Creating (fake) websites with Zola
A paper, almost in the form of a "Standard Operating Procedure" or walkthrough, on how you can use Zola to rapidly create and deploy websites for fake businesses/content, for the purposes of red team phishing campaigns. We'll walk through, step by step, getting setup with zola to generate our first fake company website. Once you've run through this process a couple times, you'll be ready to generate an entire website for a fake business and deploy it rapidly.
Building Fake Websites with Zola
INSTALL ZOLA
First thing we need to do is get zola installed. On Windows you can use chocolatey, but its even easier on Mac and linux. I won’t document that here right now. Just follow the Zola Install Guide.
QUICKSTART GUIDE
Zola Quickstart Guide.
Run zola with the name of your project (be sure a folder doesn’t already exist in same dir):
PS C:\Users\kirkt> zola init fakecompany
Welcome to Zola!
Please answer a few questions to get started quickly.
Any choices made can be changed by modifying the `config.toml` file later.
> What is the URL of your site? (https://example.com): http://myfakecompany.net
> Do you want to enable Sass compilation? [Y/n]: n
> Do you want to enable syntax highlighting? [y/N]: y
> Do you want to build a search index of the content? [y/N]: n
GENERATING CONTENT
The easiest way to quickly generate content that fits your use case is by installing a community theme. You can find a list of themes here: Zola Themes. Choose one that fits your fake business. Follow the github link listed on your theme’s page, and simply git clone the repo from within the themes folder of your target project.
PS C:\Users\kirkt\fakecompany> cd themes
PS C:\Users\kirkt\fakecompany\themes> git clone https://github.com/gicrisf/zplit.git
Cloning into 'zplit'...
remote: Enumerating objects: 161, done.
remote: Counting objects: 100% (161/161), done.
remote: Compressing objects: 100% (111/111), done.
Receiving objects: 100% (161/161), 1004.80 KiB | 7.61 MiB/s, done.
remote: Total 161 (delta 70), reused 129 (delta 41), pack-reused 0
Resolving deltas: 100% (70/70), done.
PS C:\Users\kirkt\fakecompany\themes> ls
Directory: C:\Users\kirkt\fakecompany\themes
Mode LastWriteTime Length Name
---- ------------- ------ ----
d----- 3/21/2023 9:59 AM zplit
The documentation at this point says to enable the theme in your config.toml in the main project, however we are going to take a few extra steps to speed up our process. Start by moving back into the main directory of the project and making a copy of the current config.toml.
PS C:\Users\kirkt\fakecompany\themes> cd ..
PS C:\Users\kirkt\fakecompany> ls
Directory: C:\Users\kirkt\fakecompany
Mode LastWriteTime Length Name
---- ------------- ------ ----
d----- 3/21/2023 9:53 AM content
d----- 3/21/2023 9:53 AM static
d----- 3/21/2023 9:53 AM templates
d----- 3/21/2023 9:59 AM themes
-a---- 3/21/2023 9:53 AM 487 config.toml
PS C:\Users\kirkt\fakecompany> mv .\config.toml ./config_OG.toml
Now copy the theme config.toml into the main directory.
PS C:\Users\kirkt\fakecompany> cp .\themes\zplit\config.toml .\config.toml
PS C:\Users\kirkt\fakecompany> ls
Directory: C:\Users\kirkt\fakecompany
Mode LastWriteTime Length Name
---- ------------- ------ ----
d----- 3/21/2023 9:53 AM content
d----- 3/21/2023 9:53 AM static
d----- 3/21/2023 9:53 AM templates
d----- 3/21/2023 9:59 AM themes
-a---- 3/21/2023 9:59 AM 1678 config.toml
-a---- 3/21/2023 9:53 AM 487 config_OG.toml
PS C:\Users\kirkt\fakecompany>
Once you have copied over the config.toml, open it in an editor and change the base URL to http://127.0.0.1:1111 or / (for testing) and under the title, add the line to use your theme, with the appropriate theme name.
title = "Zplit"
description = "A single page theme for a professional online presense."
theme = "zplit"
Depending on the theme you are installing, you may also want to copy over the theme content and templates folders. Just repeat the process of copying the config.toml over, but copy the /themes/yourthemename/content and /theme/yourthemename/templates folders into the main directory of your project.
Test the server with the zola serve command, from the main project directory, and open a browser to http://127.0.0.1:1111 to confirm it is working as expected.
zola serve
It should look like the theme that you picked out, exactly. If it is a default Zola page, then the theme is not working and you should double-check the config.toml file before proceeding. Also try copying the actual theme contents into your main directory as I described above in bold.
If everything is working as expected, then you can open the project in vs code or your desired editor (I highly recommend vs code for this particular use case), and start changing values and modifying content as needed. I find that it is helpful to keep the serving running and have it pulled up in a browser, and then have vs code up simultaneously. The zola server will identify that changes have been made when files are saved and the server will immediately refresh, allowing you to see your updates in real time.
For example, I usually move into the main directory of my project and run 'code .' to open the whole thing in vs code. I start with examining and modifying the config.toml to make sure the title, colors, and other foundational items are the way I want them to be set. Then I look at the /content/ folder and identify the pages which correspond to the html pages I see in the browser. For example, you can locate /content/pages/example.md and that should correspond to the page on your site at http://127.0.0.1:1111/pages/example or example.html.
DEPLOYING TO THE CLOUD
I wrote this next portion for GCP but it should work the same regardless of the cloud platform. Just make sure your ports 80 and 443 are open to the internet.
Create a new vm with a base ubuntu (non-CIS) image and make sure ports 80/443 are accessible in the vm settings. The below command can be used to move your local zola project into the web directory of your GCP host.
gcloud compute scp --recurse .\fakecompany\ --zone "us-central1-a" --project "myfakeproject" fakesitevm-1:./web/
When you are ready to serve your site from GCP, be sure to add an iptables rule to redirect the default zola port to port 80. Zola cannot bind to lower ports or run as root, by design.
sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 1111
Then start the zola server.
/snap/bin/zola serve --interface 0.0.0.0 --port 1111 --base-url /
Now you may be wondering, how do I serve https? For this, I use a CDN and let it handle all the https and serving a legitimate certificate. Again, this guide is for phishing with FAKE websites. If I can have someone else handle the https and cert, then why should I take that on? There are several CDN solutions to choose from. Just make sure to enable forced https and https rewrites, so that the CDN will serve up all your port 80 content over 443/https and handle the cert for you. If you really can't figure out this part, DM me on twitter.
twitter: Kirk Trychel (@Teach2Breach)