Jump to content

How to make a web server like Darren Kitchen's ?


Jsync

Recommended Posts

I recently bought the new essentials filed kit form the hakshop 

https://hakshop.com/collections/hak5-field-kits/products/hak5-essentials-field-kit

 I looked at the hak5 youtube channel to see some hacks for the rubber ducky how they work and the creation process but and I liked the idea of the 

15 Second Password Hack, Mr. Robot Style - Hak5 2101 

as well as the 2 and 3 second hash hacks but there was one major problem for me throughout these video Darren used a web server with a web browser interface to hold the hashed files and the hack files like the rx.php and im.pxl.  I was wondering how I can make a web server just a carbon copy of his (obviously different site name) so I can view it on a browser like chrome or firefox form any location with the ssh capabilities and console access so i can get the hack running like he did because that was a struggle for me and I probably doing something wrong and cant make one. 

This is a really cool hack especially because it can be simplified to 2 seconds possibly less, I'm just struggling to get the server to work. It would be nice if it could be made so its invisible like a vps. Preferably free 

Thanks Jsync

 

Edited by Jsync
Link to comment
Share on other sites

I don't know what the source code is for the above segment, but you'd need to register your own domain name and get hosting with someone like Dreamhost, GoDaddy, etc. The site would also need to run the required software on the back end(which most will by default) such as PHP to make this work. From there you upload your php files that do the logging, and then mod the attack payload to point to your domain. If you wanted to test, you could setup a VM, and in your local machine point it at the VM's IP for the payload running a web server. You can download any turnkey linux distro that has a lamp stack or even use an existing VM such as Kali and then start apache and a2enmod php5 or php7.0 and upload the files to the kali VM as the IP you want to point the payload to. This will let you test against your home machines. Just need to make the VM bridge to the network if you want it to have an IP from the main network gateway and reachable by all local machines.

Edited by digip
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...