CrossC2 framework v3.3 releases: generate CobaltStrike’s cross-platform payload

by do son · Published August 27, 2020 · Updated November 20, 2023

CrossC2 framework – Generator CobaltStrike’s cross-platform beacon

CrossC2 framework is a security framework for enterprises and Red Team personnel supports CobaltStrike’s penetration testing of other platforms (Linux / MacOS / …), supports custom modules, and includes some commonly used penetration modules.

Only for internal use by enterprises and organizations, this framework has a certain degree of instability. Non-professionals are not allowed to use it. Anyone shall not use it for illegal purposes and profitability. Besides that, publishing unauthorized modified version is also prohibited, or otherwise bear legal responsibilities.

Windows	Linux	MacOS	iOS	Android	Embedded
Run Env (x86)		√
Run Env (x64)	√	√	√
gen beacon (x86)		√			√
gen beacon (x64)		√	√
gen beacon (armv7)				⍻	√
gen beacon (arm64)				√	√
gen beacon (mips[el])						⍻

Feature

For a faster way, see cna introduction GO
Linux & MacOS supports no file landing, load and execute from memory dynamic library or executable file GO
Flexibly customize the data return type of the execution file, portscan, screenshot, keystrokes, credentials and other user-defined development to achieve more convenient implementation GO
Custom communication protocol GO
Android & iPhone support GO

Restricted description:

CobaltStrike: currently only supports the last version of cs 3.14(bug fixes).
Linux: For particularly old systems, you can choose the “Linux-GLIBC” option in cna (around 2010)
MacOS: Latest systems only support 64-bit programs
iOS: sandbox, restricted cmd
Embedded: only *nix
⍻ : Loader is still in progress

Changelog v3.3

Fix

Fixed the problem of returning an error in the task execution result when there are multiple User-agent in the profile post and metadata is in the header
Fix build errors for ESXI platforms