CobaltStrike3.13 破解版

发表于 2019年05月31日
安全工具

目录表

破解记录

关键文件位置

aggressor/dialogs/ListenerDialog.class
common/ArtifactUtils.class
common/License.class
server/ProfileEdits.class
resources/xor.bin
resources/xor64.bin
common.ListenerConfig
resources/template.x64.ps1、resources/template.x86.ps1

aggressor/dialogs/ListenerDialog.class

common/ArtifactUtils.class

common/License.class

server/ProfileEdits.class

resources/xor.bin

resources/xor64.bin

common.ListenerConfig

resources/template.x64.ps1、resources/template.x86.ps1

License

两种破解思路

（1）直接改试用时间

private static long life = 99999L;

1	private static long life = 99999L;

（2）修改isTrail的判断逻辑

把这里的true改为false

public static boolean isTrial()
  {
    return true;
  }

public static boolean isTrial()

{

return true;

}

把这两个函数中的内容删掉，启动时可以不显示试用信息

public static void checkLicenseGUI(Authorization auth)
public static void checkLicenseConsole(Authorization auth)

1 2	public static void checkLicenseGUI(Authorization auth) public static void checkLicenseConsole(Authorization auth)

去除listener个数限制

去掉这段，去除只能添加一个listener的限制

 else if ((Listener.isEgressBeacon(payload)) && (DataUtils.isBeaconDefined(this.datal)) && (!name.equals(DataUtils.getEgressBeaconListener(this.datal))))
    {
      DialogUtils.showError("You may only define one egress Beacon per team server.\nThere are a few things I need to sort before you can\nput multiple Beacon HTTP/DNS listeners on one server.\nSpin up a new team server and add your listener there.");
    }

else if ((Listener.isEgressBeacon(payload)) && (DataUtils.isBeaconDefined(this.datal)) && (!name.equals(DataUtils.getEgressBeaconListener(this.datal))))

{

DialogUtils.showError("You may only define one egress Beacon per team server.\nThere are a few things I need to sort before you can\nput multiple Beacon HTTP/DNS listeners on one server.\nSpin up a new team server and add your listener there.");

}

后门特征指纹

存在后门特征指纹的几个地方

common/ArtifactUtils.class

packer.addString("X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*");

1	packer.addString("X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*");

server/ProfileEdits.class

c2profile.addCommand(".http-get.server", "!header", "X-Malware: X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*");
c2profile.addCommand(".http-post.server", "!header", "X-Malware: X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*");
c2profile.addCommand(".http-stager.server", "!header", "X-Malware: X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*");
c2profile.addCommand(".stage.transform-x86", "append", "X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*");
c2profile.addCommand(".stage.transform-x64", "append", "X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*");

c2profile.addCommand(".http-get.server", "!header", "X-Malware: X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*");

c2profile.addCommand(".http-post.server", "!header", "X-Malware: X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*");

c2profile.addCommand(".http-stager.server", "!header", "X-Malware: X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*");

c2profile.addCommand(".stage.transform-x86", "append", "X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*");

c2profile.addCommand(".stage.transform-x64", "append", "X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*");

common.ListenerConfig

-  result.append("5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*\u0000");+  result.append("123\u0000");

1	- result.append("5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*\u0000");+ result.append("123\u0000");

resources/template.x64.ps1、resources/template.x86.ps1

 $eicar = 'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*'+  $eicar = ''

1	$eicar = 'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*'+ $eicar = ''

common.ArtifactUtils

已经修改了License.isTrial()返回值为false，所以改不改也没什么影响

清除cobaltstrike缓存

rm -rf logs data cobaltstrike.store

1	rm -rf logs data cobaltstrike.store

CobaltStrike3.13 破解版下载

链接: https://pan.baidu.com/s/14e0tpVPzUhiAhYU2_jvBag 提取码: d9uf

MacOS客户端：

链接: https://pan.baidu.com/s/1h8KwLQ58I-P58tdbz7z3QA 提取码: 8sae

标签：cobaltstrike , 破解原文连接：CobaltStrike3.13 破解版 所有媒体，可在保留署名、原文连接的情况下转载，若非则不得使用我方内容。

一个免杀的PHP一句话木马 YGBOOK v6.14破解版,全自动小说采集程序