CYBER ARMS – Computer Security – Cybersecurity News and Business Computer Tips

Tutorial: Havok C2 on Kali Linux

This is a sneak peak preview of part of a chapter from my new book – “Mastering Command and Control: Exploring C2 Frameworks using Kali Linux“

Tool GitHub: https://github.com/HavocFramework/Havoc
Tool Wiki: https://havocframework.com/docs/welcome

Havoc is a GUI driven multi-user Command and Control (C2) framework written in Golang, C and ASM. It is easy to use and has many great features making it a great option for Red Teams. It is also quickly becoming the “C2” of choice in online cyber-attacks, so it’s good for Blue Teams to be familiar with it too.

Havoc C2 – Installing

Havoc in now included in the repositories of the newest version of Kali Linux. It can be installed by just entering the tool name.

Open a Kali Terminal and enter the following commands:

sudo apt update
sudo apt upgrade
havoc (this will prompt you to install it)
cd /usr/share/havoc

You need to run Havoc from the install directory as it uses a config file (havoc.yaotl) in its profile directory. There are a few settings you can change in the config file, including Host, Port, Users and Passwords. Though I will just use the default config for this chapter.

Havoc is made up of two parts, the Team Server and a Client. You need to have both running in separate terminal windows.

Havoc C2 – Start the Team Server

Enter, “havoc server –profile ./profiles/havoc.yaotl -v”

“-v” starts Havoc in verbose mode. If you want debug information, you can also add, “–debug”

Havoc C2 – Start the Client

Now we need to start the client, or the user interface to Havoc.

Open a Second Terminal
Navigate to “/usr/share/havoc”
Enter, “havoc client”

Click “New Profile”
Then click “Connect”

You could also use a name and password from profile located at – profiles/havoc.yaotl

Havoc C2 – Create A Listener

First up, we need to create a Listener. A Listener looks or listens for incoming shells when a target runs a payload, and creates the connection.

Click “View” from the top menu
Then, “Listeners”

Then, at the bottom of the screen click, “Add”

Add a name and select a Payload type. I just used HTTP. Lastly, set the Host IP address and Port

Click “Save”

Havoc will save and then start the listener.

You can see the status of the Havoc in the Event Viewer window.

Havoc C2 – Generating a Payload

Next, we need to make a payload or shellcode for the target to run.

Click, “Attack” from the top menu and then, “Payload”

Havoc gives you several options. We will just take the defaults and chose a Windows Executable for the payload type. You should see your new listener listed. If not, select it from the drop-down box. Make any changes you want, I made none, then click “Generate”. Havoc will create our attack payload. It will take a few seconds for it to generate, it will then prompt you to save it.

Now, all you need to do is Copy and Run this file on a target Windows system.

And we have a live session!

This is just the begining, in the full chapter we delve deeper into controlling the remote session.

Read more on Havok and on 11 other C2s in my new book!

“Mastering Command and Control” available on Amazon.com

“Mastering Command & Control” Author’s Book Review

My newest book, “Mastering Command & Control – Exploring C2 Frameworks with Kali Linux” is out!

In the ever-evolving landscape of cybersecurity, proficiency in Command and Control (C2) frameworks is not just advantageous – it’s essential. Introducing “Mastering Command & Control,” a comprehensive guide created for security students and professionals looking to increase their knowledge of C2 platforms.

Dive deep into the world of red teaming and penetration testing as you embark on a journey through the industry’s most potent C2 frameworks. From Sliver and Empire to the depths of the renowned Metasploit framework, and more, this book is your path to mastery!

C2’s Covered:

Villain
Havoc C2
Sliver
Empire & StarKiller
Covenant
Silent Tritiny
PoshC2
Metasploit
With an overview of Merlin, Mythic, Cobalt Strike and Caldera!

You’ll navigate the installation and utilization of each framework, learning quickly with hands on tutorials utilizing the Kali Linux platform. Gain invaluable insights into obtaining remote shells, executing commands on target systems, and exploring similar modules on each framework. With a focus on practicality, each chapter equips you with the skills and knowledge needed to navigate the complex terrain of command and control with confidence.

Whether you’re a novice seeking to lay a solid foundation or a seasoned practitioner aiming to broaden your expertise, “Mastering Command & Control” is your definitive companion.

