-
-
Notifications
You must be signed in to change notification settings - Fork 250
C2 Relay
jm33-m0 edited this page Oct 22, 2024
·
5 revisions
This feature functions similarly to the "teamserver" found in other C2 frameworks, though with some limitations.
- A single client can create only one SSH port forwarding session.
- Due to the nature of the SSH protocol, this feature only works when the C2 service is running on TCP ports.
- Prepare a Public Server: Set up a server with public-facing access.
-
Install emp3r0r: Install emp3r0r on the server and initialize the configuration by running:
This will generate certificates and complete the necessary setup.
emp3r0r
-
Start SSH Relay: Once configuration is complete, start the SSH relay service on a desired port (e.g., 12345) using:
emp3r0r -relay_server 12345
- Install emp3r0r: Install emp3r0r on the client machine.
-
Copy Configuration Files: Copy the
~/.emp3r0r
directory from the server to the local machine. -
Connect to Relay Server: Use the following command to connect to the relay server and forward traffic to the C2 service:
Here,
emp3r0r -connect_relay server_addr:12345 -relayed_port 54321
54321
refers to the C2 service port or any other TCP port that forwards traffic to the emp3r0r C2 service (e.g., the Shadowsocks port). - Wait for the Agent: Once connected, wait for the agent to come online.