INet simulation
To keep things simple, we will use INetSim to emulate a variety of network services. It quickly sets up listeners for a slew of known ports and even provides default responses using the appropriate protocol. For example, an FTP service can be started, which will accept any credentials and will allow the connectee to interact with the service: upload, download, list files, and so on.
Note
INetSim binaries, source, and documentation is available on http://www.inetsim.org/.
INetSim is frequently used on closed networks to fake C2 servers for malware, and to capture valuable data. We can leverage the same INetSim tool to quickly setup a simple infrastructure that will handle connections from our targets, with the added benefit of producing a report of each session.
On our Debian VM instance in the cloud, we can add the official package repository for a quick install using the following echo
command:
root@spider-c2-1:~# echo "deb http://www.inetsim.org/debian/binary/" > /etc/apt...