Hotcobalt – New Cobalt Strike DoS Vulnerability That Lets You Halt Operations – SentinelLabs

August 4, 2021

Updated: August 10, 2021

Executive Summary

Versions 4.2 and 4.3 of Cobalt Strike’s server contain multiple Denial of Service vulnerabilities (CVE-2021-36798).

The vulnerabilities can render existing Beacons unable to communicate with their C2 server, prevent new beacons from being installed, and have the potential to interfere with ongoing operations.

We have released a new Python library to help generically parse Beacon communication in order to help the research security community.

Introduction

Cobalt Strike is o…

Hotcobalt – New Cobalt Strike DoS Vulnerability That Lets You Halt Operations – SentinelLabs

Mediator – An Extensible, End-To-End Encrypted Reverse Shell With A Novel Approach To Its Architecture

SharpSystemTriggers: Collection of remote authentication triggers in C#

Webdiscover – The Purpose Of This Script Is To Automate The Web Enumeration Process And Search For Exploits

SharpSelfDelete: C# implementation of a method to delete a locked file, or current running executable, on disk

Editor Picks

Threat Hunting With Yara Rules

Certified Pre-Owned Detection Ideas

Defining Cobalt Strike Components So You Can BEA-CONfident in Your Analysis

Must read

SharpSystemTriggers: Collection of remote authentication triggers in C#

Webdiscover – The Purpose Of This Script Is To Automate The Web Enumeration Process And Search For Exploits

SharpSelfDelete: C# implementation of a method to delete a locked file, or current running executable, on disk

Popular categories