Skip to content

Mythic support / c2servers and redirs on same server / bugfixes#316

Open
hegusung wants to merge 5 commits into
outflanknl:masterfrom
hegusung:mythic_support
Open

Mythic support / c2servers and redirs on same server / bugfixes#316
hegusung wants to merge 5 commits into
outflanknl:masterfrom
hegusung:mythic_support

Conversation

@hegusung

@hegusung hegusung commented Sep 30, 2025

Copy link
Copy Markdown

Hello, here is a pull request with multiple features:

  • Currently c2servers.tgz and redirs.tgz can't be installed on the same server. the filebeat config can't be deployed together. This PR solves this. redirectors config have been moved to inputs.d
  • Mythic support:
  • The daemon.py script had a dependency issue, i updated the requirements.txt
  • The daemon.py script was marked as non-executable, preventing the enrichment execution

@github-actions github-actions Bot added c2servers Related to RedELK C2 server components docker Related to docker container builds elkserver Related to RedELK server components installer Related to RedELK installers redirs labels Sep 30, 2025
@hegusung hegusung changed the title Mythic support Mythic support / c2servers and redirs on same server / bugfixes Sep 30, 2025
@MarcOverIP

MarcOverIP commented Nov 5, 2025

Copy link
Copy Markdown
Member

Hey @hegusung thanks for the work!

I never thought of the setup of running the redir and c2 server on the exact same host as it hsa some OPSEC challenges. However, your change is a good one for the people who want this.

Regarding the Mythic logs, I have too little understanding of Mythic's logging setup to know if this is the best/correct way. I would love to have @its-a-feature input on this. Cody, is the above setup with Mythic's basic_logger the preferred way?

@MarcOverIP MarcOverIP mentioned this pull request Nov 5, 2025
Open
@hegusung

hegusung commented Jun 4, 2026

Copy link
Copy Markdown
Author

Sorry I spend a lot of time to solve this, I will ask @its-a-feature on slack for his input

@its-a-feature

its-a-feature commented Jun 5, 2026

Copy link
Copy Markdown

Hey @hegusung thanks for the work!

I never thought of the setup of running the redir and c2 server on the exact same host as it hsa some OPSEC challenges. However, your change is a good one for the people who want this.

Regarding the Mythic logs, I have too little understanding of Mythic's logging setup to know if this is the best/correct way. I would love to have @its-a-feature input on this. Cody, is the above setup with Mythic's basic_logger the preferred way?

Hey! Sorry I never saw this! Basic logger is going to be the easiest starting point for sure and is a good way to get things configured. If additional features are needed or configuration parameters exposed, I can always update things to enable that too.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

c2servers Related to RedELK C2 server components docker Related to docker container builds elkserver Related to RedELK server components installer Related to RedELK installers redirs

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@hegusung @MarcOverIP @its-a-feature