graph.foreground.color=\#111111\n
graph.default_layout.layout=tree-bottom\n
graph.background.color=\#111111\n
reporting.custom_reports=\n
beacon.health.monitoring.enable=No communication\n
tab.highlight.color=\#dd1d53\n
console.font_size_reset.shortcut=ctrlpressed0\n
console.color_9.color=\#52ff69\n
console.history_previous.shortcut=pressedUP\n
statusbar.background.color=\#666666\n
graph.select_all.shortcut=ctrlpressedA\n
armitage.show_all_commands.boolean=true\n
graph.edge_highlight.color=\#234e23\n
console.font_size_plus.shortcut=ctrlpressedEQUALS\n
console.history_next.shortcut=pressedDOWN\n
client.toolbar.boolean=false\n
console.color_12.color=\#092d54\n
console.color_2.color=\#3f326e\n
armitage.no_msf_banner.boolean=true\n
client.vncports.string=20000-30000\n
console.font.font=Victor Mono SemiBold-PLAIN-15\n
armitage.string.target_view=graph\n
connection.active.color=\#0000ff\n
reporting.accent.color=\#636363\n
application.skin.skin=FlatLightLaf\n
graph.save_screenshot.shortcut=ctrlpressedP\n
graph.arrange_icons_hierarchical.shortcut=ctrlpressedH\n
console.color_5.color=\#c50454\n
graph.arrange_icons_circle.shortcut=ctrlpressedC\n
graph.zoom_reset.shortcut=ctrlpressed0\n
console.color_1.color=\#000000\n
console.highlight.color=\#ff1700\n
graph.selection.color=\#f8ff00\n
console.color_8.color=\#8fecff\n
reporting.header_image.file=\n
graph.clear_selection.shortcut=pressedESCAPE\n
console.page_down.shortcut=pressedPAGE_DOWN\n
graph.arrange_icons_stack.shortcut=ctrlpressedS\n
console.foreground.color=\#000000\n
client.gui.theme=Dark\n
console.color_4.color=\#EF2929\n
beacon.health.monitoring.period=60\n
console.color_15.color=\#000000\n
connection.view.alias.boolean=true\n
graph.edge.color=\#3c6318\n
console.font_size_minus.shortcut=ctrlpressedMINUS\n
beacon.health.monitoring.missedcheckins=3\n
armitage.application_title.string=HelloXD\n
console.clear_buffer.shortcut=pressedESCAPE\n
console.color_7.color=\#101010\n
graph.refresh_targets.shortcut=ctrlpressedR\n
client.font.font=Terminess Nerd Font Mono-BOLD-16\n
console.color_14.color=\#ffdf00\n
console.background.color=\#666666\n
graph.font.font=Monospaced-BOLD-14\n
console.clear_screen.shortcut=ctrlpressedK\n
console.select_all.shortcut=ctrlpressedA\n
graph.zoom_in.shortcut=ctrlpressedEQUALS\n
console.color_11.color=\#003998\n
console.color_3.color=\#dcdcdc\n
connection.showteamserverbar.boolean=false\n
armitage.font_scale.int=100\n
graph.zoom_out.shortcut=ctrlpressedMINUS\n
beacon.health.monitoring.type=Sleep period for the beacon\n
console.color_0.color=\#000000\n
cortana.scripts=" | sed 's+\t\| ++g' | grep . > ~/.aggressor.prop
cp ~/.aggressor.prop ~/.aggressor.prop_bak
#//[<] GET_MY_SKIN ////////
}
#///////
#//
function ADD_CNAS() {
#//
#//////// [>] WRITE_CONFIG //
printf '#!/bin/bash
#// COS EXECUTABLE ;-)
