Skip to content
Adrian Vollmer edited this page Jul 26, 2019 · 1 revision

Simply run ./ <your hostname> --auth powerhub:<a good password>.

By default it starts an HTTP service on port 8080 and an HTTPS service on port 8443. A suitable self-signed certificate is generated if you do not provide one. The services act as a reverse proxy for more services, for example a Flask app and a WebDAV service, which only listen on the loopback device.

Now you can go to https://<your hostname>:8443 and use PowerHub both on your attacker machine and your target machine. You do not have modules installed yet, but you can easily download more by clicking on "Get More". There are a few pre-configured modules listed. If you already have these modules on your system, you may also manually create a symlink in the modules directory.

This directory is located in $XDG_DATA_HOME/powerhub along with your other data such as your uploaded files or reverse shell logs. If $XDG_DATA_HOME is not set, ~/.local/share/ is used.

You can’t perform that action at this time.