Jump to content


Popular Content

Showing content with the highest reputation on 07/08/2020 in all areas

  1. 1 point
    In short; one thing to check is the command line string that Cloud C2 is executed with, either if it is a service or started manually, and make sure the identification of the server (hostname) is correct since this is used when creating device.config files in the C2 web GUI. The TLDR version of this post is that I set up my Cloud C2 instance on a VPS and was trying it out when started manually. I added devices and everything was working as expected. I then set up my C2 instance with https and added it as a service and everything still worked as expected. Recently I was messing around with my LAN Turtle and had to remove it from C2. Since I didn't have any device.config file laying around, I created a new one in the C2 interface. After scp'ing the file to the LAN Turtle, it never showed up in Cloud C2. I tried to force the Turtle online using C2CONNECT but it just told me the device was already connected. Well, that made me start to think something fishy was going on. I then opened the device.config file to view its content. Although it's mainly filled with binary garbage, the domain name is visible in plain text and I could immediately notice that the domain name was wrong since it included the example.com domain. After calming down and removing the paranoia hat, I realized that I hadn't been hacked and it was most likely my bad. Heading over to the server running my C2 instance and executing ps ax, it was obvious that my C2 service was running with the wrong domain name/hostname. When changing to the correct domain name in the cloudc2.service file and restarting the service (and of course generating a new device.config file and adding it to my Turtle), the Turtle popped up on the beach again. So, I was a bit too quick when setting C2 up as a service according to Darren's video (link below), I just made a copy/paste of the service file example that is in the description of the video and didn't pay enough attention to the content (that included the domain example.com) https://www.youtube.com/watch?v=rgmL75ZBfSI Since everything was working fine for the other previously provisioned devices when running with example.com as hostname, I guess that the only use for the hostname parameter is to generate device.config files correctly.
  2. 1 point
  • Create New...