This is a sneak peak preview of part of a chapter from my new book – “Mastering Command and Control: Exploring C2 Frameworks using Kali Linux“
Tool GitHub: https://github.com/HavocFramework/Havoc
Tool Wiki: https://havocframework.com/docs/welcome
Havoc is a GUI driven multi-user Command and Control (C2) framework written in Golang, C and ASM. It is easy to use and has many great features making it a great option for Red Teams. It is also quickly becoming the “C2” of choice in online cyber-attacks, so it’s good for Blue Teams to be familiar with it too.
Havoc C2 – Installing
Havoc in now included in the repositories of the newest version of Kali Linux. It can be installed by just entering the tool name.
Open a Kali Terminal and enter the following commands:
- sudo apt update
- sudo apt upgrade
- havoc (this will prompt you to install it)
- cd /usr/share/havoc
You need to run Havoc from the install directory as it uses a config file (havoc.yaotl) in its profile directory. There are a few settings you can change in the config file, including Host, Port, Users and Passwords. Though I will just use the default config for this chapter.
Havoc is made up of two parts, the Team Server and a Client. You need to have both running in separate terminal windows.
Havoc C2 – Start the Team Server
- Enter, “havoc server –profile ./profiles/havoc.yaotl -v”
“-v” starts Havoc in verbose mode. If you want debug information, you can also add, “–debug”
Havoc C2 – Start the Client
Now we need to start the client, or the user interface to Havoc.
- Open a Second Terminal
- Navigate to “/usr/share/havoc”
- Enter, “havoc client”
- Click “New Profile”
- Then click “Connect”
You could also use a name and password from profile located at – profiles/havoc.yaotl
Havoc C2 – Create A Listener
First up, we need to create a Listener. A Listener looks or listens for incoming shells when a target runs a payload, and creates the connection.
- Click “View” from the top menu
- Then, “Listeners”
- Then, at the bottom of the screen click, “Add”
Add a name and select a Payload type. I just used HTTP. Lastly, set the Host IP address and Port
Click “Save”
Havoc will save and then start the listener.
You can see the status of the Havoc in the Event Viewer window.
Havoc C2 – Generating a Payload
Next, we need to make a payload or shellcode for the target to run.
- Click, “Attack” from the top menu and then, “Payload”
Havoc gives you several options. We will just take the defaults and chose a Windows Executable for the payload type. You should see your new listener listed. If not, select it from the drop-down box. Make any changes you want, I made none, then click “Generate”. Havoc will create our attack payload. It will take a few seconds for it to generate, it will then prompt you to save it.
Now, all you need to do is Copy and Run this file on a target Windows system.
And we have a live session!
This is just the begining, in the full chapter we delve deeper into controlling the remote session.
Read more on Havok and on 11 other C2s in my new book!
“Mastering Command and Control” available on Amazon.com