Client Interactive Terminal

Interactive Terminal

  • The interactive terminal is a way for operators to conduct terminal commands and have them timestamped, processed, and logged by the C2
  • The terminal runs on the same machine as the C2 client application
  • On Windows, it starts PowerShell. On Linux, it starts bash
  • operators can create as many terminal windows as needed, which can be useful when multiple terminals are required for relay attacks
  • while data is replicated across all clients allowing for other operators to see proxied commands and tools easily. Users cannot send commands to other users' terminals
  • this allows for things like proxied commands to be logged by the C2 when combined with the reverse port forwards or socks. It allows for more detailed logging of those commands, such as proxychains of impacket for example.
  • The terminal is persistent and interactive. So commands can reference variables or exported items such as exported TGTs