Jump to content
Hak5 Forums
Sebkinne

Hak5 Cloud C2

Recommended Posts

Hi everyone,

We just launched the Hak5 Cloud C2!

I just wanted to give everyone a heads up and give some basic instructions on how to get everything set up:

Setting up the Hak5 Cloud C2 Server

To set up the Hak5 Cloud C2 server, simply head over to https://c2.hak5.org, download either the community or professional edition, and wait for an email to arrive with the download link and licence key.

Once you have downloaded the ZIP file containing the server, choose the correct version for your OS and architecture (such as linux 64bit), and execute the binary. You will be prompted to add some parameters such as '-hostname'. We recommend setting up the Hak5 Cloud C2 with DNS.

Once running, you will have a setup token printed to your terminal. Make a note of that and head over to the configured IP / DNS and port using your favorite web browser (Firefox or Chrome(ium) are recommended). You will be be guided through the setup there, and asked to enter your setup token and licence key.

After performing the initial setup, if you need further help, click on the three dots in the top right corner and click on "Help".

 

Update your device firmwares:

WiFi Pineapple

  • Update your WiFi Pineapple NANO or TETRA to version 2.4.0 or above, via the webinterface as you do normally

Packet Squirrel

LAN Turtle

  • Update your LT, LT-SD, or LT-3G by using the "Check for updates" button inside of the turtle shell. Alternatively, follow the manual upgrade instructions from https://lanturtle.com/setup.  You'll want to be on version 5 or above to have Cloud C2 support.

 

Provisioning your devices:

Once you have updated all of your Hak5 devices, you can go ahead and create new devices in the Hak5 Cloud C2 interface. After doing so, you'll be able to download the device.config files for each device by clicking the device from the list and then clicking the setup button from the device's menu.

Once you have the config file, SCP it into the /etc/ folder on your device of choice and reboot the device. You should see it come online in the Hak5 Cloud C2 interface within a few minutes.

Please remember that your devices will need to be networked to be able to reach the Hak5 Cloud C2 server (a mistake we made a lot during development).

 

Introducing the Hak5 Cloud C2 video:

 

  • Like 5
  • Upvote 1

Share this post


Link to post
Share on other sites

Huge, just huge... thank you dev team for putting this together. I can't wait to try it out.... now where is that Pi hiding...

  • Upvote 1

Share this post


Link to post
Share on other sites

You guys are awesome. Quick question about the Individual Pen Tester/Free version. What does "Single User, Single Site" mean exactly? Does that mean I can't have devices in more than 1 place at a time? I need to keep my Pineapples all in one place? Thanks!

 

D

Share this post


Link to post
Share on other sites

The business version will add the ability to logically differentiate by site, along with multiple logins for teams / collaboration. 

There is no limit to where devices may be deployed, however the stats on the home tab are aggregated from all devices in the site.

  • Like 1

Share this post


Link to post
Share on other sites
8 minutes ago, BngMan said:

for some strange reason i cannot download the settings for my pineapple in firefox :x

Seems it is a bug

 

Share this post


Link to post
Share on other sites
2 hours ago, Darren Kitchen said:

The business version will add the ability to logically differentiate by site, along with multiple logins for teams / collaboration. 

There is no limit to where devices may be deployed, however the stats on the home tab are aggregated from all devices in the site.

Awesome - this is great. I can't wait to play around with this tonight when I get home :)

Share this post


Link to post
Share on other sites
On 10/1/2018 at 8:43 PM, Sebkinne said:

Please remember that your devices will need to be networked to be able to reach the Hak5 Cloud C2 server (a mistake we made a lot during development)

as an enthusiast im wanting to learn so.....

im running everything on my home network.

 

1337th post

Edited by b0N3z

Share this post


Link to post
Share on other sites

Hey, how can I download Hak5 Cloud C2; I've placed order and everything got Order confirmed email as well as "Invoice for that order", but no download link?

