Skip to main contentOverview
This C2 profile is a peer-to-peer (P2P) profile. This means that an agent with this profile does not reach out to Mythic; instead, this profile opens a port on the target system and waits for incoming connections. You need to then have another agent use the link_tcp command to connect to this agent before issuing tasking.
The Docker container for this profile does not “start” or “stop” since it’s not going to be receiving any connections from agents. All connections are between two specific agents. This is why this profile doesn’t have an option to start/stop or even configure it within the Mythic UI.
C2 Workflow
Configuration Options
There’s no internal poseidon_tcp Docker container configuration that’s required. The profile is used for inter-agent communication, so there’s no agent messages that go through the poseidon_tcp Docker container.
Profile Options
crypto type
Indicate if you want to use no crypto (i.e. plaintext) or if you want to use Mythic’s aes256_hmac. Using no crypto is really helpful for agent development so that it’s easier to see messages and get started faster, but for actual operations you should leave the default to aes256_hmac.
Port to Open
Number to specify the port number to callback to. This is split out since you don’t have to connect to the normal port (i.e. you could connect to http on port 8080).
Kill Date
Date for the agent to automatically exit, typically the after an assessment is finished.
T or F for if you want to perform a key exchange with the Mythic Server. When this is true, the agent uses the key specified by the base64 32Byte key to send an initial message to the Mythic server with a newly generated RSA public key. If this is set to F, then the agent tries to just use the base64 of the key as a static AES key for encryption. If that key is also blanked out, then the requests will all be in plaintext.
OPSEC
This profile opens a port on the host where the agent is running.
Development
