NickBeanDNB

I removed the db file and reran the command without https and I can access the WebUI again. I had to reset it up from scratch, but hey, I am happy to be here, lol. Thanks for your help and walking me though this. I really appreciate your time and I know you didn't have to. I hope the rest of your day goes well.

Let's say that is what I did. What would be the correct process to resolve it? Also, seeking to understand here, if I were to remove the CloudC2 directory and database file(s), reboot, and then manually run C2 again, would it start?

Thank you!! Would the next step be the kill the processes by PID and then restarting the .service?

10510 ? S 0:00 sudo ./c2-3.3.0_amd64_linux -hostname X -https 10511 ? Ss 0:00 sudo ./c2-3.3.0_amd64_linux -hostname X -https 10512 ? Sl 0:00 ./c2-3.3.0_amd64_linux -hostname X -https 10519 ? Tl 0:00 ./c2-3.3.0_amd64_linux -hostname X -https

You are right, I think 2 instances are running somehow. Also, I did not check my processes earlier when you mentioned it. Thank you again for your help. ubuntu@ip-X:~$ sudo ss -tulpn | grep 2022 tcp LISTEN 0 4096 *:2022 *:* users:(("c2-3.3.0_amd64_",pid=10519,fd=7)) ubuntu@ip-X:~$ sudo netstat -tulpn | grep 2022 tcp6 0 0 :::2022 :::* LISTEN 10519/./c2-3.3.0_am

Okay, I saved it and ran the following commands, but still showing an error, so I know I messed up somewhere. (Ubuntu 22.04.1 LTS) sudo systemctl daemon-reload sudo systemctl enable cloudc2.service sudo systemctl start cloudc2.service sudo systemctl status cloudc2.service Active: failed (Result: exit-code) since Wed 2024-01-17 17:12:22 UTC; 11s ago Process: 11402 ExecStart=/usr/local/bin/c2-3.3.0_amd64_linux -hostname x -https -db /var/cloudc2/c2.db (code=exited, status=1/FAILURE) Jan 17 17:12:22 ip-x systemd[1]: Started Hak5 Cloud C2. Jan 17 17:12:22 ip-x c2-3.3.0_amd64_linux[11411]: [*] Initializing Hak5 Cloud C2 v3.3.0 Jan 17 17:12:22 ip-x c2-3.3.0_amd64_linux[11411]: [*] Hostname: x Jan 17 17:12:22 ip-x c2-3.3.0_amd64_linux[11411]: [*] DB Path: /var/cloudc2/c2.db Jan 17 17:12:22 ip-x c2-3.3.0_amd64_linux[11411]: [*] Validating License Jan 17 17:12:22 ip-x c2-3.3.0_amd64_linux[11411]: [*] License Valid Jan 17 17:12:22 ip-x c2-3.3.0_amd64_linux[11411]: [!] Error starting SSH server: listen tcp 0.0.0.0:2022: bind: address already in use Jan 17 17:12:22 ip-x systemd[1]: cloudc2.service: Main process exited, code=exited, status=1/FAILURE Jan 17 17:12:22 ip-x systemd[1]: cloudc2.service: Failed with result 'exit-code'. ~

I thought I resolved that the other day when you first stated it. I should be able to go in and edit it to the correct format and then restart the service, right?

I think I screwed it up when I was following (https://docs.hak5.org/cloud-c2/guides/lets-encrypt-ssl-configuration-and-device-enrollment) I used an IP address rather than a domain even though it literally says that you can't, LOL.

### /etc/systemd/system/cloudc2.service # [Unit] # Description=Hak5 Cloud C2 # After=cloudc2.service # [Service] # Type=idle # ExecStart=/usr/local/bin/c2-3.3.0_amd64_linux -hostname http://x/ -https -db /var/cloudc2/c2.db # [Install] # WantedBy=multi-user.target What is odd is that I edited it and removed the http:// after host name. Before that, I had my IP in there and you showed me that -https would not work with an IP so that is when I registered the domain and added it into the service file.

See attached for the open ports. I followed the directions to move the C2 binary and service file (cloudc2.service) to systemd so it would stay up, but I think I messed something up there. I was able to access the WebUI at one point before I attempted the Let's Encript and "service on boot" guides on the docs.hak5.org website.

No, I get the following error ERR_SSL_PROTOCOL_ERROR

Yes, I linked it to the static IP.

I definitely want to that the simpler route and use Let's Encrypt. I have not used that domain for anything yet and the only intention of obtaining it was for this.

I got a random one (x.uno) from Route 53, two days ago.

All devices will be on the same computer/home network.

I want to be able to connect to C2 from anywhere to 3 devices that I have set up at my home network (packet squirrel, key croc, and screen crab). I do want to use HTTPS, but I don't think a domain name would not be required for what I am planning. Pretty much, I am just wanting to learn more and play around with the tech, mostly the packet squirrel, that will be at my house, where ever I am. Obviously I am using everything on my own networks. I hope that helps and makes sense.

All ports are open per the instructions followed and I'm using Amazon Lightsail VPS following the instructions posted. I cannot access with the domain name or IP address from a browser. When I use port 8080 I get ERR_CONNECTION_REFUSED but when I use the static IP It returns ERR_SSL_PROTOCOL_ERROR. When I enter the domain name into the browser it returns the same. When I run 'sudo systemctl status cloudc2.service', it shows http instead of https in the domain name after -hostname. I'm not sure if that's important or not.

You are right on both. I used my static ip after -hostname in the second example and I think that messed up Let's Encript's SSL somehow. Also, I did already have a C2 instance in systemd which was cloud2.service. I edited the systemd service file to add new domain that I created yesterday. Now when I use "sudo systemctl status cloudc2.service", I get the following. (x & X are placeholders.) missing server name TLS handshake error from x:31579: acme/autocert: host "X" not configured in HostWhitelist I hope that makes sense. I don't now where to go or how to fix it and want to wipe it all and start over, but I feel like that does not teach me anything. Thank you again for your assistance.

I need some help and would like someone to assist me. I feel like I followed the directions, but I messed up somewhere as I went to relaunch using "sudo ./c2-3.3.0_amd64_linux -hostname https://X/" (which worked before), the following is provided. [*] Initializing Hak5 Cloud C2 v3.3.0 [*] Hostname: https://X [*] DB Path: c2.db [*] Initial Setup Required - Setup token: X [!] Error starting SSH server: listen tcp 0.0.0.0:2022: bind: address already in use Admittedly, I am at my knowledge limit, a bit lost, and not sure how to resolve this the correct way. I want to delete everything and start over, but wanted to see if someone here could help me first, lol. Thanks in advance!