Share this post


Link to post
Share on other sites

Appreciate any comments. I'm sure i'm not"getting" the instructions above... i did the download, and i have c2_community-linux-64 in my home directory. I then constructed the following string which i'm sure is wrong:

sudo ./c2_community-linux-64 -hostname 127.0.0.1 -https -listenip 127.0.0.1     and i get "Running Hak5 Cloud C2"


And when i go to use Firefox, i enter: http://127.0.0.1:8080 and i get the error message:

An error occurred during a connection to 127.0.0.1:8080. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG. The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

 

I also tried it without the -https.  Thanks for help!  --orrin

Edited by orrin

Share this post


Link to post
Share on other sites
29 minutes ago, orrin said:

Appreciate any comments. I'm sure i'm not"getting" the instructions above... i did the download, and i have c2_community-linux-64 in my home directory. I then constructed the following string which i'm sure is wrong:

sudo ./c2_community-linux-64 -hostname 127.0.0.1 -https -listenip 127.0.0.1     and i get "Running Hak5 Cloud C2"


And when i go to use Firefox, i enter: http://127.0.0.1:8080 and i get the error message:

An error occurred during a connection to 127.0.0.1:8080. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG. The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

 

I also tried it without the -https.  Thanks for help!  --orrin

There are a couple of issues I can see:

  1. Listening on 127.0.0.1 / setting the hostname to 127.0.0.1 while enabling https - This will not work, as HTTPS uses let's encrypt and expects a DNS name
  2. Listening on 127.0.01 - While this should work, devices (WiFi Pineapple, LAN Turtle, Packet Squirrel) will not be able to communicate with the server.

If you want to run it locally, I would suggest doing something like "sudo ./c2_community-linux-64 -hostname localhost".

  • Like 2

Share this post


Link to post
Share on other sites
1 hour ago, Sebkinne said:

There are a couple of issues I can see:

  1. Listening on 127.0.0.1 / setting the hostname to 127.0.0.1 while enabling https - This will not work, as HTTPS uses let's encrypt and expects a DNS name
  2. Listening on 127.0.01 - While this should work, devices (WiFi Pineapple, LAN Turtle, Packet Squirrel) will not be able to communicate with the server.

If you want to run it locally, I would suggest doing something like "sudo ./c2_community-linux-64 -hostname localhost".

Seb, i did "sudo ./c2_community-linux-64 -hostname localhost" and in the firefox browser "localhost:8080" and i get the setup screen, yay! but i couldn't find a "setup token" in or at my terminal. (I have my license key okay.)  Then i did "cat c2.db" and near the end of that file was " == token" + 4 groups of 4 letters, so i used that as a token.  Is that correct?

Then, on the setup screen, for Username and Password,  i just made up something new.

Then, after i get the setup done, do i understand you to mean that " -hostname localhost" won't allow communicating with the Pineapple? If that is the case, what would be an example of a -hostname that *would* allow comms with a Pineapple? Thanks... i got to the "Devices - Clients - Landscape" screen so i am making progress. ... Thanks for help!

Share this post


Link to post
Share on other sites

the token should of been on the output of the command line when it starts , the FIRST time .. if you cat or tail the db file i beleive the very last line should include the token .. it will be in all caps, and int i think the format of XXX-XXX-XXX

 

Hope this helps

Share this post


Link to post
Share on other sites

image.png

When running Hak5 Cloud C2 for the first time it will display the setup token as shown above.

If you haven't completed setup during this first run of the server and you've lost the terminal log / setup token - you can force initial setup again by deleting the c2.db file (or whatever other file you may have specified with -db).

Do this with caution as any connected device will then be lost - so if you've completed setup, added devices and deployed them in the field then deleting the .db file is absolutely not something you want to be doing.

  • Like 1

Share this post


Link to post
Share on other sites
14 hours ago, lowk3y said:

Hey, how can I download Hak5 Cloud C2; I've placed order and everything got Order confirmed email as well as "Invoice for that order", but no download link?

Check your spam folder for an email from Hak5 Downloads noreply@sendowl.com with a subject line containing your HakShop.com order number. 

Share this post


Link to post
Share on other sites
22 minutes ago, Darren Kitchen said:

Check your spam folder for an email from Hak5 Downloads noreply@sendowl.com with a subject line containing your HakShop.com order number. 

Fun, nothing in spam folder only mail from shop@hak5.org with subject "Order #xxxxxx confirmed", but without any links to download. It only says "..
Your order will ship as soon as possible — typically within 1-3
business days."

 

 

Share this post


Link to post
Share on other sites
4 hours ago, Darren Kitchen said:

image.png

When running Hak5 Cloud C2 for the first time it will display the setup token as shown above.

