HTTPS C2 Done Right NGINX
HTTPS C2 Done Right with NGINX
1
#!/bin/bash
2
# Refs:
3
# http://stackoverflow.com/questions/11617210/how-to-properly-import-a-selfsigned-certificate-into-java-keystore-that-is-avail
4
# https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-14-04
5
# http://www.advancedpentest.com/help-malleable-c2
6
# https://maximilian-boehm.com/hp2121/Create-a-Java-Keystore-JKS-from-Let-s-Encrypt-Certificates.htm
7
​
8
# Global Variables
9
runuser=$(whoami)
10
tempdir=$(pwd)
11
# Echo Title
12
clear
13
echo '=========================================================================='
14
echo ' HTTPS C2 Done Right Setup Script | [Updated]: 2016'
15
echo '=========================================================================='
16
echo ' [Web]: Http://CyberSyndicates.com | [Twitter]: @KillSwitch-GUI'
17
echo '=========================================================================='
18
​
19
​
20
echo -n "Enter your DNS (A) record for domain [ENTER]: "
21
read domain
22
echo
23
​
24
echo -n "Enter your common password to be used [ENTER]: "
25
read password
26
echo
27
​
28
echo -n "Enter your CobaltStrike server location [ENTER]: "
29
read cobaltStrike
30
echo
31
​
32
domainPkcs="$domain.p12"
33
domainStore="$domain.store"
34
cobaltStrikeProfilePath="$cobaltStrike/httpsProfile"
35
​
36
apt update
37
apt install openjdk-11-dbg
38
​
39
# Environment Checks
40
func_check_env(){
41
# Check Sudo Dependency going to need that!
42
if [ $(id -u) -ne '0' ]; then
43
echo
44
echo ' [ERROR]: This Setup Script Requires root privileges!'
45
echo ' Please run this setup script again with sudo or run as login as root.'
46
echo
47
exit 1
48
fi
49
}
50
​
51
func_check_tools(){
52
# Check Sudo Dependency going to need that!
53
if [ $(which keytool) ]; then
54
echo '[Sweet] java keytool is installed'
55
else
56
echo
57
echo ' [ERROR]: keytool does not seem to be installed'
58
echo
59
exit 1
60
fi
61
if [ $(which openssl) ]; then
62
echo '[Sweet] openssl keytool is installed'
63
else
64
echo
65
echo ' [ERROR]: openssl does not seem to be installed'
66
echo
67
exit 1
68
fi
69
if [ $(which git) ]; then
70
echo '[Sweet] git keytool is installed'
71
else
72
echo
73
echo ' [ERROR]: git does not seem to be installed'
74
echo
75
exit 1
76
fi
77
}
78
​
79
func_nginx_check(){
80
# Check Sudo Dependency going to need that!
81
​
82
# if [ sudo lsof -nPi | grep ":80 (LISTEN)" ]; then
83
# echo
84
# echo ' [ERROR]: This Setup Script Requires that port!'
85
# echo ' 80 not be in use.'
86
# echo
87
# exit 1
88
if [ $(which java) ]; then
89
echo '[Sweet] java is already installed'
90
echo
91
else
92
apt-get update
93
apt-get install default-jre -y
94
echo '[Success] java is now installed'
95
echo
96
fi
97
if [ $(which nginx) ]; then
98
echo '[Sweet] nginx is already installed'
99
service nginx start
100
echo
101
else
102
apt-get update
103
apt-get install nginx -y
104
echo '[Success] nginx is now installed'
105
echo
106
service nginx restart
107
service nginx start
108
fi
109
if [ $(lsof -nPi | grep -i nginx | grep -c ":80 (LISTEN)") -ge 1 ]; then
110
echo '[Success] nginx is up and running!'
111
else
112
echo
113
echo ' [ERROR]: nginx does not seem to be running on'
114
echo ' port 80? Try manual start?'
115
echo
116
exit 1
117
fi
118
if [ $(which ufw) ]; then
119
echo 'Looks like UFW is installed, opening ports 80 and 443'
120
ufw allow 80/tcp
121
ufw allow 443/tcp
122
echo
123
fi
124
}
125
​
126
func_install_letsencrypt(){
127
echo '[Starting] cloning into letsencrypt!'
128
git clone https://github.com/certbot/certbot /opt/letsencrypt
129
echo '[Success] letsencrypt is built!'
130
cd /opt/letsencrypt
131
echo '[Starting] to build letsencrypt cert!'
132
sudo snap install core
133
sudo snap install --classic certbot
134
certbot --nginx -d $domain -n --register-unsafely-without-email --agree-tos
135
if [ -e /etc/letsencrypt/live/$domain/fullchain.pem ]; then
136
echo '[Success] letsencrypt certs are built!'
137
else
138
echo "[ERROR] letsencrypt certs failed to build. Check that DNS A record is properly configured for this domain"
139
exit 1
140
fi
141
}
142
​
143
func_build_pkcs(){
144
cd /etc/letsencrypt/live/$domain
145
echo '[Starting] Building PKCS12 .p12 cert.'
146
openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out $domainPkcs -name $domain -passout pass:$password
147
echo '[Success] Built $domainPkcs PKCS12 cert.'
148
echo '[Starting] Building Java keystore via keytool.'
149
keytool -importkeystore -deststorepass $password -destkeypass $password -destkeystore $domainStore -srckeystore $domainPkcs -srcstoretype PKCS12 -srcstorepass $password -alias $domain
150
echo '[Success] Java keystore $domainStore built.'
151
mkdir $cobaltStrikeProfilePath
152
cp $domainStore $cobaltStrikeProfilePath
153
echo '[Success] Moved Java keystore to CS profile Folder.'
154
}
155
​
156
func_build_c2(){
157
cd $cobaltStrikeProfilePath
158
echo '[Starting] Cloning into amazon.profile for testing.'
159
wget https://raw.githubusercontent.com/rsmudge/Malleable-C2-Profiles/master/normal/amazon.profile --no-check-certificate -O amazon.profile
160
echo '[Success] amazon.profile clonned.'
161
echo '[Starting] Adding java keystore / password to amazon.profile.'
162
echo " " >> amazon.profile
163
echo 'https-certificate {' >> amazon.profile
164
echo set keystore \"$domainStore\"\; >> amazon.profile
165
echo set password \"$password\"\; >> amazon.profile
166
echo '}' >> amazon.profile
167
echo '[Success] amazon.profile updated with HTTPs settings.'
168
}
169
# Menu Case Statement
170
case $1 in
171
*)
172
func_check_env
173
func_check_tools
174
func_nginx_check
175
func_install_letsencrypt
176
func_build_pkcs
177
func_build_c2
178
;;
179
esac
Copied!
Last modified 2mo ago
Copy link