HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

RAT convoC2 - C2 Microsoft Teams

dEEpEst

dEEpEst

☣☣ In The Depths ☣☣
Staff member
Administrator
Super Moderator
Hacker
Specter
Crawler
Shadow
Joined
Mar 29, 2018
Messages
13,860
Solutions
4
Reputation
27
Reaction score
45,546
Points
1,813
Credits
55,340
‎7 Years of Service‎
 
56%

About​

C2 infrastructure that allows Red Teamers to execute system commands on compromised hosts through Microsoft Teams

Introduction​

Command and Control infrastructure that allows Red Teamers to execute system commands on compromised hosts through Microsoft Teams.
It infiltrates data into hidden span tags in Microsoft Teams messages and exfiltrates command outputs in Adaptive Cards image URLs, triggering out-of-bound requests to a C2 server.
The lack of direct communication between the victim and the attacker, combined with the fact that the victim only sends http requests to Microsoft servers and antiviruses don't look into MS Teams log files, makes detection more difficult.

382924882-ea65daad-9274-4574-835b-107f468a1d6e.png

DOWNLOAD​

 
You must log in or register to reply here.
Back
Top