HOWTO : Hiawatha on Ubuntu Desktop 12.04 LTS

Hiawatha is a secured web server. I use it to replace apache for the exploitation due to her lightweight.



Step 0 :



In case /etc/init.d/tntnet is exist, you should disable it before going further.



sudo update-rc.d tntnet disable

sudo /etc/init.d/tntnet stop




Step 1 :



sudo apt-get install build-essential libc6-dev libssl-dev dpkg-dev debhelper fakeroot libxml2-dev libxslt1-dev



wget http://www.cmake.org/files/v2.8/cmake-2.8.10.2.tar.gz

tar -xvzf cmake-2.8.10.2.tar.gz

cd cmake-2.8.10.2

./configure

make

sudo make install



wget http://www.hiawatha-webserver.org/files/hiawatha-9.1.tar.gz

tar -xzvf hiawatha-9.1.tar.gz

cd hiawatha-9.1/extra



./make_debian_package



cd ..



sudo dpkg -i hiawatha_9.1_amd64.deb




or



sudo dpkg -i hiawatha_9.1_i386.deb



In case the init script does not at /etc/init.d/, you need to copy it manully.



sudo cp hiawatha-9.1/extra/debian/init.d/hiawatha /etc/init.d/




Step 2 :



update-rc.d hiawatha disable



Step 3 :



To run it.



sudo /etc/init.d/hiawatha start



To stop it.



sudo /etc/init.d/hiawatha stop



Step 4 :



Web shell site :



http://pentestmonkey.net/category/tools/web-shells



Download the php reverse shell.



sudo -sH

cd /opt



wget http://pentestmonkey.net/tools/php-reverse-shell/php-reverse-shell-1.0.tar.gz



tar -xvzf php-reverse-shell-1.0.tar.gz

mv php-reverse-shell-1.0 php-reverse-shell

rm php-reverse-shell-1.0.tar.gz

cp php-reverse-shell.php /var/www/hiawatha/




That's all! See you.