#// serve our book. u may find it in CK popup in your client
mdbook serve /opt/cobaltstrike/cobaltstrike_community_kit/CKBOOK -n 127.0.0.1 -p 55105 &
#// starting filebrowser in CK home dir. also will be there)
filebrowser --root /opt/cobaltstrike/cobaltstrike_community_kit --noauth -a 127.0.0.1 -p 55205
' > \
/opt/cobaltstrike/cobaltstrike_community_kit/CK_helper.sh
chmod +x /opt/cobaltstrike/cobaltstrike_community_kit/CK_helper.sh
printf '
[Unit]
Description=CK_Helpers
[Service]
StartLimitInterval=5
StartLimitBurst=10
ExecStart=/opt/cobaltstrike/cobaltstrike_community_kit/CK_helper.sh
WorkingDirectory=/opt/cobaltstrike/
Restart=always
RestartSec=120
[Install]
WantedBy=multi-user.target' | > /etc/systemd/system/ck.service
( systemctl disable ck
systemctl stop ck
systemctl daemon-reload
systemctl enable ck
systemctl start ck ) 2> /dev/null
printf 'menubar("CK", "ck");
popup ck {
item("CK_Wiki", { exec("chromium --no-sandbox http://127.0.0.1:55105"); });
item("CK_Browser", { exec("chromium --no-sandbox http://127.0.0.1:55205"); });
}' > \
/opt/cobaltstrike/cobaltstrike_community_kit/CK.cna
cat ~/.aggressor.prop | grep 'cortana.scripts' > /tmp/.c
sed -i '/cortana.scripts/g' ~/.aggressor.prop
find /opt/cobaltstrike/cobaltstrike_community_kit -name "*.cna" >> /tmp/.c
echo '/opt/cobaltstrike/cobaltstrike_community_kit/CK.cna' >> /tmp/.c
#// ... SOME FIXES ... //#
sed -i 's+spawn+boku_spawn+g' \
/opt/cobaltstrike/cobaltstrike_community_kit/boku7/SPAWN/spawn.cna
cat /tmp/.c | tr '\n' '@' | sed 's+@+\\!\\!+g' | head -c -4 >> ~/.aggressor.prop
#// [<] WRITE_CONFIG ////////
}
BUILD_BOFS
BUILD_BOOK
GET_MYSKIN
ADD_CNAS
#// THE_END //#
printf "${RED_BOLD}\n\n\t...Finished...${PLAIN_BOLD}\n\tPlease reboot your cs.\n"
printf "\tBackup of .aggressor.prop => ${YELLOW_BOLD}$HOME/.aggressor.prop_bak ${PLAIN}\n"
printf '\t\t\t\t\t\t\t\t\t\t..best regards >XD..\n'#!/usr/bin/env bash
#//
export RED_BOLD='\033[1;31m' ; export YELLOW_BOLD='\033[1;33m'
export PLAIN_BOLD='\033[1;37m' ; export GRAY='\033[0m\033[2m' ; export PLAIN='\033[0m'
#//
#// > check and install bins
apt-get update ; echo 'curl wget git' | tr ' ' '\n' | xargs apt-get -y install
#// > download musl
[[ ! -f '/usr/local/x86_64-w64-mingw32-cross/bin/x86_64-w64-mingw32-gcc' ]] && \
printf "${YELLOW_BOLD} [*] Downloading mingw32-musl-cross...\n\n${PLAIN}" && \
wget -qO- --show-progress https://musl.cc/x86_64-w64-mingw32-cross.tgz | tar xz -C /usr/local/ -- ; cd /tmp
#// > prepare env
export community_kit_path="/opt/cobaltstrike/cobaltstrike_community_kit"
rm -r "$community_kit_path" 2> /dev/null ; mkdir -p "$community_kit_path" ; cd "$community_kit_path"
printf "${YELLOW_BOLD} [*] Downloading latest project list...\n\n${PLAIN}"
curl -sL "https://raw.githubusercontent.com/Cobalt-Strike/community_kit/main/tracked_repos.txt" | \
