Teamserver

The Havoc Teamserver is the core server that starts listeners, interacts with agents and handles the operator's commands. The Teamserver can be configured using the Yaotl configuration language.

Flags

If we type ./havoc server -h we see a bunch of flags that the teamserver support.

$ ./havoc server -h
server command

Usage:
  havoc server [flags]

Flags:
      --profile string   set havoc teamserver profile
      --debug            enable debug mode
      --debug-dev        enable debug mode for developers (compiles the agent with the debug mode/macro enabled)
  -d, --default          uses default profile (overwrites --profile)
  -v, --verbose          verbose messages
  -h, --help             help for server

--profile is a flag that takes a string path to a yaotl configuration. This file contains values that the teamserver needs to run like what host and port to host the server on.

--debug is a flag that takes a boolean. It tells the teamserver to either run in debug mode or not. Debug mode contains a lot of information on what is currently happening. But it is recommended to have this flag turned to false which is by default. It is only used or recommended to be used when the teamserver unexpectedly exists or crashed to get further information for the cause and where it exactly happened.

--debug-dev is a flag that takes a boolean. This flag tells the teamserver agent builder to compile the agent with debug mode enabled. In this mode, the agent is going to print debug values. This can be helpful in case of the agent crashes, searching for the cause and debugging purposes. But it is recommended to have this flag turned to false which is by default.

-d | --default is a flag that takes a boolean. It tells the teamserver to use default values for running the server. But it is recommended to have this flag turned to false which is by default.

-v | --verbose is a flag that takes a boolean. It tells the teamserver to show the timestamp for each printed message. It is recommended to have this flag turned to true which isn't by default.

Example

A small example of how the teamserver flags can be used.

Note that the teamserver has the capability of binding to privileged ports, so running it with sudo is optional

Start the teamserver normally with verbose messaging:

./havoc server --profile profiles/havoc.yaotl -v

Start the teamserver with the default profile:

./havoc server -d

Start the teamserver with verbose and debug flag enabled:

./havoc server --profile profiles/havoc.yaotl --verbose --debug

Start the teamserver with the debug-dev to compile the agents in debug mode (mostly for debug purposes only or identify where the agent crashes):

./havoc server --profile profiles/havoc.yaotl --debug-dev

Logs

Havoc's teamserver logs everything from agent input and output to screenshots and downloads.