Learn about our website mirrors here.
Cobalt Strike 4.0 download
by kindme - March 18, 2020 at 06:20 PM
#73
(March 22, 2020 at 07:34 PM)ambins Wrote: Actually without the artifact kit the entire tool is pretty useless because it will be detected.
You could probably reverse engineer, patch and modify the /sleeve resources with IDA, but this
is far from optimal and requires advanced+ reversing skills. All the beacon, post-ex modules
like mimikatz are useless and detectable without sources which are in the artifact kit.
Maybe anyone with VT access/original access can upload artifact180406.tgz?
It doesn't contain any license info, just source codes to compile with mingw.

Here is the resource kit, which contains the source code of the templates:

https://github.com/QAX-A-Team/CobaltStri...aster/Kits

it is unlikely that anyone will publish this, usually this resource is held only among "trusted" people and is not published in the public domain. And I can understand why this is happening.
ResourceKit and ExploitKit presented in this repository were created for version 3.1x and most likely you will have to fix it so that it works in 4.0
yes, without artifact kit, this tool will quickly become easily detected, so do not load it and the payload on vt, other scanners and analyzers, do not use it on systems with active antivirus (host), and do not upload to forums. where people do not know how to use this tool
Reply
#74
I have to correct you on this, both resource and artifact kits are from 2018, and are compatible between 3x and 4x:
https://www.youtube.com/watch?v=6mC21kviwG4
https://www.youtube.com/watch?v=ka7ICHxt9jU

Here are 2 demos of the author of CS, with kits from 2018 on CS4. They are not updated so frequently it seems.
resourcekit181227.tgz is in the github repo I posted above.
Reply
#75
Technically the people who provided licenses to crack the current cs4 should be able to use said licenses to download the entire arsenal scripts too...right?
Reply
#76
(March 22, 2020 at 08:39 PM)ambins Wrote: I have to correct you on this, both resource and artifact kits are from 2018, and are compatible between 3x and 4x:
https://www.youtube.com/watch?v=6mC21kviwG4
https://www.youtube.com/watch?v=ka7ICHxt9jU

Here are 2 demos of the author of CS, with kits from 2018 on CS4. They are not updated so frequently it seems.
resourcekit181227.tgz is in the github repo I posted above.

Yes you are right, I should have checked this before speaking. I remembered the changes in aggressor script and suggested that it would be necessary to fix the .cna file.
My fault.

(March 22, 2020 at 09:00 PM)RedSecCodeX Wrote: Technically the people who provided licenses to crack the current cs4 should be able to use said licenses to download the entire arsenal scripts too...right?

Yes you are right, but most likely they only share the .jar file
Reply
#77
No worries Smile
All those names for different pieces of the project are confusing indeed.
Agressor scripts do need some adjustments to work in 4.0.
There are many stupid names for various parts - Malleable kit, Agressor kit, Resource kit, Artifact kit, Elevate kit...
Reply
#78
Wait are the kits just glorified aggressor scripts? if so people should be able to make free alternatives shouldnt they?

How good of a substitute is this script for the artifact kit? Do they even serve the same purpose?

https://github.com/harleyQu1nn/Aggressor...erator.cna

If there arent any special elements to the arsenal scripts, im sure there are some talented people out there who could make scripts far better than the default arsenal scripts that serve the same purpose.
Reply
#79
RedSecCodeX Wrote:Wait are the kits just glorified aggressor scripts? if so people should be able to make free alternatives shouldnt they?

No, totally different part of the project.
The agressor scripts are executed of the teamserver, and it is like an automation tool for post-ex to quickly do some stuff.
Artifact kit is a small archive with source codes of all the binaries CS generates and patches on the fly.
When you don't have compiled custom binaries from the artifact kit in your /resources folder, it will use it's own precompiled
ones from the /sleeve folder (in the .jar) and hot-patch the PE with your settings. This will make all of the binaries pretty much
identical and useless without additional work, unlike when with artifact kit you could modify the sources as you wish.
Reply
#80
(March 22, 2020 at 09:02 PM)ZIzA_s78 Wrote: Yes you are right, but most likely they only share the .jar file

A valid license was used to get the Decrypting bytes

As you can read here : https://blog.gzsec.org/post/Patch-Cobalt-Strike-4.0/

至于这个正确的结果如何拿到,就得感谢有花钱购买以及分享出来的师傅了给予白嫖的机会了。
As for how to get the correct result, I have to thank the master who paid for it and shared it with him.

