NickBeanDNB
-
Posts
19 -
Joined
-
Last visited
Posts posted by NickBeanDNB
-
-
1 hour ago, dark_pyrro said:
(if it's not a result of you manually starting C2 in a specific session without reboot)
Let's say that is what I did. What would be the correct process to resolve it?
Also, seeking to understand here, if I were to remove the CloudC2 directory and database file(s), reboot, and then manually run C2 again, would it start? -
Thank you!!
Would the next step be the kill the processes by PID and then restarting the .service?
-
10510 ? S 0:00 sudo ./c2-3.3.0_amd64_linux -hostname X -https
10511 ? Ss 0:00 sudo ./c2-3.3.0_amd64_linux -hostname X -https
10512 ? Sl 0:00 ./c2-3.3.0_amd64_linux -hostname X -https
10519 ? Tl 0:00 ./c2-3.3.0_amd64_linux -hostname X -https -
You are right, I think 2 instances are running somehow. Also, I did not check my processes earlier when you mentioned it. Thank you again for your help.
ubuntu@ip-X:~$ sudo ss -tulpn | grep 2022
tcp LISTEN 0 4096 *:2022 *:* users:(("c2-3.3.0_amd64_",pid=10519,fd=7))
ubuntu@ip-X:~$ sudo netstat -tulpn | grep 2022
tcp6 0 0 :::2022 :::* LISTEN 10519/./c2-3.3.0_am -
Okay, I saved it and ran the following commands, but still showing an error, so I know I messed up somewhere. (Ubuntu 22.04.1 LTS)
sudo systemctl daemon-reloadsudo systemctl enable cloudc2.servicesudo systemctl start cloudc2.servicesudo systemctl status cloudc2.service
Active: failed (Result: exit-code) since Wed 2024-01-17 17:12:22 UTC; 11s ago
Process: 11402 ExecStart=/usr/local/bin/c2-3.3.0_amd64_linux -hostname x -https -db /var/cloudc2/c2.db (code=exited, status=1/FAILURE)
Jan 17 17:12:22 ip-x systemd[1]: Started Hak5 Cloud C2.
Jan 17 17:12:22 ip-x c2-3.3.0_amd64_linux[11411]: [*] Initializing Hak5 Cloud C2 v3.3.0
Jan 17 17:12:22 ip-x c2-3.3.0_amd64_linux[11411]: [*] Hostname: x
Jan 17 17:12:22 ip-x c2-3.3.0_amd64_linux[11411]: [*] DB Path: /var/cloudc2/c2.db
Jan 17 17:12:22 ip-x c2-3.3.0_amd64_linux[11411]: [*] Validating License
Jan 17 17:12:22 ip-x c2-3.3.0_amd64_linux[11411]: [*] License Valid
Jan 17 17:12:22 ip-x c2-3.3.0_amd64_linux[11411]: [!] Error starting SSH server: listen tcp 0.0.0.0:2022: bind: address already in use
Jan 17 17:12:22 ip-x systemd[1]: cloudc2.service: Main process exited, code=exited, status=1/FAILURE
Jan 17 17:12:22 ip-x systemd[1]: cloudc2.service: Failed with result 'exit-code'.
~
-
I thought I resolved that the other day when you first stated it. I should be able to go in and edit it to the correct format and then restart the service, right?
-
I think I screwed it up when I was following (https://docs.hak5.org/cloud-c2/guides/lets-encrypt-ssl-configuration-and-device-enrollment) I used an IP address rather than a domain even though it literally says that you can't, LOL.
-
### /etc/systemd/system/cloudc2.service
# [Unit]
# Description=Hak5 Cloud C2
# After=cloudc2.service
# [Service]
# Type=idle
# ExecStart=/usr/local/bin/c2-3.3.0_amd64_linux -hostname http://x/ -https -db /var/cloudc2/c2.db
# [Install]
# WantedBy=multi-user.target
What is odd is that I edited it and removed the http:// after host name. Before that, I had my IP in there and you showed me that -https would not work with an IP so that is when I registered the domain and added it into the service file. -
See attached for the open ports.
I followed the directions to move the C2 binary and service file (cloudc2.service) to systemd so it would stay up, but I think I messed something up there. I was able to access the WebUI at one point before I attempted the Let's Encript and "service on boot" guides on the docs.hak5.org website. -
No, I get the following error
ERR_SSL_PROTOCOL_ERROR -
Yes, I linked it to the static IP.
-
I definitely want to that the simpler route and use Let's Encrypt. I have not used that domain for anything yet and the only intention of obtaining it was for this.
-
I got a random one (x.uno) from Route 53, two days ago.
-
All devices will be on the same computer/home network.
-
I want to be able to connect to C2 from anywhere to 3 devices that I have set up at my home network (packet squirrel, key croc, and screen crab). I do want to use HTTPS, but I don't think a domain name would not be required for what I am planning. Pretty much, I am just wanting to learn more and play around with the tech, mostly the packet squirrel, that will be at my house, where ever I am. Obviously I am using everything on my own networks. I hope that helps and makes sense.
-
All ports are open per the instructions followed and I'm using Amazon Lightsail VPS following the instructions posted. I cannot access with the domain name or IP address from a browser. When I use port 8080 I get ERR_CONNECTION_REFUSED but when I use the static IP It returns ERR_SSL_PROTOCOL_ERROR. When I enter the domain name into the browser it returns the same.
When I run 'sudo systemctl status cloudc2.service', it shows http instead of https in the domain name after -hostname. I'm not sure if that's important or not.
-
You are right on both. I used my static ip after -hostname in the second example and I think that messed up Let's Encript's SSL somehow. Also, I did already have a C2 instance in systemd which was cloud2.service. I edited the systemd service file to add new domain that I created yesterday. Now when I use "sudo systemctl status cloudc2.service", I get the following. (x & X are placeholders.)
missing server name
TLS handshake error from x:31579: acme/autocert: host "X" not configured in HostWhitelist
I hope that makes sense. I don't now where to go or how to fix it and want to wipe it all and start over, but I feel like that does not teach me anything. Thank you again for your assistance. -
I need some help and would like someone to assist me. I feel like I followed the directions, but I messed up somewhere as I went to relaunch using "sudo ./c2-3.3.0_amd64_linux -hostname https://X/" (which worked before), the following is provided.
[*] Initializing Hak5 Cloud C2 v3.3.0
[*] Hostname: https://X
[*] DB Path: c2.db
[*] Initial Setup Required - Setup token: X
[!] Error starting SSH server: listen tcp 0.0.0.0:2022: bind: address already in use
Admittedly, I am at my knowledge limit, a bit lost, and not sure how to resolve this the correct way. I want to delete everything and start over, but wanted to see if someone here could help me first, lol. Thanks in advance!
C2 - Error starting SSH server: listen tcp 0.0.0.0:2022: bind: address already in use
in Hak5 Cloud C²
Posted
I removed the db file and reran the command without https and I can access the WebUI again. I had to reset it up from scratch, but hey, I am happy to be here, lol. Thanks for your help and walking me though this. I really appreciate your time and I know you didn't have to. I hope the rest of your day goes well.