Skip to content

Setting up a Listener

Jump to bottom Edit New page
Lee Baird edited this page Mar 21, 2021 · 4 revisions

Each user must spin up their own C2 instance. This is done by using the listen argument when calling shad0w.

shad0w listen --help
usage: shad0w listen [-h] [-a ADDRESS] [-p PORT] [-k KEY] [-c CERT] [-m MIRROR] [-d] [-e ENDPOINT]

optional arguments:
  -h, --help            show this help message and exit
  -a ADDRESS, --address ADDRESS
                        Address shad0w will listen on (default will be 0.0.0.0)
  -p PORT, --port PORT  Port the C2 will bind to (default is 443)
  -k KEY, --key KEY     Private key for the HTTPS server
  -c CERT, --cert CERT  Certificate for the HTTPS server
  -m MIRROR, --mirror MIRROR
                        Website to mirror for if a client connects to the C2 via a web browser
  -d, --debug           Start debug mode
  -e ENDPOINT, --endpoint ENDPOINT
                        The endpoint shad0w modules will callback to

Address

Use the -a flag to set the IP address that the C2 will listen on.

Port

Use the -p flag to set the port that the C2 will listen on.

Key

Use the -k flag to set the private key for the HTTPS server.
Generate new defaults by running make in the certs directory.

Certificate

Use the -c flag to set the certificate for the HTTPS server.
Generate new defaults by running make in the certs directory.

Mirror

The C2 provides the ability to live proxy a website. If connected to by a web browser, the C2 will proxy all content to and from the website its mirroring. This option is set with the -m flag.

Debug Mode

Use the -d flag to turn on debug mode.

Endpoint

Use the -e flag to set the IP address where the beacon will callback.
This can either be a redirector or the C2 depending on your tradecraft and should be the same IP address you used for -H when creating a beacon.

Example

It takes about 10 seconds to compile fresh payloads for use with stagers and exploits.

shad0w listen -e 192.168.0.20

███████╗██╗  ██╗ █████╗ ██████╗  ██████╗ ██╗    ██╗
██╔════╝██║  ██║██╔══██╗██╔══██╗██╔═████╗██║    ██║
███████╗███████║███████║██║  ██║██║██╔██║██║ █╗ ██║
╚════██║██╔══██║██╔══██║██║  ██║████╔╝██║██║███╗██║
███████║██║  ██║██║  ██║██████╔╝╚██████╔╝╚███╔███╔╝
╚══════╝╚═╝  ╚═╝╚═╝  ╚═╝╚═════╝  ╚═════╝  ╚══╝╚══╝

[i] Starting HTTPS server (0.0.0.0:443)
shad0w ≫

No Active Beacon
Add a custom footer
Add a custom sidebar
Clone this wiki locally