NGINX FW RULE

NGINX WHITELIST

#this must be performed after the conditional nginx redirection
root@oco:~$ BROWSER > AZURE/AWS > Settings > Networking > Add inbound port rule
 #this creates an inbound rule where only the Red Team operators can access the C2 server
 #the red team operators are in the 49.36.41.230 IP while the c2 is in 20.66.23.137
 Rule: SSH
  Priority: 300
  Port: 22
  Protocol: TCP
  Source: 49.36.41.230
  Destination: Any
  Action: Allow

 #this creates an inbound rule where any traffic originating from the targets (74.235.15.184) will be
 #able to access the nginx server
 Rule: AllowVictim
  Priority: 370
  Port: 443
  Protocol: TCP
  Source: 74.235.35.184
  Destination: Any
  Action: Allow
   
 Rule: AllowVnetInbound
  Priority: 65000
  Port: Any
  Protocol: Any
  Source: VirtualNetwork
  Destination: VirtualNetwork
  Action: Allow
  
 Rule: AllowAzureLoadBalancerInbound
  Priority: 65001
  Port: Any
  Protocol: Any
  Source: AzureLoadBalancer
  Destination: Any
  Action: Allow
  
 Rule: DenyAllInbound
  Priority: 65500
  Port: Any
  Protocol: Any
  Source: Any
  Destination: Any
  Action: Deny

PreviousC2 AGENT/USER-AGENT CONDITIONAL REDIRECTION (OPSEC)NextC2 SERVER FW RULE

Last updated 6 months ago