16 Jul 14 – Cobalt Strike 2.0.49
+ Fixed SE PDF report generation bug when masked emails collided
– Command Shell experience on Windows Meterpreter is much better now
– Java Meterpreter may now interact with a bash shell
! Removed [host] -> Meterpreter -> Access -> Migrate Now! menu item
– Ctrl+Escape temporarily drops the timeout times for Meterpreter
commands to 5s, across the board. If a Meterpreter session appears
unresponsive, try this to force any hung commands to timeout
+ Listener dialog now complains if user leaves host field blank
+ Added ‘veil’ option to Payload Generator. Outputs shellcode in a
format suitable for use with Veil [as custom shellcode].
+ Added Malleable C&C – a domain specific language to re-define
indicators in Beacon. Now you can make Beacon look like whatever
you need for your mission needs. *pHEAR*
+ Add windows/beacon_https/reverse_https which is an HTTPS Beacon.
+ Added [host] -> Meterpreter -> Access -> Bypass UAC. Launches the
bypassuac_inject module w/ an Artifact Kit-made DLL for AV evasion
+ Fixed unicode issue with Website Clone Tool
– Cobalt Strike now warns when a team server is non-responsive by
making its server button purple. When the server is responsive again,
the button will turn back to its normal color. This requires that
you’re connected to multiple team servers.
+ Added kill and ps commands to Beacon
+ Listener dialog now complains if user tries to use multiple hosts in
+ Added kerberos_ticket_use and kerberos_ticket_purge commands to Beacon.
These commands allow you to inject a Kerberos ticket into the session
and purge it. Use with a Golden Ticket generated by Mimikatz 2.0.
+ Beacon’s inject, spawn, and bypassuac commands pop up a listener dialog
if no listener is specified.
– Windows EXE launcher for Cobalt Strike now finds 64-bit Java.