About the Project
For the first time Arch Cloud Labs will be posting a video tutorial on how to get started with PoshC2 in a Linux environment. This video assumes some prior experience with Linux/offensive tooling frameworks, and provides just enough information to get you up and running with PoshC2. For those interested in what the exact configurations used in the video were, please checkout the snippets below.
Check out the video here.
Below is the PoshC2 configuration used in the video.
# These options are loaded into the database on first run, changing them after # that must be done through commands (such as set-defaultbeacon), or by # creating a new project # Server Config BindIP: '127.0.0.1' BindPort: 443 PoshInstallDirectory: "/opt/PoshC2/" PoshProjectDirectory: "/opt/PoshC2_Project/" # Database Config DatabaseType: SQLite # or Postgres PostgresConnectionString: "dbname='poshc3_project_x' port='5432' user='admin' host='192.168.111.111' password='XXXXXXX'" # Only used if Postgres in use # Payload Comms PayloadCommsHost: "https://www.dllcooljay.xyz" PayloadCommsPort: 443 DomainFrontHeader: "" # example df.azureedge.net Referrer: "" # optional ServerHeader: "Apache" # UserAgent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36" UserAgent: "Debian APT-HTTP/1.3 (1.6.6)" DefaultSleep: "5s" Jitter: 0.20 KillDate: "06/07/2020" # dd/MM/yyyy UrlConfig: "urls" # Beacon URLs will be taken from resources/urls.txt if value is 'urls'. If value is 'wordlists' beacon URLs will be randomly generated on server creation from resources/wordlist.txt # Payload Options DefaultMigrationProcess: "C:\\Windows\\system32\\netsh.exe" # Used in the PoshXX_migrate.exe payloads # Notifications Options Sounds: "No" NotificationsProjectName: "PoshC2" EnableNotifications: "No" # Pushover - https://pushover.net/ Pushover_APIToken: "" Pushover_APIUser: "" # SOCKS Proxying Options SocksHost: "http://127.0.0.1:49031"