Closed who1smrrobot closed 2 years ago
djhohnstein
commented
2 years ago This is a mythic-ism. What you need to do is click that "add" once you've entered those fields in the first image you linked. Then you should see Host, Payload, and C2 Profile populate with data. When that's populated with data, you can submit the task.
djhohnstein
commented
2 years ago RE: "What is the intended approach for lateral movement via psexec/link," that's a loaded question. I will say though that the sc command can do everything you would need to do for psexec, such as creating and starting a new service.
who1smrrobot
commented
2 years ago Thx for the quick reply which brought some light on the field:
Unfortunately, I am stuck at this point:
Any idea on what is wrong?
djhohnstein
commented
2 years ago So to troubleshoot:
apollo_smb.bin? apollo_smb.bin?apollo_smb.bin created? (e.g., if you do something like ls \\.\pipe on DC50.STUDENT5.ECORP.LOCAL you should see the named pipe associated with that shellcode (the GUID beginning with "79m...")who1smrrobot
commented
2 years ago First of all, layer 8 problem as I overlooked that the sc command does exist, but is currently missing in the documentation part.
I fixed my lateral movement issue with the following command sc -DisplayName mrrobot -BinPath C:\LabSetup\service_wrapper.exe -ServiceName mrrobot -Computer dc50.student5.ecorp.local -Create + sc start mrrobot.
And I also fixed the link issue:
Goal: Mythic Server <---HTTP--> Callback (e.g. to my CLIENT50.student5.ecorp.local) <--- SMB ----> DC50.student5.ecorp.local
djhohnstein
commented
2 years ago sc documentation is now available in the documentation container via this PR: https://github.com/MythicAgents/Apollo/pull/86
When trying to laterally move via the link command, something seems to be broken (unless there is a layer 8 problem on my side):
What I've tried so far:
Questions: