RevC2 : Websocket Setup Secure Testing Guide

This Python script emulates the websocket server side of RevC2 by sending the type you select and rendering the response. Please make sure you are running RevC2 in a Sandbox VM.

Usage

Use the following steps to use the websocket server side of RevC2

Edit the hosts file located at C:\Windows\System32\drivers\etc by adding the below line so the malicious traffic will be redirected to localhost.

127.0.0.1 nopsec.org

Download the files from this repository and unzip the file bajo.zip with password infected
Execute the following commands:

$ python -m pip install -r requirements.txt
$ python final_websocket.py
$ regsvr32 bajo.ocx

4. Select the type you need to execute

1. RCE
2. Take ScreenShot
3. Steal Password
4. Steal Cookies
5. Create Process as different user
6. Proxy Traffic

NOTE: For type 6 need to execute 2 more python scripts mentioned below which act as sender and listener socket to proxy traffic

$ python sender_socket.py
$ python listener_socket.py

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.