Monday, May 13, 2013

HOWTO : Hiawatha on Ubuntu Desktop 12.04 LTS

Hiawatha is a secured web server. I use it to replace apache for the exploitation due to her lightweight.

Step 0 :

In case /etc/init.d/tntnet is exist, you should disable it before going further.

sudo update-rc.d tntnet disable
sudo /etc/init.d/tntnet stop

Step 1 :

sudo apt-get install build-essential libc6-dev libssl-dev dpkg-dev debhelper fakeroot libxml2-dev libxslt1-dev

tar -xvzf cmake-
cd cmake-
sudo make install

tar -xzvf hiawatha-9.1.tar.gz
cd hiawatha-9.1/extra


cd ..

sudo dpkg -i hiawatha_9.1_amd64.deb


sudo dpkg -i hiawatha_9.1_i386.deb

In case the init script does not at /etc/init.d/, you need to copy it manully.

sudo cp hiawatha-9.1/extra/debian/init.d/hiawatha /etc/init.d/

Step 2 :

update-rc.d hiawatha disable

Step 3 :

To run it.

sudo /etc/init.d/hiawatha start

To stop it.

sudo /etc/init.d/hiawatha stop

Step 4 :

Web shell site :

Download the php reverse shell.

sudo -sH
cd /opt


tar -xvzf php-reverse-shell-1.0.tar.gz
mv php-reverse-shell-1.0 php-reverse-shell
rm php-reverse-shell-1.0.tar.gz
cp php-reverse-shell.php /var/www/hiawatha/

That's all! See you.