Koadic – C3 COM Command & Control – JScript RAT

Comments Off on Koadic – C3 COM Command & Control – JScript RAT

Koadic, or COM Command & Control, is a Windows post-exploitation rootkit similar to other penetration testing tools such as Meterpreter and Powershell Empire.

The major difference is that Koadic does most of its operations using Windows Script Host (a.k.a. JScript/VBScript), with compatibility in the core to support a default installation of Windows 2000 with no service packs (and potentially even versions of NT4) all the way through Windows 10.

It is possible to serve payloads completely in memory from stage 0 to beyond, as well as use cryptographically secure communications over SSL and TLS (depending on what the victim OS has enabled).

Currently the tool provide the following options:

  1. Hooks a zombie
  2. Elevates integrity (UAC Bypass)
  3. Dumps SAM/SECURITY hive for passwords
  4. Scans local network for open SMB
  5. Pivots to another machine

This tool will be mostly used by RedTeam to test security controls and if the BlueTeam will be able to detect , prevent or react to the attack.  The detection / protection should be placed on the endpoint and network level.

You can read more and download this tool over here: https://github.com/zerosum0x0/koadic

Related Articles

ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
Live Chat
RESOURCES
Get Started
TOOLBOX
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Google-plus Wordpress