grep 'BOF' > "$community_kit_path/tracked_repos.txt"
#// > need mgeeky too
echo 'BOF, mgeeky/cobalt-arsenal' >> "$community_kit_path/tracked_repos.txt"
function BUILD_BOFS() {
#//
#/////// [>] BEGIN //
while read in
do
author=$(echo "$in" | cut -d' ' -f2- | cut -d'/' -f1)
project=$(echo "$in" | cut -d' ' -f2- | cut -d'/' -f2)
printf "${PLAIN_BOLD} [*] Cloning $author/$project ${PLAIN_BOLD} ... "
git clone --quiet --depth 1 \
https://github.com/"$author"/"$project" "$community_kit_path"/"$author"/"$project"
find "$community_kit_path"/"$author"/"$project" \
-name ".git*" \
-name "README*" \
-name "LICENSE*" \
-name "*.jpg" \
-name "*.png" \
-name "*.gif" | xargs -L1 rm -rf 2> /dev/null
find "$community_kit_path"/"$author"/"$project" \
-name 'Makefile' > /tmp/.tocompile
if [ -n "$(cat /tmp/.tocompile 2> /dev/null)" ]
then
printf "${RED_BOLD} Need 2be compiled...\n${GRAY}\n"
cd "$community_kit_path"/"$author"/"$project"
while read in
do
cd $(dirname "$in")
sed -i 's+x86_64-w64-mingw32+/usr/local/x86_64-w64-mingw32-cross/bin/x86_64-w64-mingw32+g' \
Makefile 2> /dev/null
sed -i 's+i686-w64-mingw32+/usr/local/x86_64-w64-mingw32-cross/bin/i686-w64-mingw32+g' \
Makefile 2> /dev/null
make -j16 2> /dev/null | \
sed 's+/usr/local/x86_64-w64-mingw32-cross/bin/x86_64-w64-mingw32-gcc+\t> CC64+g' | \
sed 's+/usr/local/x86_64-w64-mingw32-cross/bin/i686-w64-mingw32-gcc+\t> CC86+g' | \
sed 's@/usr/local/x86_64-w64-mingw32-cross/bin/x86_64-w64-mingw32-g++@\t> CXX64@g' | \
sed 's@/usr/local/x86_64-w64-mingw32-cross/bin/i686-w64-mingw32-g++@\t> CXX86@g' | \
sed 's@/usr/local/x86_64-w64-mingw32-cross/bin/@\t> @g' ; rm Makefile
done < /tmp/.tocompile ; printf "\n${PLAIN}"
else
printf "\n${PLAIN}"
fi
done < "$community_kit_path/tracked_repos.txt"
# // [<] BEGIN ///////
}
#///////
#//
function BUILD_BOOK() {
#//
#////// [>] DO_BOOKS //#
export csh="/opt/cobaltstrike/cobaltstrike_community_kit/CKBOOK"
export rcsh="$csh/src"
rm -r "$csh" 2> /dev/null ; mkdir -p "$rcsh" /tmp/junk 2> /dev/null
curl -sL https://raw.githubusercontent.com/Cobalt-Strike/community_kit/main/tracked_repos.txt \
> "$csh"/.allrepos ; cat "$csh"/.allrepos | cut -d',' -f1 | sort -u > /tmp/junk/rc
[[ ! -f /usr/local/bin/mdbook ]] && \
printf " ${YELLOW_BOLD} [*] Downloading MDBOOK \n${PLAIN_BOLD}" && \
wget -qO- --show-progress \
"$(curl -sL https://api.github.com/repos/rust-lang/mdBook/releases/latest | \
grep x86_64-unknown-linux-gnu.tar.gz | grep browser_download_url | \
head -1 | cut -d \" -f 4)" | tar -xvz -C /usr/local/bin/ --
[[ ! -f /usr/local/bin/filebrowser ]] && \
printf "${YELLOW_BOLD} [*] Downloading FILEBROWSER \n${PLAIN_BOLD}" && \
wget -qO- --show-progress \
"$(curl -sL https://api.github.com/repos/filebrowser/filebrowser/releases/latest | \
grep linux-amd64 | grep browser_download_url | \
