dark_pyrro

You have to be more detailed about the setup. Is ssh even installed/active/running? "open too", where? iptables in Ubuntu and/or the Lightsail firewall?

I have no idea how/why you were able to get netcat working, but checking the OS firewall shouldn't be enough to get things working on a Lightsail VPS, you need to open ports in the Lightsail firewall as well.

(And perhaps not a good idea to post the public IP of your VPS here)

Your VPS is obviously not available. Where did you check that port 22 is open?

Did you configure the 5 GHz adapter as recon interface? What method are you using when trying to get handshakes? In what way are you trying to deauth?

What happens if you run the following manually in a terminal on the Turtle? ssh-copy-id -i /root/.ssh/id_rsa.pub -p PORT USER@HOST where: PORT is the ssh port of your Lightsail VPS server USER is the ssh user on your Lightsail VPS server HOST is the IP address or the domain name of your Lightsail VPS server

What OS/distro are you running on the Lightsail VPS?

Setting up Cloud C2 in a Lightsail VPS as a service is really a convenient way to add functionality and make use of the Hak5 "eco system". Of course, it's good to learn about things like the AutoSSH concept of the Turtle and netcat and so on, but if you want a way to set up management of your Hak5 device, then start with Cloud C2, it's the easiest way in my opinion.

It totally depends on what you want to do. If you have the Hak5 devices located on the same local network as the Cloud C2 server, you don't need to use anything on the internet (such as a VPS for Cloud C2). But, if you want your Hak5 devices to be located where you normally don't have access, you most likely will need something that is facing the internet. You could place the C2 server in your own network, but then you will have to open ports in firewalls, etc. (depending on what your network looks like) and that's not something I would suggest doing if you're not 100% sure you're doing it the correct way. A dedicated VPS is better since it will "only" be the VPS being compromised if doing things wrong. If you set up your own network/firewalling the wrong way, the whole network might be compromised and that's not a scenario that will make you happy.

And, since already having a Lightsail VPS, why not use Cloud C2 for this?!

That's not a very informative way of trying to solve things. There is a root cause for this, and just labeling it as a "problem" doesn't help much. If you have issues copy the key, you need to be more specific about what you are doing and details of the actual result (error messages, other indicators of possible issues, etc.). If you're not detailed, then it's very difficult to try to assist you.

And when saying that, you mean the client that the Turtle is connect to using USB? Or do you mean "client" as in "customer"? Have you considered using the AutoSSH module for this?

I guess you have to be more detailed when it comes to your setup (cron jobs, etc) to be able to assist in troubleshooting and try to find what might be wrong. What is the actual goal of using netcat this way? There might be other ways of solving your use case scenario, but more info is needed to be able to understand why you want to do it the way you do now.

As said on the Google Play app page; the phone needs to be rooted for it to work. That's most likely why it's not working for you. It has nothing (or less) to do with the version of Android. There is probably a massive amount of info on how to root an Android phone if you just search for it on the internet. I usually root a phone when I need to run "full" Kali NetHunter on it, but you don't need to do that just to root the phone. Just search for it. I wouldn't advise doing so with an S22 though. Better to find an older used device to experiment with.

Is there an active/running netcat listener process started each time you try to get the Turtle to connect? I.e. the netcat listener on the server needs to be started and up and running before the Turtle can "phone home" using the reverse shell. Observe what happens on the server side when the Turtle drops the reverse shell. What happens to the netcat listener?

Is the phone you're trying to use rooted?

What type of reverse shell is used, and what type of cloud server? Is the server running netcat or something similar?

https://play.google.com/store/apps/details?id=org.hak5.android.plunderbug

As said, a possible way could be VT, but if there is sensitive info involved, it's not a relevant way to move forward (hence the question).

Yes, that's the intended way of communicating with the Shark. Either in attack mode or arming mode (depending on how you want to communicate with it, either way it's via ssh mainly, but there's a web interface as well). However, it is actually possible to connect to the battery based Shark using hardware serial, but that involves cracking the case open, soldering, etc. and (perhaps the most important) it will void any warranty of the product so it's not at all recommended.

You can't get serial communication working on the battery based Shark just by connecting it to a device (Android or computer) with a USB cable. It's only the Shark Jack Cable (the non-battery version), that allows serial communication. The USB-C port of the battery based Shark is just for charging the Shark.

What Android device are you using (make/model/Android version)? Using any kind of adapter in the "chain" between the Shark and the Android device? Or, just straight USB-C port on Android device >> USB-C connector on the Shark cable? Regarding laptop connection to the Shark; what OS are you running on the laptop? What software are you using to set the serial communication up? And, just to be sure; it's the cable version of the Shark you're using, not the battery based one, right?!

Post in the Shark Jack section of the forums

Well, in the "hak5c2-deployment.yaml" file you posted, the "hostname" parameter is set to "c2", then I guess it will be used when deployed. Reading the texts on the GitHub you linked kinda backs that up as I see it ("You can pass all parameters you would normally pass to the application to the container by adding them as an environment variable (except the hostname which is set by the docker "hostname" command)") So, if you want something else than "c2" to be used as hostname, I guess you need to specify exactly what you want to be used and nothing else. Did you try to run it with Docker alone (not jumping straight on the Kubernetes train)?

Where did that swap partition come from? It should only be one partition on the card. Also, try to set "fstype" to auto (but I guess that shouldn't change things).