VolchockC2

VolchockC2 is a custom-built Command & Control (C2) framework, currently under active development. Designed for red team operations and adversary simulation, VolchokC2 focuses on flexibility, stealth, and efficient post-exploitation capabilities.

---

---

Installation

git clone https://github.com/ProcessusT/VolchockC2
cd VolchockC2

# for the teamserver :
python -m teamserver.main --config .\config\config.json

# for the client :
cd client
python client.py

---

Communication Protocol

Encryption/Decryption Process

• Encryption:
  string → xor → base64
• Decryption:
  base64 → xor → string

---

Communication Content Templates

Agent ➔ Server

{
    "agent_id": "<ID>",
    "hostname": "<HOSTNAME>",
    "username": "<USERNAME>",
    "process_name": "<PROCESS_NAME>",
    "results": "<RESULTS>"
}

Server ➔ Agent

{
    "task": {
        "<TYPE>": "<CONTENT>"
    }
}

Supported Task Types

• cmd: Execute the content value as a command using cmd.exe and return the result

{
    "task": {
        "cmd": "whoami"
    }
}

• download: Download a file from the target machine to the server.

{
    "task": {
        "download": "<remote_file_path>"
    }
}

• upload: Upload a file from the server to the target machine.

{
    "task": {
        "upload": "<local_file_path>"
    }
}

• exec-pe: In-memory execution of a local PE on the target machine.

{
    "task": {
        "exec-pe": {
            "filename": "<filename>",
            "content": "<b64_encoded_file>",
            "args": "<b64_encoded_args>"
        }
    }
}

---

Reflective Loading

The shellcode payload is based on a DLL with a reflective position-independant loader (aka Stephen Fewer sRDI) :

---

Implementation Roadmap

1. Core Listeners (Communication Channels)

• Implement HTTP listener
• Implement basic DNS listener [REMOVED]

2. Command & Control Operations

• Implement command execution queue
• Implement upload and download commands

3. Multi-Entity Support

• Implement multi-agent support (handle multiple victims/sessions simultaneously)
• Implement multi-user support:
  • The teamserver supports an administrative listening port
  • Develop a client application for operators to connect to the teamserver

4. Communication & Evasion Customization

• Implement a configuration/profile file for the teamserver to customize communication parameters
• Implement DLL agent
• Implement sRDI execution of shellcode agent
• Implement agent generation for specific listeners
• Implement basic obfuscation

5. Memory & Execution Techniques

• Implement in-memory PE (Portable Executable) execution for C/C++ payloads
• Implement in-memory PE execution for C# payloads
• Implement Beacon Object File (BOF) support

6. Graphical User Interface (GUI)

• Develop a ugly graphical user interface:
  • Logs view: teamserver logs
  • User view: user connections and activity
  • Agent view: list of connected agents with interaction to send commands
  • Try to make the GUI acceptable

7. Advanced features (It will probably never be implemented)

• Record all commands and output for each agents (sqlite db maybe ?)
• Make contributors rich and famous
• Stop all wars in the world

---

Teammates

A big thank to my bros for their support and help :

FrozenK
Waked XY
Anak0nda
X-n0