Shulou(Shulou.com)06/02 Report--

In this issue, the editor will bring you about how to analyze the .NET command line control framework Covenant designed for the red team. The article is rich in content and analyzes and describes it from a professional point of view. I hope you can get something after reading this article.

Covenant

Covenant is a .NET command and control framework designed to highlight the attack surface of .NET. With the help of Covenant, it makes it easier for researchers to take advantage of the attack surface of .NET, and it can also serve as a collaborative command and control platform for red team researchers.

Covenant is an ASP.NET core and a cross-platform application that includes a Web-based user interface and supports multi-user collaboration.

Function introduction

Compared with other command control frameworks, Covenant has the following very practical features:

1. Intuitive interface

2. Multi-platform support (Windows, macOS and Linux, Docker environment is supported)

3. Multi-user support

4. API driver

5. Listener configuration

6. Encryption key exchange

7. Dynamic compilation

8. Inline C# execution

9. Tracking identifier

10. C # development

Tool installation

First, clone the Covenant project code locally from the GitHub library and initialize the git sub-module:

Git clone-- recurse-submodules https://github.com/cobbr/Covenant option 1-Dotnet Core

The easiest way to use Covenant is by installing the Dotnet core. We can click [here] to download the corresponding Dotnet core for our platform.

After the installation is complete, we can use the Dotnet command line interface to build and run Covenant:

$~ > git clone-recurse-submodules https://github.com/cobbr/Covenant$ ~ > cd Covenant/Covenant$~/Covenant/Covenant > dotnet build$~/Covenant/Covenant > dotnet run option 2-Docker

Covenant can also run in the Docker environment, and we only recommend that users who are familiar with Docker use Covenant in the Docker environment.

First, build the Docker image:

$> git clone-- recurse-submodules https://github.com/cobbr/Covenant$ ~ > cd Covenant/Covenant$~/Covenant/Covenant > docker build-t covenant.

Next, run Covenant in the Docker container to make sure that "" has been replaced with our absolute path:

$~ / Covenant/Covenant > docker run-it-p 7443-p 80:80-p 443-- namecovenant-v: / app/Data covenant

Run the following command to terminate the operation of the container:

$~ / Covenant/Covenant > docker stop covenant

Restart the container by running the following command:

$/ Covenant/Covenant > docker start covenant-ai

If you need to remove all Covenant data and initialize the recovery, you can run the following command:

$/ Covenant/Covenant > docker rm covenant$~/Covenant/Covenant > docker run-it-p 7443-p 80:80-p 443-- namecovenant-v: / app/Data covenant--username AdminUser-- computername 0.0.0.0 user registration

After starting Covenant, we need to complete the initial user registration through the Web interface:

After successful registration, the user is created through the administrator user:

The above is how to parse the .NET command line control framework Covenant designed for the red team. If you happen to have similar doubts, please refer to the above analysis to understand. If you want to know more about it, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.