REDMED-X
d384e0893c
Update README.md
|
před 2 roky | |
|---|---|---|
| .. | ||
| README.md | před 2 roky | |
| addlocalcert.c | před 2 roky | |
| addlocalcert.cna | před 2 roky | |
| addlocalcert.h | před 2 roky | |
| addlocalcert.o | před 2 roky | |
| beacon.h | před 2 roky | |
| bofcompile.bat | před 2 roky | |
README.md
AddLocalCert
Add a (self signed) certificate to a specific local computer certificate store. For example, add a self signed certificate -that you also used to sign your malicious binary with- to the \"Trusted Root Certification Authorities\" (ROOT) folder on the target local computer.
All the properties are filled in based on the metadata in the certificate except the \"Friendly Name\" property. This property needs to be set manually as an argument. Furthermore, there is no need to upload the .cer file first to the target system. You can just specifiy the path on your own attacker system to the .cer file that you want to add to the target computer store.
Arguments
<path to certificate file>: the path on your own attacker system to thecertificate.cerfile.<store name>: the certificate store name (likeROOT) to import the certificate into.<friendly name>: the name that is set in theFriendly Nameproperty
Usage
addlocalcert <path to certificate.cer file> <store name> \"<friendly name>\"
Example
addlocalcert C:\Users\operator\Documents\examplecert.cer ROOT "Microsoft Root Certificate Authority 2010"
Compile
- 1. Make sure Visual Studio is installed and supports C/C++.
- 2. Open the
x64 Native Tools Command Prompt for VS <2019/2022>terminal. - 3. Run the
bofcompile.batscript to compile the object file. - 4. In Cobalt strike, use the script manager to load the .cna script to import the tool.