A C2 post-exploitation framework
proxy
command for pivotinginfo
and info++
commands display if the agent is using a proxyrun
command that cause the &
option to not workalan.log
evidences
folderinfo
commandVanilla
package type for agent creation. This allows a better integration of custom packer.run
was extended to support the execution of JavaScript files.info++
command now shows the Volume label and the FS type.run
commandkill
commandexec
commandinject
message since it can be achieved with the run
command in backgroundupload
and download
commandsinfo
commandshell
command to execute a single commandAlan.v5.0.509.20.zip SHA1: 6E4E0BE42A8DD630B2588A1B25AAEDDF9B51B4C7
inject
command. This command allows the operator to inject code into a remote processsleep
command performed in short sleep of 400 msec each.sleep
listeners
since superfluousinfo
command with more informationSHA1: FB46E2BCFF881FEDAD910E979E7902008AD0C200
quit
command to exit
migrate
commandps
command to list the currently running processesdownload
command to locally download a file or an entire directoryupload
command to upload files to the compromised hostSuccessRequest
as HTTP server response option to customize the http/s listener responseErrorRequest
to customize the http/s listener response for bad requestsprepend
and append
as HTTP server request option to specify in the agent profSHA-1 | File |
---|---|
5A4DAD2956EEFA822F4B5163A16BA60B308DCB1E | Alan.v2.0.500.23.zip |
SHA-1 | File |
---|---|
7636C1E9B093C79E78C20D55A71FDF87A82BED12 | Alan1.0.zip |