3lpsy
commented
4 years ago There are quite a few ways to accomplish this. The easiest would be to 1) create an SMB grunt, 2) upload the SMB grunt to the system without internet via something like upload \\TARGET_NO_INTERNET\C$\Temp\SmbGrunt.exe, 3) Execute the Grunt via winrm/powershell remoting, psexec, dcom, wmi, etc. 4) Connect to the SMB grunt using the Connect command. This approach makes a lot of assumptions. There's quite a few ways to make this better and this is assuming you don't mind writing to disk.
An alternative would be to setup port forwarding on the system that has internet access (and assuming you have a grunt there), and forward the traffic to the Covenant server. You'd then need to create a listener with a connect address that forwards to the internal system that i doing the forwarding. If you've never done something like this before, it will be pretty confusing.
There are other options two but these are the two most straight forward ones. I'm sure other people have other suggestions.
b4b857f6ee
Feature Request or Bug Bug
Describe the feature request or bug This is more a question :). I'm looking for proxychain the Covenant payload. It is possible with covenant to chain like daisychain a payload to another computer without internet access. I have seen one ticket about SMB, but i can't find this information in the documentation.
To Reproduce Steps to reproduce the behavior:
Expected behavior Create a proxy on the 1 implat to redirect other implant who didn't have internet access.
Screenshots
Covenant Server Information:
Browser Information:
Target Information (System that implant is running on):
Additional context