Skip to content

Installation

Maxime Landon edited this page Dec 17, 2019 · 3 revisions

Installation


Installation of the WireGost system (server + client) needs to be done in this order:

  • Server
  • Client

Because both components are installed separately, it is possible for a user who wants access to an already working server to install only the client. He will only need to comply with a few rules.


1. Server (Spectre)

The server will be installed first. In the /scripts directory:

go run spectre_setup.go and follow prompts.

The program will successively:

1. Directories
  • Create a server-specific personal user directory ~/.wiregost/server/.
  • Create a certificates/ directory for storing SSL Certificates and their associated Private Keys.
2. Database
  • Create a database with username, dbname and password entered at prompt. Make sure PostgreSQL is installed.
  • Setup the database.
  • Create a database.conf file for storing database credentials.
3. Default user
  • Create a default user (prompt for name) and save it to database. This username will be needed during client setup. This user is automatically being given administrator rights on the server.
4. SSL Certificates
  • Create a server.conf file for storing connection parameters (IP address, port, etc)

2. Client (Ghost)

In the /scripts directory:

go run ghost_setup.go and follow prompts.

The program will successively:

1. Directories
  • Create a client-specific personal user directory ~/.wiregost/client/.
  • Create directories for client-side logs, workspaces, resources, modules, payloads and exports.
2. Configuration files
  • Create files for command history and client-side configuration (shell, directories, etc).
3. Authentication
  • Set up client-side authentication parameters (username and password). The username needs to be the same as the one given when setting up the server (default user). These will allow use of the shell, and then, if recognized by a server, connection to it. These parameters will be stored in .wiregost/.auth
4. Server configuration
  • Create a server.conf file for storing server parameters (IP, port, Common Name, certificate path, etc.)

Additional Steps

After going through setup, 2 things needs to be done:

  • Copy the server's certificate someCert.crt to the client/certificates/ directory.
  • Open the server.conf file in the client/, write the Common Name/FQDN used when generating the SSL Certificates, and write the path to the certificate next to Certificate.

Multi-user servers

In case where a single server needs to be accessed by multiple users, one of the server's administrators needs first to add a user (he will only need to give a username).

  • When the user will install its client, we will need to enter the same username when prompted.
  • Also, he will need a copy of the server's SSL certificate, to be put in the certificates/ directory.

You can re-run these scripts each time you want to reinitialize your configuration, but:

BEWARE: At this point of development, the script will automatically overwrite the command history file and configuration file. Don't do it unless you are sure and that you have copied the fies you wanted to keep !

Clone this wiki locally