Jump to content

All Your Base

  • Content Count

  • Joined

  • Last visited

About All Your Base

  • Rank
  1. The only documentation whatsoever that I can find regarding the "-reverseProxy" switch of the C2 binary is the description listed for it by the binary itself, that is: "If set, Cloud C2 will work behind a reverse proxy" But, what does this "-reverseProxy" switch actually do more exactly? Which kind of "proxy" does it expect to be be placed behind? SOCKS? Pure TCP proxying à la nginx? Something else? And why does this require a switch like this to begin with? I can understand the obvious need for the "-reverseProxyPort" switch, since this would make sure that the client devices are informed to connect to the proxy port, while the C2 server itself will still listen in the "real" port, but again, what on earth does the "-reverseProxy" switch really do then? And also, which ports will be assumed to be "proxied" like this when this switch is provided? The HTTP and HTTPS port? The 2022 terminal port? Any other ports? Will I only be able to connect to these "proxy enabled" ports (whichever they are, and whatever proxy type that is expected) through a proxy when this "-reverseProxy" switch is provided (contrary to for example managing my C2 server through its HTTP admin GUI directly on the HTTP port from my local network)? If not, why isn't this "proxy support" always enabled otherwise? For a final more practical and specific question: If I have my C2 server behind a NAT firewall facing the internet, and I'm forwarding port 5678/tcp from the internet in this firewall, to port 443/tcp on the C2 server (that is, using NAT port forwarding with "port translation"), does this count as a "proxy" that would require this "-reverseProxy" switch, and more specifically which exact command line would be required for my C2 server to accommodate this specific situation?
  2. I've begun setting up my C2 today, and I'm really surprised that neither the official documentation (here), nor this forum, seems to contain any kind of comprehensive documentation for the network ports of the C2, like for example what they are respectively used for more exactly, and which of them are required to be exposed to the internet for the correct functionality (of the respective features) of the different Hak5 devices? Am I missing something obvious here, or isn't this one of the first questions asked by many people settings up any kind of server with ports exposed to the internet? Some important questions that I have regarding the ports are for example the following: Which ports of the C2 server are the required to expose to the internet in order for the different Hak5 devices to be able to connect back to the C2 over the internet? Which additional ports need to be exposed in order for any possible "extra features" of the different Hak5 devices to work (and in that case, which port for which feature)? Is it really true that I cannot use HTTPS over any other port than 443? In that case, why on earth is this? (I'd rather not draw unnecessary attention to my internet exposed server by exposing this standard HTTPS port to the internet) For security reasons (including "keeping a low profile" for my internet exposed server), I'd rather expose as few ports as possible to the internet. For example, if possible, it would be great if I only needed to expose one single (fully configurable!) port towards the internet in order for my Hak5 devices to work together with the C2, while keeping e.g. the HTTP admin GUI locked down completely network-wise, to rather only be accessed locally from my internal network. But this doesn't seem to be possible, am I right?
  • Create New...