A few days back, I came to know about the Convo C2 project developed by Fabio Cinicolo (cxnturi0n). It piqued my interest because it uses Microsoft Teams chat messages as the communication medium between the server and the agent.

Microsoft Teams primarily uses HTTPS as the communication protocol. So when a message is sent from Teams interface, it is actually transported as a web request. In this web request, the message is enclosed within certain HTML tags and it is also possible to append other HTML tags with the message. Most of these tags get filtered out though. However, one tag which doesn’t get filtered out is the <span> tag.

As per the description on cxnturi0n’s GitHub repository, it is possible to sneak in hidden text in the aria-label attribute of <span> tags with display:none. If a red team operator is able to deploy an agent that can intercept chat messages being sent to the target user, the agent can extract the text and process it further. In this case, cxnturi0n used this feature (for the lack of a better word) to embed hidden commands in the aria-label attribute of <span> tags, which are then extracted and executed by the agent on the target machine and the output is exfiltrated to the C2 server via Adaptive Card URLs. The following diagram depicts the flow between the attacker and the target.

I wanted to test it, so I spun up a small lab and setup the required infrastructure. Below is the list of infrastructure that I used in my lab:

• Windows 10 VM (attacker machine)

• Windows 11 VM (target machine)

• AWS EC2 instance (free tier instance to host Convo C2 server)

• Microsoft 365 Developer account (to simulate the target user)

• VMWare Workstation

The following video provides the demonstration of Convo C2 in my lab. This is a bare-bones demo without any OPSEC considerations.

One obvious OPSEC consideration will be to use a domain name for C2 server instead of the IP address. HTTP (port 80) connections to IP addresses tend to get attention of SOC analysts.

In it’s current form, it provides a rudimentary shell to execute commands but more C2 features can be built-in. Another caveat is that, either the target organization should be allowing their Teams users to be publicly discovered (searched / found) by Teams users from any other organization OR the attacker will need access to another Teams user account within the same org for this to work. Lastly, it will stop working as soon as Microsoft decides to filter out <span> tags, so enjoy while it lasts.

Red Team Notes
- This can be used as a short-term C2 channel to deploy an agent from another C2. 
- The lack of direct communication between the victim and the attacker, combined with the fact that the victim only sends http requests to Microsoft servers and anti-viruses don't look into MS Teams log files, makes detection more difficult.

Follow my journey of 100 Days of Red Team on WhatsApp or Discord.