Thermostaten Posted October 24, 2019 Share Posted October 24, 2019 (edited) Would it be possible to run the C2 on an existing webserver ? My ideal setup would be: webserver listen on ip 10.0.0.80 (just some local ip the server has and is behind NAT to an external IP) and port 443 + 80 and run HSTS, behind cloudflare or alike. The hak5 C2 listen on 127.0.0.1 port 443, 80 2022 The webserver redirects /whatever_i_choose/link to the C2 service -> 127.0.0.1:443, 80 2022 etc.. That way i can have a covert C2 running behind a legit looking webserver. I were thinking of using IP tables or apache proxy, mod_rewrite to do this - would it work when the C2 wants the ssl cert ? could this be done ? Best regards T root@server:~# netstat -tupln Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 782/sshd tcp 0 0 10.10.10.10:80 0.0.0.0:* LISTEN 1565/apache2 tcp 0 0 10.10.10.10:443 0.0.0.0:* LISTEN 1565/apache2 tcp 0 0 127.0.0.1:80 0.0.0.0:* LISTEN 1633/c2_community-l tcp 0 0 127.0.0.1:443 0.0.0.0:* LISTEN 1633/c2_community-l tcp 0 0 127.0.0.1:2022 0.0.0.0:* LISTEN 1633/c2_community-l Edited October 24, 2019 by Thermostaten Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.