Exploit Pack - Documentation
  • Exploit Pack
    • Installation guide
    • License Activation
    • First steps
    • Running the network mapper
    • AutoPwn
    • UTF-8 Locator
    • Notepad
    • Reverse shell - One-liners
    • Hex Editor
    • GDB Connector
    • Log your actions
    • Exploits customization
    • Add a Proxy to Exploit Pack
    • Using Reverse Shells
    • XSS Agent - Tunnel
    • Advanced DLL Injections
    • VBS/PS Agent - Remote Access
    • VBS Agent Wizard
    • Exploit Development I
    • Exploit Development II
    • Exploit Development III
  • Control Pack
    • Installation guide
    • License Activation
    • First Steps: Configure Control Pack
    • Launch your first agent
    • Control Pack agent's code
    • Agent connection
    • Java Agent
    • Browser Agent
    • VBS Agent
    • .NET Profiler DLL Agent
    • How to use the DLL + UnHooker Agent
    • .NET shell
    • Python Shell
  • Kernel Pack
Powered by GitBook
On this page
  • The commands
  • Privilege escalation

Was this helpful?

  1. Control Pack

Agent connection

Interact with an agent using Control Pack

PreviousControl Pack agent's codeNextJava Agent

Last updated 11 months ago

Was this helpful?

Once CP receives an agent connection, you will hear an audible alarm, and under the remote shells, the new connection can be seen.

To identify the agents a unique ID is created, this way you can use the autoexec function to prepare commands to be run for all new agents or one in specific. This functionality is particularly useful during APT-simulated attacks.

The commands

Each agent has a different function, but with most of them, you can interact using a shell, take a screenshot, upload and download files from the target, and run a basic information-gathering script from the agent itself.

Using the Remote Terminal, shell interaction with the selected agent is possible, or by typing the command "Help" you can discover special commands available for that agent.

On top of the Remote Terminal, per agent, a set of basic commands, as icons, is available. The description of each command is self-explanatory.

Privilege escalation

We have made available a set of privesc scripts for these agents, in AVs and EDR environments you have to be completely sure of what you are about to run to remain under the radar. These scripts might trigger one or more detection rules.

The features available for CP Agents among others are:

- File upload/download

-Information gathering

- Remote shell

- Screenshot capture

-Webcam capture

- Keylogger

The operating systems supported by CP agents:

-Java (Multi)

- Net (Windows)

- DLL (Windows)

- Browser (Multi)

- Python (Multi)

-And more.

Here is an example of features available to different agents. In the first, a browser shell, commands such as keylogger, plugins, and sessions become available. In the second, a .Net shell, we can make use of commands like grab info, screenshot, webcam, etc.

Discover client-side software and version information that your target uses to identify potential known vulnerabilities. Make use of Control Pack agents to log keystrokes, take screenshots, download files, and execute other payloads.