Going Live with Cloud Functions

Currently, there is a lack of relevant information on using cloud functions to go live with tools other than Cobalt Strike and Metasploit (MSF) on the internet. Here, we will introduce how to use Tencent Cloud Functions to go live with a Viper payload.

Configure the Listener in Viper

• Create a new listener with the following configurations:

Note that you must select "meterpreter_reverse_https" for the listener.

Leave the LURI and certificate file fields empty.

Configure Tencent Cloud Functions

• Open the API Gateway page: https://console.cloud.tencent.com/apigateway/service?rid=1
• Create a new API Gateway with the following configurations:

• Note that you need to fill in the IP address and port of the Viper listener for the backend domain name, and select the HTTPS protocol.

• After generation is completed, click on the corresponding API to obtain details.

• Remember the cloud function web address here. For example, in the sample, it is: service-6abofmuc-1256520000.gz.apigw.tencentcs.com

Generate the Complementary Payload

• Open "Generate Payload" in Viper and configure as follows:

LHOST is the web address of the cloud function, LPORT is 443, LURI and the certificate file are empty. Turn off the certificate verification option.

• Generate the payload.

Run and go live