aryma/Ares-mythic
1
0
Fork 0
mirror of https://github.com/Aryma-f4/Ares-mythic.git synced 2026-06-12 21:44:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
b88b3a218456c39e6473c906213df5b3d2b565c1
Ares-mythic/documentation-payload/ares/c2_profiles/TCP.md
Aryma 03d283cf49 refactor(payload): rename apollo to ares and update documentation 
This commit renames the Apollo payload type to Ares, moving all associated files and updating documentation accordingly. The change includes:
- Renaming directories from `apollo` to `ares`
- Updating documentation image references
- Maintaining the same code functionality while changing the payload name
- Adding new Ares-specific documentation files
- Removing old Apollo documentation files

The rename is done to reflect the new payload name while preserving all existing functionality.
2026-04-14 14:02:44 +07:00

39 lines
1.5 KiB
Markdown
Raw Blame History

+++
title = "TCP"
chapter = false
weight = 102
+++
## Summary
Peer-to-peer communication over a network socket. Apollo will bind to a specified port and await an incoming link request before establishing communications back to Mythic.
### C2 Workflow
{{<mermaid>}}
sequenceDiagram
participant Mythic
participant Egress Agent
participant P2P Agent
Egress Agent->>Mythic: POST to receive taskings from server
Mythic-->>Egress Agent: send taskings in server response
Egress Agent->>P2P Agent: send taskings over Named Pipe
P2P Agent->>Egress Agent: send task response over Named Pipe
Egress Agent->>Mythic: POST task response to server
Mythic-->>Egress Agent: send task status in server response
Egress Agent->>P2P Agent: send server response over Named Pipe
{{< /mermaid >}}
### Profile Options
The TCP C2 profile is designed to be used for internal network communication, and therefore will need to egress from a network through an agent using the HTTP C2 profile. All HTTP agents have the ability to communicate with TCP agents and manage peer-to-peer connections using the `link` and `unlink` commands.
### Profile Options
#### Crypto type
Leave as aes256_hmac.
#### Port to start Apollo on
Self explanatory. Note: If medium integrity or lower, this will prompt a request to allow the binary to bind on the specified port.
#### Kill Date
The date at which the agent will stop calling back.
#### Perform Key Exchange
Perform encrypted key exchange with Mythic. Recommended to leave as T for true.
Reference in New Issue View Git Blame Copy Permalink