Friday, 26 June 2015

Setting up a FTP Server for redpill Hacker

redpill Hacker is a hacking tool (penetration testing tool) that allows you to do different types of 'attacks' on targets (the computers or persons you want to monitor/investigate). Some attacks like the Phishing Website Attack or a payload that is send with a link require a website (or at least a file hosting site for the link option).

You do not need an actual website as redpill Hacker will create the website for you (in the case of the phishing site) or you only need a place to host the file (in the case of the link attack). So all you need to get, is a website hosting option from a hosting company like Sites like godaddy offer cheap hosting options that also include a domain name.

With your hosting option, you will also get a FTP Server. The FTP Server is used to upload files to your website. In redpill Hacker, you can easily add the FTP Server. Open redpill Hacker and go to Resources > FTP Servers.

Your hosting company will give you the server name. It will either be something like or an IP address. The username and password will also be provided by your hosting company or you will be able to create a FTP user in your website control panel.

The directory (or folder) is where the files should be uploaded. With some hosting companies this will be in the root FTP folder. In that case just add a forward slash as in the screenshot above (/). Other sites will be something like /httpdocs/ or /www/ (you should add the forward slash in the beginning and end of the directory name).

If you are not sure what the directory is where you should upload your website files, you can contact your hosting company for support and ask them. You could also use your File Explorer in the hosting control panel to see where the website files are (there will be a Default or Index file with a htm, html, aspx or asp extension).

Once you added the FTP server, it can easily be selected from other parts of the program for things like a link payload or a phishing website. redpill Hacker will then create the website for you or upload the file for you.

A couple of things to remember:
  • When you want to send a payload with a link, you can use any website hosting option. If you want to use your site for a phishing site as well, you will need to make sure it is a Windows Server with ASP.NET 4.0 enabled.
  • Both options must be a website hosting option and not a ready build website (like website builder from godaddy) as theses sites does not allow you to upload any file you want (like payloads).
  • The link that you will specify in your link payload or the phishing website attack should be a link to your domain name and not to your FTP server.
  • You can use the same website (and FTP server) for different types attacks. You could for example use the same site for a phishing website and for multiple payload links.
Please note, we recommend godaddy as they setup the sites correctly and their domains are quickly available. Some other companies fail to create some standard and needed folders with the correct permissions.

Please contact redpill support if you have any questions.

No comments:

Post a Comment