Jump to content

Possible bug: SSH not working from C2


reinaertvdc
 Share

Recommended Posts

I configured C2 on my server and on my Pineapple Tetra. My Pineapple shows up in the C2 dashboard. However, each time I try to open and SSH connection, the terminal just says "Disconnected". Each time, C2 logs the following error:

http: superfluous response.WriteHeader call from github.com/hak5/cc-server/api/web.httperror (handlers.go:1657)

I've tried putting the "-sshport" on 2022 and on 443 (which was not otherwise in use). Each time, I've pushed the correct device.config file to my Pineapple and rebooted. Each time, I've made sure my Pineapple can indeed reach my C2 SSH port, by SSH'ing into my Pineapple and from there SSH'ing to the designated SSH port on my C2 server. This gives me the usual RSA fingerprint and "Are you sure you want to continue connecting (yes/no)?" so there shouldn't be any connection problems.

Might this be a bug, or am I missing something?

Link to comment
Share on other sites

  • 5 months later...

I get the same error while trying to connect to my Shark Jack. I'm using C2 Cloud version 2.1.2 and version 1.1.0 of the firmware.

I see that the shark jack is using this SSH command to connect to the C2 server:

{ssh} C2TERM -NR 22:localhost:22 c2.example.com -p 2022 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /root/.ssh/id_rsa

Won't the 22:localhost:22 interfere with the local SSH server running on the C2 server?

Link to comment
Share on other sites

  • 1 month later...
  • 1 month later...

To all having issues like "Disconnect" in the webbased terminal:

I had the same Issues, so I checked the traffic of a connected packet squirrel by connecting a plunderbug. The packet squirrel was able to connect to the Cloud C2 on port 2022 and the TCP connection was kept alive.

Then I checked the browser console when trying to open the webbased terminal and saw that for the webbased terminal websockets were used. websockets were not properly passed by my nginx reverse proxy, so here is my new working nginx config:

server {
server_name c2.mydomain.com;
# The internal IP of the VM that hosts your Apache config
set $upstream 10.13.37.123:8080;
location / {
proxy_pass_header Authorization;
proxy_pass http://$upstream;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Connection "upgrade";
proxy_set_header Upgrade $http_upgrade;
proxy_buffering off;
client_max_body_size 0;
proxy_read_timeout 36000s;
proxy_redirect off;
}

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/cloudy.mydomain.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/cloudy.mydomain.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = c2.mydomain.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


server_name c2.mydomain.com;
listen 80;
    return 404; # managed by Certbot
}

and the shell is now working 🙂

  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...