-
-
Notifications
You must be signed in to change notification settings - Fork 250
C2 Relay
Jing Mi edited this page Jan 13, 2024
·
5 revisions
This feature works like "teamserver" that can be found in other C2 frameworks, but very limitted.
- Both server and client are required to be online when agent tries connection (this will be addressed in the future)
- Only one single client is allowed
- Due to the nature of SSH protocol, currently it only works when C2 service is on TCP ports
Prepare a public facing server, install emp3r0r on it, and simply start it (type emp3r0r) to initialize certs and configuration.
Once it's configured, run emp3r0r -relay_server 12345 to start SSH relay on port 12345 (or other ports).
Install emp3r0r, copy ~/.emp3r0r from server to local machine, then emp3r0r -connect_relay server_addr:12345 -relayed_port 54321, 54321 is the port of C2 service or any TCP ports that can forward traffic to emp3r0r C2 service (such as Shadowsocks port).
And wait for the agent to come online.