This adds two new headers to the responses from the CC Server back to the browser driving the interaction (i.e., the browser being used by a security engineer doing testing). X-CC-Bot-Name is set to the string identifier for the bot provided by the user. X-CC-Bot-Id is set to the UUID for the individual implant. This allows logging software on the user-agent or an intermediate proxy (i.e., Burp, mitmproxy) to associate the request/response pair with a particular implant. This may be useful for teams that want to automatically log traffic going through CursedChrome.
If the environment variable ADD_METADATA_HEADERS is set to 0, this feature is disabled. For most use cases, it will be a functional no-op even if added. (Responses are already often modified, so no client should have the expectation that it is a perfect replication of the response.)
This adds two new headers to the responses from the CC Server back to the browser driving the interaction (i.e., the browser being used by a security engineer doing testing).
X-CC-Bot-Nameis set to the string identifier for the bot provided by the user.X-CC-Bot-Idis set to the UUID for the individual implant. This allows logging software on the user-agent or an intermediate proxy (i.e., Burp, mitmproxy) to associate the request/response pair with a particular implant. This may be useful for teams that want to automatically log traffic going through CursedChrome.If the environment variable
ADD_METADATA_HEADERSis set to0, this feature is disabled. For most use cases, it will be a functional no-op even if added. (Responses are already often modified, so no client should have the expectation that it is a perfect replication of the response.)