Before You Begin

Read this section before you install Cobalt Strike.

System Requirements

The following items are required for any system hosting the Cobalt Strike client and/or server components.

Java

Cobalt Strike's GUI client and team server require one of the following Java environments:

 

NOTE:

If your organization does not have a license that allows commercial use of Oracle's Java, we encourage you to use OpenJDK 11.

Supported Operating Systems

Cobalt Strike Team Server is supported on a Linux system that meets the Java requirements and has been tested on the following Debian based Linux distributions (other versions may work but have not been tested):

  • Debian
  • Ubuntu
  • Kali Linux

Cobalt Strike Client runs on the following systems:

  • Windows 7 and above
  • MacOS X 10.13 and above

  • GUI based Linux, such as: Debian, Ubuntu and Kali Linux (other versions may work but have not been tested)

Hardware

In addition to an accepted operating system, the below minimum requirements should be met:

  • 2 GHz+ processor
  • 2 GB RAM
  • 500MB+ available disk space

On Amazon's EC2, use at least a High-CPU Medium (c1.medium, 1.7 GB) instance.

Linux glibc

Be aware that certain Linux distributions may be missing or don't have the correct version of glibc. If you run into that issue, review the Knowledge Article, glibc Missing From Older Linux Distributions, on the Fortra Portal.

Installing OpenJDK

Cobalt Strike is tested with OpenJDK 11 and its launchers are compatible with a properly installed OpenJDK 11 environment.

Linux (Kali 2018.4, Ubuntu 18.04)

  1. Update APT:

    sudo apt-get update

  2. Install OpenJDK 11 with APT:

    sudo apt-get install openjdk-11-jdk

  3. Make OpenJDK 11 the default:

    sudo update-java-alternatives -s java-1.11.0-openjdk-amd64

Linux (Other)

  1. Uninstall the current OpenJDK package(s).
  2. Download OpenJDK for Linux/x64 at: https://jdk.java.net/archive/.

  3. Extract the OpenJDK binary:

    tar zxvf openjdk-11.0.1_linux-x64_bin.tar.gz

  4. Move the OpenJDK folder to /usr/local:

    mv jdk-11.0.1 /usr/local

  5. Add the following to ~/.bashrc:

    JAVA_HOME="/usr/local/jdk-11.0.1"

    PATH=$PATH:$JAVA_HOME/bin

  6. Refresh your ~/.bashrc to make the new environment variables take effect:

    source ~/.bashrc

MacOS X

  1. Download OpenJDK for macOS/x64 at: https://jdk.java.net/archive/.
  2. Open a Terminal and navigate to the Downloads/ folder.

  3. Extract the archive:

    tar zxvf openjdk-11.0.1_osx-x64_bin.tar.gz

  4. Move the extracted archive to /Library/Java/JavaVirtualMachines/:

    sudo mv jdk-11.0.1.jdk/ /Library/Java/JavaVirtualMachines/

The java command on MacOS X will use the highest Java version in /Library/Java as the default.

TIP:

If you are seeing a JRELoadError message this is because the JavaAppLauncher stub included with Cobalt Strike loads a library from a set path to run the JVM within the stub process. Issue the following command to fix this error:

sudo ln -fs /Library/Java/JavaVirtualMachines/jdk-11.0.2.jdk /Library/Internet\ Plug-Ins/JavaAppletPlugin.plugin

 

Replace jdk-11.0.2.jdk with your Java path. The next Cobalt Strike release will use a Java Application Stub for MacOS X that is more flexible.

Windows

  1. Download OpenJDK for Windows/x64 at: https://jdk.java.net/archive/.
  2. Extract the archive to c:\program files\jdk-11.0.1.
  3. Add c:\program files\jdk-11.0.\bin to your user's PATH environment variable:
    1. Go to Control Panel-> System-> Change Settings-> Advanced-> Environment Variables....
    2. Highlight Path in User variables for user.
    3. Press Edit.
    4. Press New.
    5. Type: c:\program files\jdk-11.0.1\bin.
    6. Press OK on all dialogs.

Wayland Desktop - Not Supported

Wayland is a modern replacement for the X Windows System. Wayland has made great strides, as a project, and some desktop environments use it as their default window system. Don't let the adoption fool you though. Not all applications or application environments work 100% perfectly on Wayland. There are still bugs and issues to address.

There are bugs in Java (or Wayland) that may cause a graphical Java application to crash, during normal use, when run in a Wayland desktop. These bugs affect Cobalt Strike users. Fortra does not support the use of Cobalt Strike on Wayland desktops.

Am I using Wayland?

Type echo $XDG_SESSION_TYPE to find out if you're on wayland or x11.

How to disable Wayland on Kali Linux

The latest version of Kali Linux 2017 Rolling uses a Wayland desktop by default. To change this back to X11:

  1. Open /etc/gdm3/daemon.conf with your favorite text editor.
  2. Find the [daemon] section.
  3. Add WaylandEnable=false and reboot your system.