v3.3 - stable

Fix

• Fixed the problem of returning an error in the task execution result when there are multiple User-agent in the profile post and metadata is in the header
• Fix build errors for ESXI platforms

New

• Add new platform: ESXI-bind
• Add support for beacon’s plaintext public key #208

v3.2 - stable

Fix

• Fix when User-Agent is configured at the http header in the profile, causing multiple User-Agent errors when beacon initiates a request
• Fix the mimipenguin plugin was selected in multiple sessions at the same time
• Fix GLIBC compatibility issue of mimipenguin plugin
• Fix GLIBC compatibility issue of cc2_jobs plugin
• Fix GLIBC compatibility issue of auth_rootkit plugin
• Fix GLIBC compatibility issue of ssh_rootkit plugin
• Fix GLIBC compatibility issue of update_script plugin

New

• Add more stable Malleable C2 Profile automatic parsing
• Add new platform: ESXI
• Add new platform: MacOS M1
• Add optional configuration whether to perform upx compression

v3.1.2 - dev - Malleable C2 Profile

Fix

• Fix the data transmission error when the id of http-post in the c2profile is in the header position

Tips

• Add automatic parsing of Malleable C2 Profile, you can specify C2Profile to let genCrossC2 generate beacon

  genCrossC2 127.0.0.1 4444 cs_key ;config.ini;c2profile.profile@second-section Linux x64 ./beacon

  For more details, see the page of release v3.1.1

v3.1.1 - dev - Malleable C2 Profile

Tips 🎉

• Automatic parsing of Malleable C2 Profile is now supported!

Fix

• Fix the compatibility problem of python-import under Python2

New

• Add automatic parsing of Malleable C2 Profile, you can specify C2Profile to let genCrossC2 generate beacon

  genCrossC2 127.0.0.1 4444 cs_key ;;c2profile.profile Linux x64 ./beacon
  genCrossC2 127.0.0.1 4444 cs_key ;config.ini;c2profile.profile@second-section Linux x64 ./beacon
  
  In the console:
      genCrossC2 127.0.0.1 4444 cs_key ";;c2profile.profile" Linux x64 ./beacon
      genCrossC2 127.0.0.1 4444 cs_key \;\;c2profile.profile Linux x64 ./beacon
  

Change

• In the parameter position of rebind_dynamic_lib, the position of C2Profile is newly added, and the parameter separator of each configuration file is changed from : to ;

  rebind.so:config.ini -> rebind.so;config.ini

v3.1.0 - stable

Fix

• Fix python-import encountering ``` comment symbol parsing errors
• Fix the problem of architecture recognition and root permission recognition error when the session is x86 architecture
• Fix the problem that when the teamserver exits abnormally, the connecting beacon is abnormally disconnected
• Fix the problem of some CDN communication errors

Update 2021-07-13

• Fixed the generation error of specifying rebind_dynamic_lib as an absolute path when running genCrossC2.exe under Windows. (The issue will cause a bug in the automatic generation of beacons in GUI plugins).
• genCrossC2.Win-2022-07-13-bug-fix.zip: issue: #169

New

• genCrossC2 supports ini configuration parsing, can set the symbol parsing name of the communication library, as well as beacon background running, self-deletion, etc.
• Add hook functions of beacon in init (initialization) & retryConnect (reconnection) and other stages.
• Add file management interface to create directory function
• Add file management interface to delete files/directories
• Add process management interface to end process function
• Add session metadata - operating system modification function
• Add session metadata - intranet IP modification function
• Add session metadata - host name modification function
• Add unsetenv function to delete environment variables
• Add CrossC2 web delivery script modification function
• Memory execution scripts (bash/zsh/python) now support passing in external parameters

Change

• When MacOS goes online with a custom protocol, due to system version compatibility issues, the memory parsing and execution method is temporarily canceled, and the local loading method is used.
• Whether the beacon enters the background running mode will be configured by the user, which is convenient to use systemctl for persistence (background strategy is adopted by default).

Tips 🎉

• New configuration method, introducing the ini configuration file
  genCrossC2 127.0.0.1 5555 cs_key null:config.ini MacOS x64 a.out

v3.0.2 - dev

Fix

• Fix the error when genCrossC2 generates libbeacon with rebind library under Linux-64 #123
• Fix the error when genCrossC2 generates beacon with rebind library under Windows. (CrossC2 v3.0.0 ~ 3.0.1) #117

New

• Added Win & Linux & MacOS support for CS4.4 (Default CS<=4.4) #119

CS4.4:genCrossC2 127.0.0.1 4444 cs_key null Linux x64 ./a.out stager 4.4
CS4.0~4.3: genCrossC2 127.0.0.1 4444 cs_key null Linux x64 ./a.out

v3.0.1 - dev

fix

• Fix The DYLD_x environment variable under macos is not cleared, causing the child process started by libbeacon.dylib to repeatedly inject the beacon
• Fix bls data error

New

• Added bawait_upload & bawait_upload_raw functions to support function callback after successful file upload
• Added process injection under linux x64. In the ProcessList interface, right click to perform beacon injection to the specified process (tested on Ubuntu)
• Added support for automatic lateral movement using the sshpass scheme. In the Target interface, right-click the host or host list to perform automatic lateral movement.

Tips

• MacOS manually start the dynamic library libbeacon.dylib: DYLD_INSERT_LIBRARIES=./libbeacon.dylib java
• Linux manually start the dynamic library libbeacon.so: LD_PRELOAD=./libbeacon.so java

v3.0 - dev

fix

• File download speed increased

New

• MacOS & Linux support dynamic library beacon.
  LD_PRELOAD=./libbeacon.so java
• Dynamic library beacon supports entering the background to run.(export CC_BG=1)
  export CC_BG=1 && LD_PRELOAD=./libbeacon.so java

v2.2.5 - stable

Fix

• The online issue of the high version of Linux introduced by the v2.2.4 version
• A bug where memory execution may fail when passing in parameters
• Fix the bug that caused the crash when the network connection is abnormal, for example, the teamserver suddenly exits abnormally when the package is being sent, etc. #106
• The bug that the connect command does not specify a port when connecting to a child node will exit abnormally #95

Update 2021-09-23

• Fix the data error of the CrossC2 generator on the windows platform when rebinding the protocol library #117

New

• CDN server SNI support, now Cloudflare service can be used normally #87
• Linux 32&64 bits have supported procfs to obtain process information

Change

• When beacon is online, [config]: alive will not be displayed by default, and it can be turned on with export CC_DEBUG=1 #78

v2.2.4 - stable

fix

• Fix v2.2.3 beacon online issue #84 #85

New

• Support for obtaining process list information from procfs on Linux