The *.jar file was already leaked around
Reply
#81
Send the PM link on Cobalt Strike 4.0 because I can't see the link, I need 8 points, thanks
Reply
#82
(March 22, 2020 at 09:32 PM)uCare Wrote:
(March 22, 2020 at 09:02 PM)ZIzA_s78 Wrote: Yes you are right, but most likely they only share the .jar file

A valid license was used to get the Decrypting bytes

As you can read here : https://blog.gzsec.org/post/Patch-Cobalt-Strike-4.0/

至于这个正确的结果如何拿到,就得感谢有花钱购买以及分享出来的师傅了给予白嫖的机会了。
As for how to get the correct result, I have to thank the master who paid for it and shared it with him.

The *.jar file was already leaked around

I meant that other parts (kit) are not published, only .jar
Reply
#83
how to use it in kali linux, an opening tip or program?
This forum account is currently banned. Ban Length: 2 Weeks (1w, 5d, 3h remaining).
Ban Reason: Mass Leeching
Reply
#84
(March 22, 2020 at 04:59 PM)ZIzA_s78 Wrote: So, it seems I have finished work on my small fix. I have not made any changes to the licensing mechanism, so this is only as reliable as the hook .jar
This fix is based on the release from ssooking, except that I updated it to the current version.
https://mega.nz/#F!mc9VBQba!KrXWLVmuWKQvaYuO81gnNg
It should work without problems, if you have errors let me know, I will try to fix it.
All the best.

[*]Will use existing X509 certificate and keystore (for SSL)
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Exception in thread "main" java.lang.UnsupportedClassVersionError: beacon/BeaconData has been compiled by a more recent version of the Java Runtime (class file version 57.0), this version of the Java Runtime only recognizes class file versions up to 55.0
        at java.base/java.lang.ClassLoader.defineClass1(Native Method)
        at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1016)
        at java.base/java.security.SecureClassLoader.defineClass(SecureClassLoader.java:174)
        at java.base/jdk.internal.loader.BuiltinClassLoader.defineClass(BuiltinClassLoader.java:800)
        at java.base/jdk.internal.loader.BuiltinClassLoader.findClassOnClassPathOrNull(BuiltinClassLoader.java:698)
        at java.base/jdk.internal.loader.BuiltinClassLoader.loadClassOrNull(BuiltinClassLoader.java:621)
        at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:579)
        at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:178)
        at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:521)
        at beacon.BeaconC2.<init>(Unknown Source)
        at beacon.BeaconSetup.<init>(Unknown Source)
        at server.Beacons.<init>(Unknown Source)
        at server.TeamServer.go(Unknown Source)
        at server.TeamServer.main(Unknown Source)

[*] Will use existing X509 certificate and keystore (for SSL)
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Exception in thread "main" java.lang.UnsupportedClassVersionError: beacon/BeaconData has been compiled by a more recent version of the Java Runtime (class file version 57.0), this version of the Java Runtime only recognizes class file versions up to 55.0
at java.base/java.lang.ClassLoader.defineClass1(Native Method)
at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1016)
at java.base/java.security.SecureClassLoader.defineClass(SecureClassLoader.java:174)
at java.base/jdk.internal.loader.BuiltinClassLoader.defineClass(BuiltinClassLoader.java:800)
at java.base/jdk.internal.loader.BuiltinClassLoader.findClassOnClassPathOrNull(BuiltinClassLoader.java:698)
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClassOrNull(BuiltinClassLoader.java:621)
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:579)
at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:178)
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:521)
at beacon.BeaconC2.<init>(Unknown Source)
at beacon.BeaconSetup.<init>(Unknown Source)
at server.Beacons.<init>(Unknown Source)
at server.TeamServer.go(Unknown Source)
at server.TeamServer.main(Unknown Source)

(March 22, 2020 at 04:59 PM)ZIzA_s78 Wrote: So, it seems I have finished work on my small fix. I have not made any changes to the licensing mechanism, so this is only as reliable as the hook .jar
This fix is based on the release from ssooking, except that I updated it to the current version.
https://mega.nz/#F!mc9VBQba!KrXWLVmuWKQvaYuO81gnNg
It should work without problems, if you have errors let me know, I will try to fix it.
All the best.

I am using jdk8, and after replacing the corresponding file according to your steps, the software reports an error and cannot be opened. It seems that the file you compiled can only be opened by jdk13. Can you recompile it compatible with jdk8
Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
Arsenal kit download (Cobalt Strike ) kindme 35 2,993 May 26, 2020 at 05:14 PM
Last Post: keeking
Need Cobalt Strike 4 for crack keklick1337 27 5,369 May 25, 2020 at 07:51 PM
Last Post: marioman333
Cobalt Strike 3.14 Cracked (by ssooking) thunderdog 65 10,822 May 25, 2020 at 05:54 AM
Last Post: marioman333

 Users browsing this thread: 1 Guest(s)