[BUG]Implants only connecting via TLSv1 causing fatal negotation error. #278
Description
Description
I am having an issue wherein the implants which are generated are only connecting via TLSv1 despite setting for TLS.1.2 inside the C2Server.py file. Below is what I have placed in the server code:
if "https://" in PayloadCommsHost.strip():
if (os.path.isfile("%sposh.crt" % PoshProjectDirectory)) and (os.path.isfile("%sposh.key" % PoshProjectDirectory)):
#try:
httpd.socket = ssl.wrap_socket(httpd.socket, keyfile="%sposh.key" % PoshProjectDirectory, certfile="%sposh.crt" % PoshProjectDirectory, server_side=True, ssl_version=ssl.PROTOCOL_TLSv1_2)
The domain front we are using only accepts TLSv1.2 or higher. The implant will repeatedly only offer TLSv1 which eventually gets a fatal flag from the domain front.
Execution Environment:
All of this must be filled in
Data | Value
=============== PoshC2 v8.0 (5672077 2022-03-30 16:58:55) ===============
OS & version | Ubuntu
No docker.
Implant Info
Using the powershell implant generated at the top of payload generation
Defensive Technologies
No
To Reproduce
Steps to reproduce the behavior:
Set config file to domain front using help.webex.com and cloudfront address with certificates.
Set server to only accept TLSv1.2 or above.
Generate payloads.
Run powershell shell on windows with defender turns off.
Expected behavior
I would expect the implants to use the highest possible TLS available OR to renegotiate if lower TLS is not available.
Screenshots
Attach files if required
Additional context
Add any other context about the problem here.