C2, Lan Turtle, and SSH

[boxturtle]

I seem to have successfully stood up a C2 server (2.0.0 edition) and have connected a Lan Turtle to it. I can see the turtle in the dashboard, and the cc-client command appears to successfully connect (I spent a long time just getting to this point). When I try to light up an SSH connection from the browser, it doesn't work. From the browser's perspective it just looks like a timeout. From the turtle, I was able to capture a command that was executing:

 1673 root      3616 SN   {ssh} C2TERM -NR 22:localhost:22 XXXXX.YYYYY.cloudapp.azure.com -p 2022

This command executed for a little while on the turtle and then stopped. It certainly looks like a reverse SSH shell command, but why in the world is it assuming port 22 is open on the remote host (the -R option)? Of course it's not, and I'd venture to guess that's the reason this is failing.

Is there any way to override that?

[Audrick]

I am confused since I see the -p with 2022. I thought you only use one. Either -p or -R. Am I just not understanding the command. 

[Darren Kitchen]

I recommend checking your firewall settings. The C2 Server listens by default on port 2022 for incoming SSH connections. This is configurable with the -sshport parameter. From the CLI usage:

  -certFile string
    	Custom SSL Certificate file (disabled letsencrypt)
  -db string
    	Path to the c2 database (default "c2.db")
  -hostname string
    	Hostname of server (ip or DNS name)
  -https
    	Enable https (requires ports 80 and 443)
  -keyFile string
    	Custom SSL Key file (disables letsencrypt)
  -listenip string
    	IP address to listen on (default "0.0.0.0")
  -listenport string
    	Port of the HTTP server (default "8080")
  -reverseProxy
    	If set, Cloud C2 will work behind a reverse proxy
  -reverseProxyPort string
    	If reverseProxyPort is set, this port will be the internet facing port the Cloud C2 will be available at
  -sshport string
    	Port of the SSH server (default "2022")