head -1 | cut -d \" -f 4)" | tar -xvz -C /usr/local/bin/ --
printf "${YELLOW_BOLD} [+] Making BOOK. Indexing... \n${PLAIN}"
while read in
do
mkdir "$rcsh"/"$in"
cat "$csh"/.allrepos | grep "$in" | cut -d ',' -f2 | sed 's+ ++g' > /tmp/"$in"_r
while read tin
do
tname="$(echo $tin | awk -F'/' '{print $NF}').md"
tpath="$rcsh"/"$in"/"$tname" ; printf "\t\t${GRAY}... $in/$tname\n"
wget -c -q -O "$tpath" "$(echo $tin | \
sed 's+^+https://raw.githubusercontent.com/+g' | \
sed 's+$+/master/README.md+g')"
[[ "$(cat $tpath | wc -c)" -lt 50 ]] && rm "$tpath"
done < /tmp/"$in"_r ; printf "${PLAIN}"
done < /tmp/junk/rc
( find "$rcsh" -name "*.md" | sed "s+$rcsh+\.+g" > /tmp/junk/index
mdbook init --force --title 'COBALTSTRIKE CommunityKit' --ignore none "$csh" 2> /dev/null
printf '# Summary\n\n' > "$rcsh"/SUMMARY.md
rm "$rcsh"/chapter_1.md 2> /dev/null
while read in
do
cat "$csh"/.allrepos | \
grep "\<$in\>" | \
sed "s+$in, ++g" | \
sed 's+.*+#### [&](https://github.com/&)+' > "$rcsh"/"$in"/INDEX.MD
cat "$rcsh"/"$in"/INDEX.MD | \
cut -d'/' -f2 | \
cut -d']' -f1 > /tmp/junk/"$in"_d
echo '- [ZIN](./ZIN/INDEX.MD)' | \
sed "s+ZIN+$in+g" >> "$rcsh"/SUMMARY.md
while read in
do
echo ' - [ZIN](PATH)' | \
sed "s+ZIN+$in+g" | \
sed "s+PATH+$(cat /tmp/junk/index|grep $in)+g" >> "$rcsh"/SUMMARY.md
done < /tmp/junk/"$in"_d
done < /tmp/junk/rc
find "$rcsh" -name "*.md" | xargs sed -i '/.png\|.gif\|.jpg/{/https/p;d}'
rm -r /opt/cobaltstrike/BOOK 2> /dev/null ; mdbook build "$csh" -d /opt/cobaltstrike/BOOK ) 2> /dev/null
printf "\n\t${PLAIN_BOLD}Book DONE => /opt/cobaltstrike/BOOK${PLAIN}\n"
rm -r /tmp/junk 2> /dev/null
#// [>] DO_BOOKS /////#
}
#///////
#//
function GET_MYSKIN() {
#//
#//////// [>] GET_MY_SKIN //
[[ -z $(ls /usr/share/fonts/Terminess*) ]] && \
printf "${YELLOW_BOLD} [+] Downloading Terminus font... \n${PLAIN}" && \
wget -O /tmp/Terminus.zip -q --show-progress \
"y$(curl -fsSL https://www.nerdfonts.com/font-downloads grep 'Terminus' | cut -d'"' -f2 | head -n1)" && \
unzip -o /tmp/Terminus.zip -d /usr/share/fonts/ 2> /dev/null && \
fc-cache -fv 2> /dev/null
[[ -z $(ls /usr/share/fonts/VictorMono*) ]] && \
printf "${YELLOW_BOLD} [+] Downloading VictorMono font... \n${PLAIN}" && \
wget -O /tmp/Victor.zip -q --show-progress \
"y$(curl -fsSL https://www.nerdfonts.com/font-downloads grep 'Victor' | cut -d'"' -f2 | head -n1)" && \
unzip -o /tmp/Victor.zip -d /usr/share/fonts/ 2> /dev/null && \
fc-cache -fv 2> /dev/null
printf "
#Cobalt Strike (Aggressor) Configuration\n
#Sat May 11 11:11:11 UTC 1111\n
statusbar.foreground.color=\#cccccc\n
console.page_up.shortcut=pressedPAGE_UP\n
console.color_13.color=\#ff001b\n
console.showtimestamp.boolean=false\n
console.color_6.color=\#f8ddff\n
armitage.required_exploit_rank.string=great\n
console.show_colors.boolean=true\n
