Core Impact in 20 Minutes | Setting Up Listeners

Within Core Impact, users can utilize the tool to set up listeners and launch agents into their workspaces without having to leverage exploits. Watch this quick training video to learn how. 

 

 

Setting up listeners within Core Impact allow you to utilize systems or services running from the outside that you can try to leverage to deploy agents to your end test points.

If you go to your modules tab, you can search for “Listener” to see what is available. You can also set up listeners by utilizing some installing agent modules.

Core Impact Listener Module Search Screen

Installing Agent on Linux

In this example, we’ll look at a Linux machine because we have one pre-discovered with an IP, but don’t have an exploit for the system. We do have a non-privileged login prompt so we’ll use the “Install Agent using unix-portshell” module.

Core Impact Install Agent Module Screen

You’ll see down in the description, we’ve got a command string we can out on the Linux endpoint that will give us some additional capabilities. You can simply copy the script and paste it into the user screen. Now we’ve actually fired up something listening on the local host. This will give you something to attach to on the backend. 

Core Impact Install Agent Command Script Screen

Now that we’ve established what we want on the backend, we can drag the exploit to the machine in Core Impact. When you launch the module, it will try to establish a connection with the endpoint and use it to deliver our payload to get it running up in memory. It should give you a way to deploy an agent on the machine. From here you can try to pivot within the network by setting the agent as the source to see what else you can get access to.

Installing Agent Over SSH

Since we have the Linux box we’re using we can also try to install an agent over ssh. It will require that you have some credentials discovered already. You’ll want to select your identity to target and run the module. You can keep an eye on the module log to see what is happening in the background within Core Impact.

Core Impact Install Agent ssh Screen

You can follow this same methodology across multiple different areas to set up listeners through the various systems and services you might find in your environment.