- Prepare the environment
- apt-get install apache2 mysql-server php5 phpmyadmin curl libcurl3 php5-curl build-essential php-pear
- Configure Apache to allow SSL connections.
- wget http://librarian.launchpad.net/7477840/apache2-ssl.tar.gz
- tar -zxvf apache2-ssl.tar.gz
- mv ssleay.cnf /usr/share/apache2/ssleay.cnf
- mkdir /etc/apache2/ssl
- ./apache2-ssl-certificate -days 3650
- a2enmod ssl
- a2ensite default-ssl
- Configure Throwback LP
- Open PHPMyAdmin by going to http://NAME-OF-SITE/phpmyadmin 1. Log into the database 2. Click on the SQL icon in the upper left corner 3. Paste the contents of throwbackcp.sql. This will create an empty database instance.
- Upload TB LP files to server
- Modify cp/includes/conf.php if any default installation instructions have been modified.
- Move index.php, res.php, and the cp folder to all the domains configured in /opt/web/
- You can now access the Throwback LP server at https://NAME-OF-SITE/cp/index.php
- The default username is root and the default password is Throwback!@#
- Configure Metasploit for use with Throwback
- Download and install Metasploit Framework
- See ./cp/includes/msfrpcd.php for detailed instructions
- Allow remote access to MySQL if necessary (if more than one LP)
- vim /etc/mysql/my.cnf and change bind-address to 0.0.0.0
- GRANT ALL ON throwbackcp.* TO tblp@'<ip_address>' IDENTIFIED BY 'ThrowbackPwnage!@#';
- FLUSH PRIVILEGES;