Leaderboard

I guess there are quite few Enterprise users here on the forums, so submitting a support ticket to official support might be a good additional thing to do (and/or ask on Discord).

C² 3.4.0 has been released! Tons of improvements and some new features that have been long awaited; 2FA, user account invite links, built in application firewall and many performance improvements and bug fixes! https://downloads.hak5.org/cloudc2 If you have a server already running no need to download from the above link as always it will come through via OTA. New features are self explanatory however docs will be brought up to speed ASAP. Thanks for the feedback as always ❤️ Enjoy! Changelog General Added support and binaries for Apple Silicon devices. Adjusted update and license check-in intervals. Fixed a bug causing device online/sync/offline status to flip erratically. Addressed a rare race condition resulting in server hang. Drastically improved server DB performance across multiple areas. Removed static title from root index to eliminate identifiable information if server is scanned. Adjusted max picture upload size for sites/users/devices to ensure optimal server performance. Improved state syncing in the UI when navigating between components. Improved notification serving to prevent flooding users with a large number of notifications after extended periods of inactivity. Corrected a typo in audit logs when renaming a site. Added audit logging for user editing device actions. Added or adjusted various debug logging functionalities. Optimized default site/user/device pictures. Command Line Added a banner to the first start output. Included a -nobanner flag to omit the banner on first start. Implemented hostname checks for local/private IP ranges. Added output for current configuration. Detection of configuration changes now notifies the user. Server setup now generates a direct link to open the Setup page with a prepopulated token. Settings Added server configuration info. Added a loading spinner to log modals. Reorganized settings for improved accessibility. Application Firewall Added the ability to configure allow/deny rules for device/UI access using regex. Included a configurable "autoban" option for failed login attempts. Added firewall reset and -allowip commands to command line arguments for recovery purposes. User Accounts Added support for direct user invite links. Implemented support for 2FA. Added a configuration option to force 2FA enrollment. Provided the ability to force password reset upon the next login. Deleted users are now forcibly and instantly disconnected. Added an option to disable login for a user. Login Page Dynamically generated login prompt to enhance obscurity against scanners. Polished UX by replacing the background. Dashboard Added device last seen to the dashboard for a more real-time view of device check-ins. Fixed dashboard sorting issues. Fixed the dark mode banner. Fixed notifications theme. Corrected the display of offline device rows appearing as "half online." Overview Added last seen and time online to the Uptime card. Pineapple Recon Module Improved stats, pagination, sorting, filtering, scope, and live data update experience. Enhanced the cartography view with onclick filtering and camera travel. Orientation of nodes loosely generated based on signal strength in the cartography view. Pineapple Probes Module Fixed "Total Probes" and "Most probed SSID" stats. Added pagination, sorting, and filtering. Included confirmation dialogue for clearing probes. Enabled clicking on top probed SSIDs/MACs for filtering. Improved page loading performance and database efficiency for high-traffic devices. Pineapple PineAP Module Added confirmation dialogs for removing SSID from the pool and clearing SSID pool. Introduced deduplication when adding SSID to the pool. Included an "Enable Karma" option for a less fragmented experience (duplicate of Clients module). Fixed toggles flickering on load. Terminal Module Fixed UI component flickering on load. Addressed a regression loading context. Resolved a bug causing desync on recon status in C2 due to stopping tunneling services on a pineapple with recon running. Clients Module Improved page loading performance. Fixed an issue where table columns weren't device-specific. Added confirmation dialogs for "Forget" and "Disconnect" client buttons. Renamed "Allow Associations" to "Enable Karma" for clarity. Crab Fixed the issue where the server failed to ingest images properly, resulting in missing loot and error notifications. Improved page loading performance. Made minor UI adjustments to the Configuration module. Loot Module Fixed the "Learn more" link. Added titles when viewing or deleting loot. Rearranged the position of delete all, export, and filter fields. Automatically sorted by upload date and displayed size in a readable format. Enhanced the Export dialog and displayed file names in delete dialog. Croc Fixed rendering issues in keystroke history that removed leading/trailing spaces (underlying data unaffected, correct keylogs displayed in downloads).

Can't reproduce that. It took 10 seconds, tops, when I updated a lab C2 instance from 3.3.0 to the newly released version. There should be some output available (command line) where you can see that the 3.3.0 server is stopped and 3.4.0 is executed, but it depends on if you are running it as a service or start it manually.

There's actually no need to factory reset if you just forgot your password (if you've just had the Pineapple stored away for a year, you most likely have a fw of 1.1.0 or later installed that support this feature) https://docs.hak5.org/wifi-pineapple/faq/password-reset However, to troubleshoot your inability to access the Pineapple, more info is needed. When you connect the Pineapple to the Windows 11 PC, is there any new network interface showing on the PC? If the Pineapple shows up as a network interface, can you ping 172.16.42.1 from the PC? The 42.42 address isn't relevant to try to connect to since that should represent the PC itself (if you've followed the documented procedure of doing a factory reset, which you say you have). You should use the 42.1 address to reach the Pineapple (of course not specifying any port at all if trying to factory reset, i.e. not use port 1471 or anything else).

We have a lot, and I mean like shitloads (at least 100) old computers my high school, not to mention probably even more laptops (though they are often off, and are very cheap). Thought it'd be really fun to do something...anything to the network or computers (like maybe a botnet) wouldn't wanna do anything too evil/illegal tho. Don't really care what, any cool ideas... I don't really know what I'm doing so just any ideas are cool as long as you explain what the methods are so I can research them. I don't really know where to start right now. I'll try and get the IT guy/the principals' permission of course. I'm somewhat a beginner, so if you could say the names of the things you are doing so I can research them, that would be great. I literally have 3 years to figure it out. Most the network is wired, but laptops and phones connect to wireless, and the computers have trendmicro installed on them. Though I kind of have an advantage because I have access to like everywhere every day. for 3 years. All computers are windows 10. We have like 4 rooms with switches and stuff... lots and lots of cables in those rooms. I can probably get into them but I'll need the key (I know who has it) I really want to do something/learn how to do something but I don't know what to learn. P.S. if I end up doing this illegally (which I totally won't) I'm not gonna change anyone's marks or access anything, personally I don't really care about the stupid school data and the last thing I need is a zero when someone finds out my marks were changed. I'll probably just screw with people. ...Maybe play a particular song full blast during an assembly... -----> or on every computer at once <---- Just an idea. (every computer has a speaker)