Covenant

Setup

WARNING Installation May Reboot VM.
sudo apt update
sudo apt install -y docker.io ## If not already installed.
git clone --recurse-submodules https://github.com/cobbr/Covenant
cd Covenant/Covenant

## COFFEE BREAK
sudo docker build -t covenant .
sudo docker run -it -p 7443:7443 -p 80:80 -p 443:443 --name covenant -v /home/kali/foobar/Covenant/Covenant/Data:/app/Data covenant

## Visit https://127.0.0.1:7443 and register an account.

First Grunt

Creating a Listener

Log into the web portal, on the side bar click Listeners followed by the Create button.

It's important that you select the ConnectAddress IP that matches the gateway you're using to communicate with the target from.

The listener should now be created.

First Launcher

On the side bar click on Launchers. There are many launcher types for this one we will use PowerShell. The Launcher supports a ton of different configurations but to start with we will use the default options.

Click on the Generate button and it will create both PowerShell one liner and encoded one liner that can be used for spawning a grunt.

By clicking on the Host tab in-between Generate and Code you can choose to host the binary on a local web server to create a shorter .NET download cradle. For the URL provide the name you'd like to use use for the PowerShell file (Probably shouldn't pick grunt.ps1).

Copy the encoded launcher and go ahead and paste it. You might need to disable AMSI or heavily modify the launcher in order to bypass AV. To verify setup it is recommended you perform this step on a Windows 10 host under your control. This will allow you to validate that the listener and launcher have been properly configured.

For debugging purposes it can be helpful to remove ``-Window Hidden``

The AMSI String can be useful for debugging.