Handler Management
Handlers (or listeners) are managed via the Handlers
menu. Each handler type can be accessed via each corresponding tab.
Click on the +
button to add a handler of the selected type.
HTTP
The HTTP handler is an egress handler, and has 5 options:
Name
A unique name to identiy the handler.
C2 Profile
The C2 profile to apply to the handler. See the C2 Profiles page for more information.
Bind Port
The port to bind to on the Team Server. Useful if you want to bind to an odd port and redirect traffic using a redirector.
Connect Address
The IP address or domain name that the implant will attempt to talk to.
Connect Port
The port on which the implant will attempt to talk to.
HTTPS
The HTTPS handler is an egress handler, and has 2 additional options:
PFX Certificate
A certificate in PKCS #12 format. If no certificate is provided, a self-signed certificate will be generated.
PFX Password
If the PFX was generated with a password.
Note
The current configuration is such that an HTTPS Drone will automatically accept any untrusted SSL certificate.
SMB
The SMB handler is a P2P handler, and has 2 options:
Name
A unique name to identiy the handler.
Pipe Name
The named pipe name that will be bound on the endpoint.
TCP
The TCP handler is a P2P handler, and has 3 options:
Name
A unique name to identiy the handler.
Bind Port
The port to bind to.
Localhost
Bind to the localhost only (
127.0.0.1
) or all interfaces (0.0.0.0
).
EXTERNAL
The External handler is an egress handler, and has 2 options:
Name
A unique name to identiy the handler.
Bind Port
The Team Server will bind to this port and wait for a connection from a 3rd party controller.
See the External C2 page for more information on leverage this handler.