Open D00Movenok opened 11 months ago
Added missed post-ex.transform-x64 and post-ex.transform-x86 (https://download.cobaltstrike.com/releasenotes.txt, Added support for transform.strrep to post-ex DLL Processing., CS4.9). Full documentation may be found here: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/malleable-c2-extend_controll-post-exploitation.htm.
post-ex.transform-x64
post-ex.transform-x86
Added support for transform.strrep to post-ex DLL Processing.
Before:
set bof_allocator "VirtualAlloc"; set bof_reuse_memory "true"; set steal_token_access_mask "0";
After:
process-inject { set bof_allocator "VirtualAlloc"; set bof_reuse_memory "true"; } set steal_token_access_mask "0";
__set bof_reuse_memory__
__process-inject.bof_reuse_memory__
Removed trailing newlines and whitespaces, code style unification, etc.
Additions
Added missed
post-ex.transform-x64andpost-ex.transform-x86(https://download.cobaltstrike.com/releasenotes.txt,Added support for transform.strrep to post-ex DLL Processing., CS4.9). Full documentation may be found here: https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/malleable-c2-extend_controll-post-exploitation.htm.Refactoring
Changed Malleable C2 option examples to make them easier to read:
Before:
After:
Changed names in bold function headers to make them easier to navigate:
Before:
After:
Minor refactoring
Removed trailing newlines and whitespaces, code style unification, etc.