Comment on page
C2 Setup
Register custom domain and setup lets encrypt to get a valid certificate. Then use a reverse proxy to forward traffic to the c2 which is only reachable on localhost (or a remote server).
SSLProtocol TLSv1.2
ProxyPreserveHost on
ProxyRequests off
SSLEngine on
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ProxyPass /test/example.txt https://172.31.37.1:5000/test/example.txt
ProxyPassReverse /test/example.txt https://172.31.37.1:5000/test/example.txt
The idea is to proxy only certain endpoints to the C2 server (change the default profile and make an entry for each route).
- 1.
- 2.Register Account with mailgun and subscribe to enable custom domains, then register your fresh domain there and make the required dns entries
- 3.Setup GoPhish Server on a EC2 instance, use mailgun smtp credentials to send mails
Then setup a good landing page, link the page in your email and have the page contain a download link for a document, exe etc., depending on your pretext.
Finally test your mail vs. a private address and if everything works out send it to the targets. Make sure the pretext contains calls to action and a sense of urgency (e.g. install this software to keep working remotely, fill this document to receive something etc.)
Last modified 9mo ago