DocsRelease Notes

HTTP Server Container Task

Suggest Edits

Overview

The HTTP Server container task uses Twisted Web to provide a web server that serve a static web page or a directory of downloadable files. If an index.html file is present in the container task's local shared directory, the web server will use it to provide a static web page. If no index.html file is present, the web server will serve a directory listing of the files present in the container task's local shared directory.

The source code for the HTTP Server container task is available here: https://github.com/havocsh/havoc-attack-containers/tree/main/http_server
The container image for the HTTP Server container task is available here: https://gallery.ecr.aws/havoc_sh/http_server

Launching an HTTP Server Container Task

To launch an HTTP Server container task as an ECS task within the AWS account of your ./havoc deployment, use the task_startup or run_task command:

task_startup --task_name=<task_name> --task_type=http_server --task_host_name=<task_host_name> --task_domain_name=<task_domain_name> --portgroups=<portgroup1,portgroup2,...> --end_time=<time_string>

run_task --task_name=<task_name> --task_type=http_server --task_host_name=<task_host_name> --task_domain_name=<task_domain_name> --portgroups=<portgroup1,portgroup2,...> --end_time=<time_string>

To launch an HTTP Server container task as a remote container task on any system that can run Docker containers, use the docker run command:

sudo docker run -d \
  --name=<container-name> \
  --network host \
  --cap-add SYS_ADMIN \
  -e "LOCAL_IP=$(hostname -I)" \
  -e "CAMPAIGN_ID=<campaign-id>" \
  -e "USER_ID=<campaign-user-id>" \
  -e "TASK_NAME=<task-name>" \
  -e "TASK_CONTEXT=<task-context>" \
  -e "REMOTE_TASK=true" \
  -e "API_KEY=<api-key>" \
  -e "SECRET=<secret>" \
  -e "API_DOMAIN_NAME=<api-domain-name>" \
  -e "API_REGION=<api-region>" \
  public.ecr.aws/havoc_sh/http_server:latest \
  /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf

Refer to the Usage Through CLI Console and Usage Through SDK pages for more details about the run_task and docker run commands.

Available Commands

These commands are available to be passed as the instruct_command in the instruct_task method call. The sub-bullets under the commands are the arguments for the command that should be passed in the instruct_args parameter. See the Usage Through CLI Console and Usage Through SDK pages for more details on how to use instruct_args.

  • start_server - instruct the HTTP Server container task to start a web server on a specified port.
    • listen_port - (Required) the port number the web server should listen on.
    • ssl - (Required) specify whether or not to use SSL. Values must be true or false.
  • stop_server - stop the running web server.
  • cert_gen - generate a self-signed certificate that can be used with an http listener.
    • subj - the SSL certificate subject to apply to the certificate. The subject value must follow the format expected by openssl's -subj parameter. Specify either subj or domain but not both.
    • domain - the domain to use when requesting a Let's Encrypt certificate (note that the domain must be registered with your ./HAVOC campaign through the create_domain command). Specify either domain or subj but not both.
    • test_cert - indicate whether or not to request a test certificate from Let's Encrypt (True|False).
  • echo - get an arbitrary response from the container task (can be used to check if the container is responsive to commands).
  • sync_from_workspace - download all files from the Campaign's workspace to the local workspace directory on the container task.

    Note that this will overwrite any existing files with the same name in the container task's local workspace.

  • sync_to_workspace - upload all files from the container task's local workspace directory to the Campaign's workspace.

    Note that this will overwrite any existing files with the same name in the Campaign's workspace.

  • download_from_workspace - download a specific file from the Campaign's workspace to the container task's local workspace directory.
    • file_name - the name of the file to be downloaded.

      Note that this will overwrite any existing file with the same name in the container task's local workspace.

  • upload_to_workspace - upload a specific file from the container task's local workspace directory to the Campaign's workspace.
    • file_name - the name of the file to be uploaded.

      Note that this will overwrite any existing file with the same name in the Campaign's workspace.

  • ls - list files of the container task's local shared directory.
  • del - delete a file from the container task's local shared directory.
    • file_name - the name of the file to be deleted.
  • terminate - instruct the container task to shutdown.

Updated 7 months ago