2 Dec 15 - Cobalt Strike 3.1
+ Beacon help command complains when asked about a command that doesn't exist
+ VNC server stage is now encoded
+ Bypass UAC on Windows 10 now takes steps to use an artifact that's OK with
blocking DLL_PROCESS_ATTACH [not all techniques are OK with this].
+ Updated integrated mimikatz to 2.0 alpha 20151008
+ Added dcsync command to Beacon. Uses mimikatz to pull a hash from a DC. CS
parses its output and adds the credential to the creds model too.
+ Fixed null pointer exception when trying to save an edited listener.
+ mimikatz @module::command will force mimikatz to use beacon's thread token
+ Download cancel now properly releases file handle in Beacon.
+ client now trims large data structures in the same way the team server does
+ Screenshot tool is now smarter. If user is idle, it returns one screenshot
every three minutes. If user is active, it will return one each check-in.
+ Session metadata is now in the Beacon logs on the team server.
+ CS now offers to direct user to team server documentation when they get a
Connection refused error.
+ Added headless option to run Aggressor Scripts. Use the agscript launcher
included with the Linux package.
+ Obfuscated Artifact Kit's service entry point slightly.
+ DNS Beacon export option was not showing up in the stageless payload export
dialog if windows/beacon_dns/reverse_dns_txt was set as the listener. Fixed.
+ Scan dialog now complains if a Beacon session wasn't selected.
+ Export Data and Sync Files features now mkdir folders that don't exist.
+ Added check to prevent you from using CS with Java 1.6.
+ %TOKEN% is now replaced everywhere in phishing template, not just URL.
+ Added Export button to View -> Credentials. Exports creds in PWDump format
+ Fixed stager crash on exit after failure; caused by wrong byte order exitfunk
+ Added a sanity check for phishing target files w/ reversed email/name info
+ View -> Targets now has an import button. Imports: NMap XML & flat host files
+ IoC Report now only shows each hash once.
+ Fixed several bugs that could affect report generation.
+ Spear Phishing tool no longer strips attachments with a Content-ID header.
+ Added several APIs to Aggressor Script
+ DNS Stager now exits after all attempts exhausted (better than crashing)
【来自 Cobalt Strike 忠实粉 投递于安全脉搏】