Search the Community

Cobalt Strike ------------- Welcome to Cobalt Strike 4.x. Here are a few things you'll want to know, right away: 1. Cobalt Strike 4.x is not compatible with Cobalt Strike 3.x. Stand up new infrastructure and migrate accesses to it. Do not update 3.x infrastructure to Cobalt Strike 4.x. 2. Do not move a cobaltstrike.auth file from Cobalt Strike 3.x to 4.x. The two file formats are not compatible. 3. Aggressor Scripts written for Cobalt Strike 3.x may require changes to work with Cobalt Strike 4.x. Please refer to this guide to update your scripts: [Hidden Content] March 17, 2021 - Cobalt Strike 4.3 ------------- + Fix NullPointerException starting profiler (missing resources). + Fix DNS Resolver appearing as null string for legacy listener definition. March 3, 2021 - Cobalt Strike 4.3 ------------- + Added support for dns-beacon Malleable C2 group. Added options for DNS Host Indicators: beacon,get_A,get_AAAA,get_TXT,put_metadata,put_output Malleable C2 Lint changes to support dns-beacon group. + Allow DNS Beacons to egress directly through a specified DNS Resolver, rather than using the default resolver from the target server. + Host Rotation Strategy for customizing host selection for DNS/HTTP/HTTPS beacons. + Allow HTTP/HTTPS configuration of blocked useragent (previously curl/lynx/wget). Added .http-config.block_useragents to Malleable C2. + Add support for responding to NS request from specific DNS resolvers. Added .dns-beacon.ns_response Malleable C2 option. + Add timestamp to beacon console messages. The timestamp option can be enabled/disabled in Preferences (Console tab). The timestamp format can be modified with aggressor script. See BEACON_CONSOLE_TIMESTAMP and SSH_CONSOLE_TIMESTAMP in default.cna. + Add a PowerShell IEX option in Scripted Web Delivery + Fixed sleep command after exit causing beacons not to exit. + Malleable C2 lint was incorrectly showing jitter data in staging preview. + Fixed invalid help link (attacks->packages->Windows Executable) + Setting sleep to 0 in Malleable C2 caused beacons to fail. Add C2 Lint range for sleep values. + Fix data_jitter issue not using any jitter when it was longer than limit (921600). Added minimum data_jitter (10) and performance warning for over 10000. Show data_jitter marker in C2 Lint preview data rather than actual jitter data. [Hidden Content] [hide][Hidden Content]]