THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
C2 Overview
C2 (Command and Control) consists of C2 Server and C2 Agents (clients). MiNiFi agents implementing the C2 protocol are able to communicate with the C2 server. Currently an HTTP/HTTPS RESTFul paradigm exists to support C2 capabilities to MiNiFi C2 agents. At the core of the protocol we find the heartbeat mechanism from clients to server. Every command and control mechanism is driven and triggered by the responses to the heartbeat messages. Building on top of this "flipped" direction the C2 Server doesn't need to be aware of the clients beforehand it will be notified by them via the first heartbeat messages.
C2 Operations
Agents are controlled via operation (and operand) combinations sent in the heartbeat responses.
C2 Agent → C2 Server
| Operation Name | Description |
|---|---|
| HEARTBEAT | Heartbeat provides status and operational capabilities to C2 server(s) |
| ACKNOWLEDGE | Used by MiNiFi C2 agents to acknowledge the receipt and execution of a C2 server requested operation |
C2 Server → C2 Agent
| Operation Name | Description |
|---|---|
| DESCRIBE | Requesting additional information from the agent |
| UPDATE | Initiating update on the agent side (flow, configuration, asset, properties...) |