I wrote this guide as so many students were struggling with learning C2s. Also, many professionals in the field were looking for something to get them up to speed quick on C2 platforms. Thus, this book was born. I try to use similar commands, modules and techniques across each one. That way the reader can gain familiarity rapidly with each. Using the step by step, learn by doing process that my readers have enjoyed for years.

C2 platforms are so critical and more so now with the huge explosion of Artificial Intelligence. Though the current C2’s aren’t dependent on AI, they soon will be. Make no doubt about it, C2s and AI ARE the future of security. The more you are familiar with them, know how to use them, the better prepared you will be for the future!

“Mastering Command and Control – Exploring C2 Frameworks with Kali Linux”, available now on Amazon.com!

The Threats of AI in CyberSecurity

In AI the great threat to security that everyone thinks? Let’s find out …

I’ve been watching AI in Security develop over the years and have been a supporter since the very beginning, telling all – AI is the future of security, because, it is. But is it the big scary threat that many think?

In the foreseeable future, the handover of cyber defense to AI seems inevitable. We stand on the precipice of a digital battleground where Offensive AI will engage Defensive AI at speeds surpassing human capability. This reality is not a mere fantasy; it’s actively under development and testing. Nations lacking in this technological prowess risk swift obsolescence in the face of emerging threats.

Yet, amidst this potential upheaval, concerns linger regarding the impact of publicly available Generative AI, exemplified by platforms like ChatGPT. While they hold promise in code generation, their security implications are nuanced. Yes, they may aid in crafting attack vectors, but their output often necessitates human intervention due to inaccuracies or inadequacies.

At this point, they are not as big a security threat that is commonly thought. Will they help generate code and be used in phishing attacks and other similar attacks, yes! But ask any coder or security professional that has actually used it, they will tell you that frequently it is wrong or creates code that needs modification.

AI engines like ChatGPT aren’t fail proof. For example, I was using it to generate some attack code for a project and it literally came out and told me that I couldn’t use PowerShell in that certain type of attack. I had to tell it, “Yes I can”, because I have done it many times. ChatGPT literally came back with an apology, that I was correct and offered the code I needed.

Two things from this should be concerning – first, ChatGPT was wrong and after being corrected, admitted it was wrong. Secondly, it was helping me generate attack code!

Think of those that are trying to use Generative AI, like ChatGPT to create code for critical systems. It frequently needs to be corrected or modified. AI isn’t the know all magic genie that many think it is. What if the human programmers don’t check or edit the code? That thought is very concerning.

Yes, there are safety measures put into place that will try to stop people from using ChatGPT from generating malware. But there are ways around it, and no, I will not tell you how to do it. But know, the code I used for my latest project – using LoRa for creating a long-range Raspberry Pi (up to 20km over RF!) hacking device was 100% coded by ChatGPT. With much editing, of course, because it didn’t work the first try – see the previous point.

Is AI the future of cybersecurity, oh, absolutely. It already does many things very well. Check out the deepfake videos and its audio capabilities. I attended a government conference on AI and they demonstrated using an AI to impersonate a corporate executive and call the company help desk for a password reset. It was unreal, it was so believable, and, it worked.

It will revolutionize everything from Red Team operations to military drones, and will take away many people’s jobs. For example, programmers – ChatGPT can generate code and convert it to multiple languages faster than any human being.

But is AI going to end the world today? No, just ask it to generate 3D art…

It tried,

Again, and again.

And AGAIN!

After telling it that it has a bug, it finally admitted it can’t do it.

Is it impressive? Oh yes, AI is and will change everything. It will touch every area of our lives. Make no doubt about it, AI is the future of CyberSecurity.

Is this Skynet? Will it take over the world and make all humans into slaves. Absolutely not.

Not, yet…

Stay tuned!

Security Testing with Raspberry Pi – Training Class

My New Video Training Class Is LIVE!

“Security Testing with Raspberry Pi – Weaponizing the Pi” is now on Udemy! I have been working on converting my books to video training classes and my first class is done!

Based on my, “Security Testing with Raspberry Pi, Second Edition” book, the video class covers many of the same topics and some new. The book has been very popular over the years and used for training by multiple branches of the military and the Special Forces.

My video training covers: