Jsync Posted December 8, 2016 Share Posted December 8, 2016 (edited) I recently bought the new essentials filed kit form the hakshop https://hakshop.com/collections/hak5-field-kits/products/hak5-essentials-field-kit I looked at the hak5 youtube channel to see some hacks for the rubber ducky how they work and the creation process but and I liked the idea of the 15 Second Password Hack, Mr. Robot Style - Hak5 2101 as well as the 2 and 3 second hash hacks but there was one major problem for me throughout these video Darren used a web server with a web browser interface to hold the hashed files and the hack files like the rx.php and im.pxl. I was wondering how I can make a web server just a carbon copy of his (obviously different site name) so I can view it on a browser like chrome or firefox form any location with the ssh capabilities and console access so i can get the hack running like he did because that was a struggle for me and I probably doing something wrong and cant make one. This is a really cool hack especially because it can be simplified to 2 seconds possibly less, I'm just struggling to get the server to work. It would be nice if it could be made so its invisible like a vps. Preferably free Thanks Jsync Edited December 8, 2016 by Jsync Quote Link to comment Share on other sites More sharing options...
digip Posted December 9, 2016 Share Posted December 9, 2016 (edited) I don't know what the source code is for the above segment, but you'd need to register your own domain name and get hosting with someone like Dreamhost, GoDaddy, etc. The site would also need to run the required software on the back end(which most will by default) such as PHP to make this work. From there you upload your php files that do the logging, and then mod the attack payload to point to your domain. If you wanted to test, you could setup a VM, and in your local machine point it at the VM's IP for the payload running a web server. You can download any turnkey linux distro that has a lamp stack or even use an existing VM such as Kali and then start apache and a2enmod php5 or php7.0 and upload the files to the kali VM as the IP you want to point the payload to. This will let you test against your home machines. Just need to make the VM bridge to the network if you want it to have an IP from the main network gateway and reachable by all local machines. Edited December 9, 2016 by digip Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.