Payload Server

We should also set up another server to host the payloads, so if we have a beacon runing and it gets blocked we dont kill the beacon.

- PwnDrop

https://github.com/kgretzky/pwndrop

PwnDrop is an open-source payload hosting service for Red Team Operations. It's easy to deploy and can serve files over HTTP/S and WebDAV. You can apply geo-based restrictions so that only the attacker and the victim's infrastructure can access it. The admin portal is accessible through a hidden directory for added security.

- Nignx

We can also set up facade files with nginx:

location / {
try_files $uri $uri/ =404;
}
 
location ~ \.docx$ {
 return 302 /malicious.exe;
}
 
 
location ~ \.xls$ {
  if ($remote_addr ~ "10.10.10.10") {
   return 302 /pwnd.exe;
  }
}

- Legitimate Application

We can also serve payloads from legitimate applications like Google Drive, OneDrive, Interplanetary File System (IPFS, Adobe Portfolio, etc.

PreviousRedirector NextPhishing Server

Last updated 4 months ago