猫头鹰
信安舆情早知道

Cobalt Strike v3.5.1 20161003 Cracked 无弹窗提示(远程执行修复)附使用教程(更新Cobalt Strike v3.6)

前言

Armitage是一款Java写的Metasploit图形界面的渗透测试软件,可以用它结合Metasploit已知的exploit来针对存在的漏洞自动化攻击。bt5、kali LINX下集成免费版本阿米蒂奇,Cobaltstrike是它的商业版本,乃们懂得,图形界面非常友好,一键傻瓜化使用MSF高级功能,自动渗透测试。而Cobalt Strike 3.0后的版本已经不再使用Metasploit框架而作为一个独立的平台使用。

%e5%9b%be%e7%89%871

%e5%9b%be%e7%89%872

更新内容

3 Oct 16   – Cobalt Strike 3.5.1
——–
This release implements measures to harden Cobalt Strike against malicious sessions.

  • Re-worked file download feature. Cobalt Strike continues to store downloaded files in the downloads/ folder, but this time with a random name and no sub-folders. The View -> Downloads and Sync Files user experience is restored to the behavior prior to 3.5-hf1 and 3.5-hf2. The logs/[date]/downloads.log file contains a manifest of downloaded files and maps known information about the file download to the random names in the downloads/ folder.
  • Team server now uses a safe path concatenation function that compares canonical paths of the parent and result concatenated path to make sure the result doesn’t break out of its parent.
  • Added host_stage = true/false option to Malleable C2. This options allows you to disable the public hosting of a payload stage over HTTP, HTTPS, and DNS.
  • Beacon controller now refuses to process most session responses if a session is new and has not had a task yet. Some responses are still allowed prior to tasking.
  • Beacon controller drops sessions whose session metadata didn’t validate.
  • Beacon’s upload command with path no longer checks for 1MB limit
  • Added 0.0.0.0 to team server’s list of hosts it won’t accept.

Cobalt Strike 20161003 官方同步更新.

顺便把Cobalt Strike 2.5 最后一个支持msf版本(有远程执行漏洞)

使用

参考:Cobalt strike3.0使用手册

下载链接&使用教程

https://eyun.baidu.com/s/3dEES1u5

此次更新下载非常困难.貌似Cobalt Strike 允许IP段访问更新了.

Cobalt Strike v3.6

Author:Evi1cg

运行截图

watermark

破解以后的使用天数:

watermark-1

使用3.6你将拥有更强大的姿势,比如:

watermark-2

下载地址

链接:https://pan.baidu.com/s/1pL8kMqn 密码: cjfx

 

【来自  Cobalt Strike 忠实粉  投递于MottoIn】

转载请注明来自MottoIN,未经允许不得转载!MottoIN » Cobalt Strike v3.5.1 20161003 Cracked 无弹窗提示(远程执行修复)附使用教程(更新Cobalt Strike v3.6)

分享到:更多 ()

评论 6

评论前必须登录!

 

  1. #1

    启动一直提示错误~!!!!

    hero3个月前 (10-26)
    • SecPaper

      Cobalt Strike说明:
      必须安装java环境。
      Linux系统上先搭建主服务端。
      cd /opt/cobaltstrike/ #程序路径
      chmod +x teamserver #给予权限
      ./teamserver vpsip pass & #vpsip=你的Linux服务器IP paas=设置你连接密码。

      SecPaper3个月前 (10-26)
  2. #2

    多谢分享,换了几个美加vps做代理都不能下,还好这里有最新版

    bzw2个月前 (11-06)
  3. #3

    请教一下,点击连接的时候,提示连接被拒绝,是什么情况?还有那个host 127.0.0.1 需要改吗?直接默认?

    ngling0145天前
    • SecPaper

      必须安装java环境。
      Linux系统上先搭建主服务端。
      cd /opt/cobaltstrike/ #程序路径
      chmod +x teamserver #给予权限
      ./teamserver vpsip pass & #vpsip=你的Linux服务器IP paas=设置你连接密码。

      SecPaper2天前

MottoIN 换一个角度看安全

寻求报道联系我们