I always watch the videos, but I never comment, that type of video is gold! Please continue!
@ippsec2 жыл бұрын
Thanks for the comment!
@gokul61202 жыл бұрын
Absolutely... Conceptual.. 👍👍👍👍
@ns-yz1hj2 жыл бұрын
Awesome video! The way you explain things is interesting and easy to understand. It's sometimes hard to find content that talks about more advanced concepts. You can find a million videos and articles on "how to make a meterpreter backdoor" but your videos are in depth.
@TheBrowserPirates2 жыл бұрын
This is pure gold content, thanks for making these kind of videos
@wkppp47322 жыл бұрын
Back to back ippsec vid! Nice. Thanks for the vid ipp!
@jeffstanley29722 жыл бұрын
Cool video! I’ve been working with my company to try and implement C2 infrastructure using MQTT.
@rara42 жыл бұрын
Very interesting video, the quality never ceases to amaze me
@playmaker10112 жыл бұрын
Thanks a lot IppSec, awesome content!🔥🔥🔥
@Pernat1y2 жыл бұрын
I recently tried to patch binary files using Python, so the video is really useful. Thanks :)
@chai1162 жыл бұрын
2 problems with the decrypt function in the agent: should be modulo 256, otherwise both 0 and 0xff become 0. And it's currently impossible to encrypt the character Q because that will xor into a zero byte and stop the decrypt early. Maybe encode a length field at the start of the string so you know how far to decrypt? Or just decrypt the whole 2000 everytime?
@amieemaya94722 жыл бұрын
Liking without seeing the video first!!!
@emilsrbrden29872 жыл бұрын
Yes! Great job, looking forward to more
@surenavdalyan60362 жыл бұрын
Ippsec Rocks!!!!!!!!!!
@fowzmasood232 жыл бұрын
Bestttttttttt. Ippsec Rocks 👌👌👌🔥🔥🔥😍😍😍
@krisztiankovacs52212 жыл бұрын
Thanks for the video man! Hope you'll stick with the idea and make more reverse engineering/DIY low level coding! Much obliged!
@deansmith50072 жыл бұрын
Whoop whoop
@deansmith50072 жыл бұрын
1st comment
@oscare26762 жыл бұрын
A simpler way to loop through the config string in your xor function would be using a while loop, this way you can loop through the string until it hit the null terminator and doesn't require you to add the 0xFF byte and overcomplicate it. Also to add there is no need to modulus the XOR'd character as it is impossible for it to go over 0xFF. while( char c = *encString++) decString += ( c ^ key );
@ippsec2 жыл бұрын
Yeah the downside is the xor can create the null that you want. The snippet is mostly from another piece of code but I removed the multibyte key and detection. For this your method is probably better, and I want to say I chose this way purposely but in reality I was just pulling from some previous code of mine, then making it less dangerous
@cybersecurity35232 жыл бұрын
Good job bro
@varunkumar62232 жыл бұрын
char str[2000] is same as const std::string str(2000); at the core both are arrays
@maoropizzagalli41532 жыл бұрын
Great video series concept I love it ! I am a vim lover don't get me wrong but it would be way easier in codium or something
@hellsing09999999992 жыл бұрын
Heymen! I'm trying to learn to code but just wanted to let you know, your voice is really, REALLY similar to another youtuber called ChainBrain, a rocksmith streamer lol.
@zuiokopl22562 жыл бұрын
Whats happening in this video?
@xdgtwjk23_rtfd2 жыл бұрын
Would I be right if I think this is inspired from the recent C2 drama on Twitter?
@ippsec2 жыл бұрын
If you go through my tweets even before the drama, I've been pretty vocal over my dislike of the "pay for opsec" companies (ex: twitter.com/ippsec/status/1378521632814288904). This is trying to provide help to the people on the receiving end of that software.
@satanicdominion6662 жыл бұрын
this could be an interesting thing to turn into options rather than configs lol
@thev01d122 жыл бұрын
I tried googling for some resources to develop c2 but couldn't find anything, anyone have any resources to learn the fundamentals about these things so i could get started
@theseenandunseen2 жыл бұрын
Could you please reference the fork you mention at 2:48? Looks very familiar. Thanks.
@ippsec2 жыл бұрын
I was just saying the base webapp theme came from a SilentBreakSecurity course, by fork I meant its just my private copy that I continued playing with after the course. It was an extremely basic stage1, I redid the agent but haven't got a chance to redoing the website because I hate creating gui's/websites. If I remember correctly, I added the malleable config/file hosting and changed how module loading operates. The agent was a complete redesign to better evade AV/EDR.
@theseenandunseen2 жыл бұрын
@@ippsec I see. Well, I hate creating gui's as well. Thank you for your input. Keep up the great work
@stock992 жыл бұрын
can this be rewritten in different language such as python or js and achieving the similar result?
@BLACK10GHOST2 жыл бұрын
I just like this shit!
@N4dirCh2 жыл бұрын
Sunday Live Night
@devotee96062 жыл бұрын
does c2 means Command and control server?
@ippsec2 жыл бұрын
Yes
@mohameai59972 жыл бұрын
0 dislikes 👌
@alessandrodegregori45252 жыл бұрын
When I will take the OSCP exam, I will write "PleaseSubscribe" everywhere! and I will use as payload "echo \"Thank You for subscribing to ippsec channel and leave a comment\""