PickleC2 : A Post-Exploitation And Lateral Movements Framework

PickleC2 is a simple C2 framework written in python3 used to help the community in Penetration Testers in their red teaming engagements.

PickleC2 has the ability to import your own PowerShell module for Post-Exploitation and Lateral Movement or automate the process.

Features

There is a one implant for the beta version which is powershell.

1. PickleC2 is fully encrypted communications, protecting the confidentiality and integrity of the C2 traffic even when communicating over HTTP.
2. PickleC2 can handle multiple listeners and implants with no issues
3. PickleC2 supports anyone who would like to add his own PowerShell Module

Future Features

In the up coming updates pickle will support:

1. Go Implant
2. Powershell-Less Implant that don’t use System.Management.Automation.dll.
3. Malleable C2 Profile will be supported.
4. HTTPS communications will be supported. NOTE: Even HTTP communications is fully encrypted.

Install

PickleC2 is a opensource can be found on Github. PickleC2 is only supported for linux for now and you can download it through https://github.com/xRET2pwn/PickleC2

Installation and Setup

PickleC2 is written in Python3 and developed and tested on Kali Linux.

Install PickleC2 On Linux

Picklec2 is can be found on Github.

git clone https://github.com/xRET2pwn/PickleC2.git

cd PickleC2

Install Python3 and pip3

sudo apt install python3 python3-pip

Install PickleC2 requirements

python3 -m pip install -r requirements.txt

Run PickleC2

./run.py

OR

python3 run.py

How To Use PickleC2

PickleC2 is so simple and easy to use and everything you need will be found in help option

How to help

The help command will show you everything you need and help can be used to show any option’s help through help <Option>

How to Listener

You can use help listener command to show all the listener commands.

Listeners is built on flask.

FLASK is a popular Python web framework, meaning it is a third-party Python library used for developing web applications.

Start Listener

You can start your listener through

listener start [Listener_Name] [Listener_Interface] [Listener_Port]

Stop Listener

You can stop your listener through

listener stop [Listener_Name]

List Listeners

You can list all the listeners through

listener list

Load Listener

You can use load listener if you have a not active listeners and you need to active them.

listener load

How to Implant

In this section you will be able to create your implant.

Generate Implant

You can generate implant through.

implant generate [listener_name] [Implant_Lang] [Implant_Name]

List Active Implant

You can list all the active implant through

implant list

How to Interact

After receiving the implant shell you can interact with it through

interact [Implant_Name]

After entering the interact section you can use help command to show the interact commands.

Execute Powershell

There is an option to execute a PowerShell Command through

powershell [Command]

Execute CMD

There is an option to execute a CMD command through

cmd [Command]

Invoke Module

There is an options to invoke a PowerShell script through

module [Module_Name]

Set Sleep

There is an option to set a delay time through

sleep [Secounds]

Exit Implant

There is an option to end the implant activity through

exit

PickleC2 Modules

PickleC2 supports to anyone who would like to add his own powershell script to invoke in his target through adding his powershell module in the modules folder and add his module in the database.

Add PowerShell Module

For anyone who would like to add his powershell module must follow the following steps:

• Run AddModule.py script.

• Add the powershell module in modules Folder.

Use Module

PickleC2 is so simple to use all you need to do to use a module is

• interact <Target_Name>

• module <Module_Name>