If you haven't completed setup during this first run of the server and you've lost the terminal log / setup token - you can force initial setup again by deleting the c2.db file (or whatever other file you may have specified with -db).

Do this with caution as any connected device will then be lost - so if you've completed setup, added devices and deployed them in the field then deleting the .db file is absolutely not something you want to be doing.

So, i missed seeing the token on first startup, but (as the suggestion just above yours says) i found "token XXXX-XXXX-XXXX-XXXX" at the tail end of the c2.db file. I used that and have gotten thru setup to the point where i see the "Devices - Clients - Landscape" screen.

So is that an okay way to retrieve the token? From the tail end of the c2.db file? Or should i delete c2.db and start over?      ... thanks

Share this post


Link to post
Share on other sites

Sebkinne, you wrote, in part:

15 hours ago, Sebkinne said:

If you want to run it locally, I would suggest doing something like "sudo ./c2_community-linux-64 -hostname localhost".


It does run like that, okay. But do i understand you correctly that it won't connect to my Pineapple when run like that? If that is the case, could you give me an example of a command-line that *will* allow me to connect to the Pineapple?  (C2 for dummies i guess.)    Like " -hostname 192.168.0.10" (if .10 is my ubuntu box) or should it be my network-assigned IP for the Pineapple. ... Thank you.

Share this post


Link to post
Share on other sites

Everyone,
This is how I see it. Please correct me if I am wrong....

orrin,
Its the IP (or DNS name if you have such a setup on an internal 192.168.xx.xx network) of the box you have put c2_community-linux-64 on. As I see it Cloud C² does not call up your devices, your devices call "home" to Cloud C². This will be the address that forms part of each device.config file so when your device goes online it knows where to call.

If you are testing Cloud C² on an internal / home network you could use sudo ./c2_community-linux-64 -hostname 192.168.0.10 if 192.168.0.10 is the computer running Cloud C². Of course if the device is not in your network a 192.168.xx.xx address will not be reachable over the Internet.

You then access the Cloud C² GUI using http://192.168.0.10:8080.

Then (once each device has had its device.config file generated and placed in the /etc/ directory on the device it was generated for, and the device is equipped / set to connect to the network) you can view the connections as they come in.

If you then later start up c2_community-linux-64 using different settings (like a different IP) you will need new device.configs for all the devices.

Same applies if you later point your external IP address to your Cloud C² box and start using a DNS name like cloudc2.example.com (where example.com is replaced by your domain) and https.

Basically once you have created device.config files for your devices you should use the same start-up settings for c2_community-linux-64 every time until you are finished, get all your devices back and can start all over again with different settings /options selected. 

Edited by aethernaut

Share this post


Link to post
Share on other sites

Aethernaut, Sebkinne, Darren & Florida Tech, thanks for all comments.  The gist is: success!   Details:

 

I got the C2 dashboard running. Generated a device.config file for a Pineapple, and scp'd it over to the Pineapple /etc/ directory, and rebooted it. The Pineapple connected to my home router via wlan2, got an IP address from the router. But the Pineapple wasn't showing up on the C2. Then i did a "remove" a couple times on the Pineapple. No joy.

Then i thought, well maybe i need to generate a new device.config file after removing and re-adding the device.  That worked finally. Yay!

Hope my experience helps a few more people too. I've been using Linux heavily for only a couple years, and only started watching Hak5 (and other sites) and decoding OOK (for example) in January 2018. I didn't know what SCP was until tonight.

Share this post


Link to post
Share on other sites

After playing for a few days there's one feature I would love to see implemented access to the management page of the Nano either forwarding 1471 to the server so you can access it through DNS or putting access to the management page in a tab on the C2 as once the pineapples deployed checking modules would be nice

Share this post


Link to post
Share on other sites

I don't see a github page... can we contribute?  I wrote BB Studio back in march and would be stoked to share what I learned.

 

Share this post


Link to post
Share on other sites
On 10/4/2018 at 9:34 PM, Darren Kitchen said:

Check your spam folder for an email from Hak5 Downloads noreply@sendowl.com with a subject line containing your HakShop.com order number. 

Ok, solved the mystery of not getting the email ..it seems this sendowl.com service is sending the email with non-deliverable mail so if you're having address verification turned on postfix it will bounce it back.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×