This is the server for the ICS Malware Project. It is a simple Flask server.
- Clone the repository with
git clone https://github.com/EBMBA/ICS-Malware-Project-Server.git
- Install the requirements with
pip install -r requirements.txt
- Clone the wincrypto dependency with
git clone https://github.com/EBMBA/wincrypto.git
- Install the wincrypto dependency with
cd wincrypto && python3 setup.py install
- Run the server with
python3 webserver.py
The server is a simple Flask server. It has one endpoint '/payload/int:id' which returns the payload only for id == 2.
The server answers only if the user agent is 'Malware'.
If you want to receive the secret to decrypt the payload you need to send a POST on the endpoint '/payload/2' with your public RSA key to the server. The server will then encrypt the secret with your public key and send it back to you.
If you want to get the payload you need to send a GET on the endpoint '/payload/2'. You will receive the payload encrypted. You need to decrypt it with the secret you received before.
If you want to use your own payload just move it here with shellcode.hex as name.