Jump to content

How can I set different host names in the 'devide.config' file?


GN_82
 Share

Recommended Posts

Why would you want to do that? If you point the A record of both domains to the same server, it could work in theory, but you still need support for this kind of handling in the device.config file and in C2 and in the device itself I guess. Perhaps you are onto something with the way you spell the filename; devide.config could perhaps be divide.config in order to split the traffic in two pipes (that was a joke).

Link to comment
Share on other sites

Hi dark_pyrro... :-)

The idea is to be able to have an alternative reverse channel of communication with the device. For example, with Ngrok we cannot raise TCP and Http tunnels with the same address or domain.

Session Status                online
Region                        United States (us)
Web Interface                 http://0.0.0.0:4040
Forwarding                    tcp://XXX.tcp.ngrok.io:83354 -> demoh5c2:2022
Forwarding                    http://mydomain.ngrok.io -> http://demoh5c2:80
Forwarding                    https://mydomain.ngrok.io -> https://demoh5c2:443

 

Link to comment
Share on other sites

I am currently testing to lift C2 with docker container. I use SSLH to try to SSH over HTTPs to avoid these limitations.

My C2 container

docker run --rm -it --network docker_modulesnet -v h5domaindemo_data:/data -v $(pwd)/certs/:/certs --name h5domaindemo docker_h5domaindemo /bin/bash -c 'FILE="/data/backup.tar"; tar xvf $FILE -C / ; /app/c2 -hostname h5domaindemo.ngrok.io -https -certFile /certs/hiaas.crt -keyFile /certs/hiaas.key'

My SSLH container 

docker run --rm -it --network docker_modulesnet -e SSH_HOST=h5domaindemo -e SSH_PORT:2022 -e HTTPS_HOST=h5domaindemo -e HTTPS_PORT:443 --name sslh-hub shaddysignal/sslh-hub

My Ngrok config (bussines plan)

tunnels:
  c2_http:
    addr: h5domaindemo:80
    proto: http
    bind-tls: false
#    inspect: false
    hostname: mycustomdomain.ngrok.io
  c2_https:
    addr: sslh-hub:443
    proto: http
    bind-tls: true
#    inspect: false
    hostname: mycustomdomain.ngrok.io

I have not found any documentation that allows me to generate the device.config file manually.

Link to comment
Share on other sites

No, it's proprietary code. The best evasion measure is not hosting anything in your own network at all that needs to have connections initiated from the outside > in perspective. I use VPS for such things instead. An alternative could be to use a ZeroTier based network, but there's no guarantee for a secure environment. Depends on what Hak5 devices you are intending to connect to the C2 server though.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...