In this series of posts, I will create a Beacon Object File (BOF) that works with Havoc C2. I will start by implementing simple functionality and gradually increase the level of complexity.

If this is the first time you are learning about BOFs, I recommend that you read my posts, Enhancing C2 agent via Beacon Object Files (BOF) and Creating a simple beacon object file for Havoc C2 for a quick introduction to BOF and BOF development.

Follow my journey of 100 Days of Red Team on WhatsApp, Telegram or Discord.

In this part, I will clean up the message-box BOF structure and create a message-box module in Havoc C2 that will combine all of message-box* commands developed previously.

In Havoc C2, a module can be created by using the RegisterModule() function.

RegisterModule("<name of the module>", "<description of the module", "<behaviour>", "<usage>", "<example>", "<options>"  )

This is followed by a set of calls to RegisterCommand() function that will add commands within this module.

To create the message-box module, I replace lines pertaining to RegisterCommand() in message-box.py with following:

The above snippet, registers a module in Havoc C2 named message-box which supports two commands msg and file. The msg command is mapped to message-box3 BOF which takes in two arguments, static and custom. The static argument displays the hard-coded message in a message box whereas the custom argument displays a custom message in a message box. The file command is mapped to message-box4 BOF which takes in two arguments, remote and local. The remote argument retrieves the message from a file stored on the target machine and displays it in a message box whereas the local argument retrieves the message from a file stored on the attacker’s machine and displays it in a message box.

To clean up the structure, I removed function definitions pertaining to message-box and message-box2 BOFs. The mapping to these BOFs is no longer required as their combined functionality has been implemented in the message-box3 BOF. Full code for the message-box module is available here.

To load this module in Havoc C2, go to Scripts → Script Manager → Load Script and select the message-box-module.py file.

To see the help for the message-box, use:

help message-box

To see the help for a specific command within the module, use:

help message-box <command>

Commands within the module can executed as follows:

message-box msg static
message-box msg custom "This is a custom message"
message-box file remote
message-box file local

I did not change the way BOFs work so all of these commands will work as has been demonstrated previously.

Red Team Notes
- A module can be used to organize related commands. They offer a clean way to extend Havoc C2. To create a module in Havoc C2 use RegisterModule() function. 

Follow my journey of 100 Days of Red Team on WhatsApp, Telegram or Discord.