SSC

Thx a lot - works for me too ;)

Awesome - thx!!! Always nice not to be the source of a problem :D But that essentially means, no SSDLC/DevSecOps dependency management lifecycle processes at hak5? I'm a little disappointed ;)

omg that sounds annoying, didn't know that ;) since I did the internal CA thing to save time and now I already pay for a VPS instance, that pain is out of question ;) The VPS firewall has 80, 8080, 443 and 2022 open, backend is a default LTS ubuntu without iptables, all the other ports (80, 8080, 2022) work without intervention (and the cloud c2 web interface works via browser, just the crab can't connect due to the tls: unknown certificate error)

I tried appending the public key to /etc/ssl/cert.pem (found the path in the howTo in https://docs.hak5.org/cloud-c2/guides/cloud-c-setup-with-self-signed-ssl-certificates) HTTP works both via IP and DNS. Tried HTTP with IP first, tried to switch to HTTPS with DNS, then went back to HTTP with DNS. I did use my own DNS servers to make an A entry and didn't use the VPS's nameservers, but that shouldn't make a difference, or should it?

I couln't bring my local installation to connect via https, the autoexec file ignored the copy commands for my self-signed CA public key (commands in the backend seem to be whitelisted as they should be ;)) so i've set up a amazon lightsail instance (exactly as described in the videos/howTos), made the dns entry and restarted the c2 binary with -hostname *DNS-entry* -https. now I just get the message "TLS handshare error from *ScreenCrab-IP* remote error: tls: unknown certificate everything worked with http and 8080, after switching to https and renewing the screencrab config, it stopped working and every few seconds the TLS handshake error is thrown. any ideas?

oh yes, the crab needs to make sure there is no MITM when its talking to the C2. didnt think anyone would implement SSL the way it should be, usually everyone disregards untrustable certs... how can I get my key on the crab? ssh login seems not to work with the web user...

ScreenCrab is running and connecting back to my Android Smartphone's WiFi, autoexec and wifiinfo works. C2 is running on 10.0.0.2 and has port forwards for 443 and 2022 from the external firewall. Certificate has been created externally, certificate and key (as well as self-signed ca) imported - C3 server configured for the same dns name that the server is running with -hostname C2 web interface on 443 as well as ssh on port 2022 are reachable from the internet. device.config is exported to the root of the sdcard. The device is still not registering/offline - any ideas?