ON-PREMISE

#Create a Virtual Machine & Install an OS onto the VM

#Upgrade the system repository & Upgrade the system to the newest version
root@aws:~$ sudo apt update
root@aws:~$ sudo apt upgrade

#install dependencies
root@aws:~$ sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

##Clone the Mythic C2 repository & install Mythic C2
root@aws:~$ mkdir -p C2
root@aws:~$ cd C2
root@aws:~$ git clone https://github.com/its-a-feature/Mythic --depth 1

#Install the C2 via a script
root@aws:~$ cd Mythic
root@aws:~$ sudo ./install_docker_ubuntu.sh
 * this cmd will install docker and docker compose plugin if not already installed on Ubuntu
 * use the specific shell script if on Kali or Debian distribution
    - ./install_docker_kali.sh or ./install_docker_debian.sh
    
#build the Mythic CLI
root@oco:~$ cd Mythic/Mythic_CLI
root@oco:~$ sudo apt install build-essential
 * this is required if you get an error msg stating "make cmd not found"
root@oco:~$ sudo make
root@oco:~$ cp mythic-cli ../

#Install the Mythic Apollo agent and the http C2 Profile

#Start the C2 server
root@aws:~$ sudo ./mythic-cli start

#access the C2 server via local port forwarding
root@oco:~$ ssh -i {keyFile}.pem user@AWS_EC_IP -L 7443:127.0.0.1:7443
 * the Mythic C2 Server is only accessible through https://127.0.0.1:7443
    - since there is no public IP to access this Mythic C2 server, it can only be accessed via local port forwarding and with the appropriate ssh key file
       - this method prevents the exposure of the C2 Server to the internet or by the blue team

#Access Mythic C2 via the browser
root@aws:~/Mythic$ cat .env
 * MYTHIC_ADMIN_PASSWORD="..."
    - this is the random password created for Mythic C2 Server
 * MYTHIC_ADMIN_USER="..."
    - this is the user credential
           
root@oco:~$ BROWSER > https://127.0.0.1:7443
 * the OCO VM accesses the C2 server through Local Port Forwarding
PreviousINSTALLATIONNextAWS EC2

Last updated