console.find.shortcut=ctrlpressedF\n
console.color_10.color=\#a3c7ff\n
graph.foreground.color=\#111111\n
graph.default_layout.layout=tree-bottom\n
graph.background.color=\#111111\n
reporting.custom_reports=\n
beacon.health.monitoring.enable=No communication\n
tab.highlight.color=\#dd1d53\n
console.font_size_reset.shortcut=ctrlpressed0\n
console.color_9.color=\#52ff69\n
console.history_previous.shortcut=pressedUP\n
statusbar.background.color=\#666666\n
graph.select_all.shortcut=ctrlpressedA\n
armitage.show_all_commands.boolean=true\n
graph.edge_highlight.color=\#234e23\n
console.font_size_plus.shortcut=ctrlpressedEQUALS\n
console.history_next.shortcut=pressedDOWN\n
client.toolbar.boolean=false\n
console.color_12.color=\#092d54\n
console.color_2.color=\#3f326e\n
armitage.no_msf_banner.boolean=true\n
client.vncports.string=20000-30000\n
console.font.font=Victor Mono SemiBold-PLAIN-15\n
armitage.string.target_view=graph\n
connection.active.color=\#0000ff\n
reporting.accent.color=\#636363\n
application.skin.skin=FlatLightLaf\n
graph.save_screenshot.shortcut=ctrlpressedP\n
graph.arrange_icons_hierarchical.shortcut=ctrlpressedH\n
console.color_5.color=\#c50454\n
graph.arrange_icons_circle.shortcut=ctrlpressedC\n
graph.zoom_reset.shortcut=ctrlpressed0\n
console.color_1.color=\#000000\n
console.highlight.color=\#ff1700\n
graph.selection.color=\#f8ff00\n
console.color_8.color=\#8fecff\n
reporting.header_image.file=\n
graph.clear_selection.shortcut=pressedESCAPE\n
console.page_down.shortcut=pressedPAGE_DOWN\n
graph.arrange_icons_stack.shortcut=ctrlpressedS\n
console.foreground.color=\#000000\n
client.gui.theme=Dark\n
console.color_4.color=\#EF2929\n
beacon.health.monitoring.period=60\n
console.color_15.color=\#000000\n
connection.view.alias.boolean=true\n
graph.edge.color=\#3c6318\n
console.font_size_minus.shortcut=ctrlpressedMINUS\n
beacon.health.monitoring.missedcheckins=3\n
armitage.application_title.string=HelloXD\n
console.clear_buffer.shortcut=pressedESCAPE\n
console.color_7.color=\#101010\n
graph.refresh_targets.shortcut=ctrlpressedR\n
client.font.font=Terminess Nerd Font Mono-BOLD-16\n
console.color_14.color=\#ffdf00\n
console.background.color=\#666666\n
graph.font.font=Monospaced-BOLD-14\n
console.clear_screen.shortcut=ctrlpressedK\n
console.select_all.shortcut=ctrlpressedA\n
graph.zoom_in.shortcut=ctrlpressedEQUALS\n
console.color_11.color=\#003998\n
console.color_3.color=\#dcdcdc\n
connection.showteamserverbar.boolean=false\n
armitage.font_scale.int=100\n
graph.zoom_out.shortcut=ctrlpressedMINUS\n
beacon.health.monitoring.type=Sleep period for the beacon\n
console.color_0.color=\#000000\n
cortana.scripts=" | sed 's+\t\| ++g' | grep . > ~/.aggressor.prop
cp ~/.aggressor.prop ~/.aggressor.prop_bak
#//[<] GET_MY_SKIN ////////
}
#///////
#//
function ADD_CNAS() {
#//
