Jump to content

NooBody

Active Members
  • Content Count

    18
  • Joined

  • Last visited

About NooBody

  • Rank
    Hak5 Fan

Recent Profile Visitors

687 profile views
  1. Hi Void-Byte, Thanks for the quick response 🙂 So installed certbot and tested against my host.domain see below - ./certbot-auto certonly Saving debug log to /var/log/letsencrypt/letsencrypt.log How would you like to authenticate with the ACME CA? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: Spin up a temporary webserver (standalone) 2: Place files in webroot directory (webroot) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2 Plugins selected: Authenticator webroot, Installer None Please enter in your domain name(s) (comma and/or space separated) (Enter 'c' to cancel): myserver.mydomain.co.uk Obtaining a new certificate Performing the following challenges: http-01 challenge for my server.mydomain.co.uk Input the webroot for my server.mydomain.co.uk: (Enter 'c' to cancel): /tmp Waiting for verification... Challenge failed for domain my server.mydomain.co.uk http-01 challenge for my server.mydomain.co.uk Cleaning up challenges Some challenges have failed. IMPORTANT NOTES: - The following errors were reported by the server: Domain: myserver.mydomain.co.uk Type: connection Detail: Fetching http://myserver.mydomain.co.uk/.well-known/acme-challenge/ec9VwCSkBLAHDEBLAHETC ETC: Timeout during connect (likely firewall problem) To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided. Now not sure if this is because I'm pointing directly to a server.domain rather that just a domain but didn't want to interfere with my company website... Also a couple of things on the potential firewall issue here 1. Is it really a firewall issue or more the fact the CloudC2 is using 8080 and not port 80 for the check? 2. Where is the check coming from Lets Encrypt or this machine I'm running it on? If so I may just need to open the FW range up from my ISP to LetsEncrypt or wider... Thanks for all your help with this! Regards B0b
  2. Hi Guys, I've been running Cloud C2 for a while now in the Azure cloud since I have a paid subscription. I've setup a VM with DNS alias from Azure to myserver.mycompany.com and opened all the relevant firewall ports from my ISP (limited for now). Running the service now using systemctl and works fine using 8080 however when I try https/443 and try to connect I get the following error - 2020/05/16 08:31:33 http: TLS handshake error from x.x.x.x:51597: acme/autocert: unable to satisfy "https://acme-v02.api.letsencrypt.org/acme/authz-v3/xxxxxx" for domain "myserver.mycompany.co.uk": no viable challenge type found Any ideas? Am thinking could be either IPv6, DNS or something Azure like casing the issues... As I've done mine specifically to a host rather than just the Domain as Darren did recently on the show - myserver.mycompany.co.uk. 1799 IN CNAME cloudc2server.somewhere.cloudapp.azure.com. cloudc2server.somewhere.cloudapp.azure.com. 9 IN A xx.xx.xx.xx Cheers Bob
  3. Hi Guys, Any updates to H2c so we can manage modules on the Pineapple etc from it? Got it setup in the cloud however reverted back to individual device management as need the module features on the Pineapple. Thanks Bob
  4. sorted! Was nothing to do with firewall... I performed a tcpdump -vv on both sides and found the error was an invalid token even though I was using the one I set. The problem was down to running the command line in a cron job so it auto restarts on reboot. I've subsequently got rid and run it as a backgrounded process (&) which seems to have done the trick. Cheers Bob
  5. further update opened all ports to my ISP range temporarily in Azure and stopped firewall daemon in Linux still the same so can't be firewall... (no problems with my ssh sessions at all either) Any help appreciated! 🙂
  6. Hi Guys, any ideas? Does it need more than port 8080 to establish a session? Firewall ports above have been opened on the Azure Resource group and in Linux with firewall-cmd... @Sebkinne@Foxtrot@Darren Kitchen - any ideas guys at a bit of a loss here? Thanks! Shaun
  7. Hi Guys, OK so really struggling with setting up H2c in the cloud with Azure. Tried with https originally and lets encrypt against the azure name and my own domain name but having issues so decided to try with default 8080 which worked or so I thought..... I've setup the firewall rules on the VM (<vm>-ng see attached screenshot) and also within the Linux VM using firewall-cmd which seemed to work OK (however even stopped the daemon) and have setup the c2 command line as a cron job (@reboot) I can get to the website now with my CNAME alias over 8080 however whenever I enter the details (license, token and new username and password) it flashes up with an error and takes me back to the same screen (attached screenshot). I managed to catch the error as "Your session has expired" which I don't understand as I get this even if I restart all my browsers and the service... Any ideas... getting frustrated now, am sure its an Azure thing but buggered if I know what.... Thanks for your help in advance Cheers Bob
  8. NooBody

    Install Tools

    Hi Seb, Do you have a similar area as https://storage.googleapis.com/bashbunny_tools/impacket-bunny.deb for Responder.deb I can download from? What would be the process to get them installed on an upgraded 1.1 Bash Bunny just place them in /tools? Struggling a bit here... Thanks! Bob
  9. NooBody

    Install Tools

    H Qdba, I tried your above suggestion of copying the .deb files to /tools but everything I put in there disappears once I safely unplug the BB and re-plug whether .deb or .py files. After putting the .deb files its flashing blue does that mean its worked? How would I know? Thanks Bob
  10. Is it possible to put the payload back to install the tools to the /tools area for decoder and impacket? Since the fw upgrade I seems to have an empty tools folder no pentest folder but a text file saying tools are installed... LOL Thanks!
×
×
  • Create New...