Jump to content

Guide - HAK5C2


Recommended Posts

This is probably common knowledge for most people here but thought it could be useful

  1. Apply for a license from HAK5 C2
  2. Get a Public IP such as ( for your server
  3. Get a public domain and point the dns record such as "cave.domain.com" to the IP
  4. Allow the DNS propagation to take plus I usually wait around 24 hours as Let's Encrypt DNS seems to be delayed a bit
  5. Ensure your servers firewall inbound rules allow "http (80) and https (443)" 
  6. Launch the C2 Servers on your box such as:  ./c2_community_linux64 -hostname "cave.domain.com" -https
  7. Take note of the setup token.  This will be used to validate the setup.

This will start the server and generate the configuration details and let's encrypt certificate within the database.

  1. Go to https://cave.domain.com
  2. Apply the setup token and the license key to the setup wizard and follow the steps.



  • If you stop the server and relaunch it the "setup token" will not re-appear so be sure to write this down.  It is required during setup.
  • If you can't remember the setup token, stop the C2 Server and delete the c2.db file and start from step #6.
  • You can copy the device.config into the respected device's /etc/ folder , once rebooting the device it should re-connect to your C2 Cloud Network.
Link to comment
Share on other sites

  • 6 months later...
On 10/8/2018 at 4:47 PM, Darren Kitchen said:

Correct. Rather than need a separate port for each device, all devices SSH back to C2 over 2022 by default. This can be configured with the -sshport argument.

Once the device SSH’s back into C2, what would be the best way to create a reverse tunnel and access the pineapple GIU interface from another computer?

Link to comment
Share on other sites

  • 6 months later...
  • 2 months later...


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...