#//////// [>] WRITE_CONFIG //
printf '#!/bin/bash
#// COS EXECUTABLE ;-)
#// serve our book. u may find it in CK popup in your client
mdbook serve /opt/cobaltstrike/cobaltstrike_community_kit/CKBOOK -n 127.0.0.1 -p 55105 &
#// starting filebrowser in CK home dir. also will be there)
filebrowser --root /opt/cobaltstrike/cobaltstrike_community_kit --noauth -a 127.0.0.1 -p 55205
' > \
/opt/cobaltstrike/cobaltstrike_community_kit/CK_helper.sh
chmod +x /opt/cobaltstrike/cobaltstrike_community_kit/CK_helper.sh
printf '
[Unit]
Description=CK_Helpers
[Service]
StartLimitInterval=5
StartLimitBurst=10
ExecStart=/opt/cobaltstrike/cobaltstrike_community_kit/CK_helper.sh
WorkingDirectory=/opt/cobaltstrike/
Restart=always
RestartSec=120
[Install]
WantedBy=multi-user.target' | > /etc/systemd/system/ck.service
( systemctl disable ck
systemctl stop ck
systemctl daemon-reload
systemctl enable ck
systemctl start ck ) 2> /dev/null
printf 'menubar("CK", "ck");
popup ck {
item("CK_Wiki", { exec("chromium --no-sandbox http://127.0.0.1:55105"); });
item("CK_Browser", { exec("chromium --no-sandbox http://127.0.0.1:55205"); });
}' > \
/opt/cobaltstrike/cobaltstrike_community_kit/CK.cna
cat ~/.aggressor.prop | grep 'cortana.scripts' > /tmp/.c
sed -i '/cortana.scripts/g' ~/.aggressor.prop
find /opt/cobaltstrike/cobaltstrike_community_kit -name "*.cna" >> /tmp/.c
echo '/opt/cobaltstrike/cobaltstrike_community_kit/CK.cna' >> /tmp/.c
#// ... SOME FIXES ... //#
sed -i 's+spawn+boku_spawn+g' \
/opt/cobaltstrike/cobaltstrike_community_kit/boku7/SPAWN/spawn.cna
cat /tmp/.c | tr '\n' '@' | sed 's+@+\\!\\!+g' | head -c -4 >> ~/.aggressor.prop
#// [<] WRITE_CONFIG ////////
}
BUILD_BOFS
BUILD_BOOK
GET_MYSKIN
ADD_CNAS
#// THE_END //#
printf "${RED_BOLD}\n\n\t...Finished...${PLAIN_BOLD}\n\tPlease reboot your cs.\n"
printf "\tBackup of .aggressor.prop => ${YELLOW_BOLD}$HOME/.aggressor.prop_bak ${PLAIN}\n"
printf '\t\t\t\t\t\t\t\t\t\t..best regards >XD..\n'
THE NOTE
This article is for informational purposes only. We do not encourage you to commit any hacking. Everything you do is your responsibility.
TOX : 340EF1DCEEC5B395B9B45963F945C00238ADDEAC87C117F64F46206911474C61981D96420B72 Telegram : @DevSecAS
You might also like
More from CobaltStrike
Active Directory: Reconnaissance via Cobalt Strike
With the advent of managed computing systems and the attack on information systems, the question suddenly arose with the operational …
Hide CobaltStrike PRO
Hide CobaltStrike PRO Hide Your CobaltStrike with CloudFlared Tunnel and Microsoft 100 Traffic% I finally see a new CobaltStrike audience here …
Cobalt-Strike Profiles for EDR-Evasion + SourcePoint is a C2 profile generator for Cobalt-Strike
Bypassing memory scanners The recent versions of Cobalt Strike have made it so easy for the operators to bypass memory scanners …