1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="author" content="Carson Fleming" />
<meta name="description" content="Harness encrypted client-server communication, asynchronous command distribution, terminal emulation, and support for unlimited clients and controllers with Penguin's Kiss, the ultimate tool to manage remotely controlled devices with security and convenience." />
<link rel="icon" type="image/x-icon" href="/favicon.ico" />
<link rel="stylesheet" type="text/css" href="/css/control.css" />
<title>Server Configuration | Docs | Penguin's Kiss</title>
<link rel="canonical" href="https://c2.pkctl.org/server" />
</head>
<body>
<header id="banner">
<a id="banner-logo" href="/">
<img id="logo-img" src="/img/banner.webp" alt="Penguin's Kiss Banner" />
</a>
<div id="banner-buttons">
<a class="button" href="https://github.com/cflems/pk">GitHub</a>
<a class="button" href="https://github.com/cflems/pk/releases">Download</a>
</div>
</header>
<div id="page">
<nav id="navigation">
<h3 class="nav-heading"><a href="/">About PK</a></h3>
<ul class="nav-section">
<li><a href="/#download">Downloading</a></li>
<li><a href="/#build">Building</a></li>
<li><a href="/#precompiled">Precompiled</a></li>
</ul>
<h3 class="nav-heading"><a href="/client">Client Config</a></h3>
<ul class="nav-section">
<li><a href="/client#tts">Time to Sleep</a></li>
<li><a href="/client#bits">RSA Bits</a></li>
</ul>
<h3 class="nav-heading"><a href="/server">Server Config</a></h3>
<ul class="nav-section">
<li><a href="/server#install">Installing</a></li>
<li><a href="/server#pkctl">PKCTL Usage</a></li>
<li><a href="/server#keygen">Host Key Generation</a></li>
<li><a href="/server#users">Local Users</a></li>
</ul>
<h3 class="nav-heading"><a href="/hdb">Hosts Database</a></h3>
<ul class="nav-section">
<li><a href="/hdb#format">Format</a></li>
<li><a href="/hdb#keys">Keys Section</a></li>
<!-- Routes here soon. :) -->
</ul>
<h3 class="nav-heading"><a href="/commands">Command Reference</a></h3>
<ul class="nav-section">
<li><a href="/commands#beacon">beacon</a></li>
<li><a href="/commands#delbeacon">delbeacon</a></li>
<li><a href="/commands#nbeacons">nbeacons</a></li>
<li><a href="/commands#lbeacons">lbeacons</a></li>
<li><a href="/commands#nscreen">nscreen</a></li>
<li><a href="/commands#ncli">ncli</a></li>
<li><a href="/commands#lcli">lcli</a></li>
<li><a href="/commands#lq">lq</a></li>
<li><a href="/commands#cq">cq</a></li>
<li><a href="/commands#show-serverkey">show-serverkey</a></li>
<li><a href="/commands#pty">pty</a></li>
<li><a href="/commands#refresh-hdb">refresh-hdb</a></li>
<li><a href="/commands#tunnel">tunnel</a></li>
<li><a href="/commands#die">die</a></li>
<li><a href="/commands#shell">Shell Commands</a></li>
<li><a href="/commands#target">Targeting</a></li>
</ul>
</nav>
<div id="content">
<p>Once your PK scripts are built very little is required to run the server as a local
user, you can literally just do:</p>
<pre>python3 pkctl.py start
python3 pkctl.py attach</pre>
<p>and have yourself a simple instance up and running ready to run commands. Therefore
the rest of this section will be dedicated to getting PK running in the background
as a systemd service under its own user, and letting multiple system users attach
to the daemon at once if desired.</p>
<section id="install">
<h3>Installing</h3>
<p>Once again the makefile mostly has you covered here, all you need to do is:</p>
<pre>sudo make install</pre>
<p>and the makefile will set up a dedicated service user and group called
<code>pkd</code> which controls access to the daemon and its resources, as well
as setting up the pk server as a systemd service called <code>pk</code>. This
will also start the pk server and enable it on startup.</p>
</section>
<section id="pkctl">
<h3>PKCTL Usage</h3>
<p>Once installed, you can use the following commands to interface with the pk
daemon controller:</p>
<p><code>systemctl start|stop|restart pk</code> — this controls the
daemon's life cycle.</p>
<p><code>pkctl attach</code> — this starts an interactive session with the
daemon, allowing you to control and interface with clients.</p>
</section>
<section id="keygen">
<h3>Host Key Generation</h3>
<p>Once you've installed the pk server you're going to want to change its
host key away from the default one which is used for testing purposes and is
widely available (read: not secure at all).</p>
<p>This is probably the only complicated part of the whole guide, mostly because
I haven't yet built a cute little utility to do it for you yet (I should
at some point). You're going to need to do the following (in your pk
directory):</p>
<pre>python3
>>> import crypto
>>> p,q,n,e,d = crypto.Crypto.keygen(4096)
>>> n</pre>
<p>Copy the number that python spits out here.</p>
<pre>
>>> d</pre>
<p>Also copy this number. Keep these two handy as we'll need them later.
Now open <code>/etc/pk/server_key.json</code> in your favorite editor and make
it read as follows (you can wipe out the current contents):</p>
<pre>{"n": <the number n we got from python>, "d": <the number d we got from python>, "e": 65537}</pre>
<p>At this point we're almost done, we just have to restart pk to reflect the
changes, so run:</p>
<pre>sudo systemctl restart pk</pre>
<p>and you should be good to go.</p>
</section>
<section id="users">
<h3>Local Users</h3>
<p>To allow non-root users on your system to use <code>pkctl attach</code>, you
will need to add them to the <code>pkd</code> user group. This is remarkably
simple to do on any unix system, just run:</p>
<pre>adduser [username] pkd</pre>
</section>
</div>
</div>
</body>
</html>
|
