Jump to content

https without Let´s encrypt ? Own Cert / WAF / Proxy


Recommended Posts

Hi,

is there a way to enable https without the ACME (Let´s Encrypt) Client ? Like with an own Cert or with a WAF/Proxy in Front of the C2 Server ?

I have a OPNsense Firewall in front of my Network with an HAProxy that holds all needed Certs for my DNS entries. Also the the valid Cert for my C2 Public DNS. So i don´t need/can´t run the C2 Server in https itself since the acme client is unable to get a cert. BUT the Client´s should connect via a secure tunnel to my OPNSense Firewall and get redirected interal to the C2 Server.

But it looks like that the client doesn´t understand the https traffic, if the server itself doesn´t run in https mode. Maybe there is a flag missing in the config for https ?!

I start the Server with:

root@hak5c2:~/community# ./c2_community-linux-64 -hostname "c2.my-domain.tld" -listenport 80
[*] Initializing Hak5 Cloud C2
[*] Running Hak5 Cloud C2

With the HAProxy in front of the C2 that already holds the needed SSL-Cert, i´m able to connect via https to the C2 Server without any Error. I see the login screen.

https://c2.my-domain.tld

But, none client is able to connect this way. Are there any logs on the Pineapple for example for the C2 connect ?

Thanks for any help!

Link to post
Share on other sites

Hi BeNe,

Currently you are not going to be able to run the server in HTTPS mode with custom certificates / without the ACME client. An option allowing this is currently in the works.

If you wanted to run the Hak5 C2 Server behind a reverse proxy (with SSL or without), we will need to add an option to override the C2 URL which the clients use, as this is currently done automatically and would break the client configuration. This is also something currently in the works.

Both of these configurations will be available in the near future.

  • Like 1
  • Upvote 1
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...