All C2 profiles are backed by a Docker container or intermediary layer of some sort. You don't have to use a Docker container that's hooked into Apfell, you could write your own translator that converts between your C2 profile and the main Apfell interface and host it somewhere else. You just lose the ability to control it from within the Apfell UI in that case.

What's the goal of the container?

What do the C2 docker containers do? Why are things broken out this way? In order to make things more modular within Apfell, most services are broken out into their own containers. When it comes to C2 profiles, they simply serve as an intermediary layer that translates between your special sauce C2 mechanism and the normal RESTful interface that Apfell uses. This allows you to create any number of completely disjoint C2 types without having to modify anything in the main Apfell codebase.

Container Components

There are a few things needed to make a C2 container. For this example, let's assume the name of the C2 profile is ABC:

1. in /Apfell/C2_Profiles make a folder called ABC

2. Within that folder, make a file called DockerFile that contains the following:

From c2_profile_base

3. Within that folder, make a file called server (this is what will be executed when you select to start the c2 profile. If you want this to pick up something from the environment, be sure to put it as a #! at the top. For example, the default containers leverage python3, so they have #! /usr/bin/env python3 at the top. This file is always executed via bash, so as a sub-process like ./server

4. You can now start the C2 profile container from the command line via sudo ./start_c2_profiles.sh ABC. This will start the container and have it sending heartbeats to the main Apfell instance. If you already have the C2 profile registered in the UI, you'll now see the docker container light turn green.

At this point though, the container is checking in and can be tasked, but there's no inner logic that's going on to actually translate anything for a C2 profile.

If you need some other environment set up than just Python3.6, then you can modify the DockerFile to set up the environment as needed. If you don't want to use the base docker image c2_profile_base, then that's fine too. You just need to make sure python3.6 is installed and setup like the c2_profile_base container.