boxturtle Posted August 6, 2019 Share Posted August 6, 2019 I seem to have successfully stood up a C2 server (2.0.0 edition) and have connected a Lan Turtle to it. I can see the turtle in the dashboard, and the cc-client command appears to successfully connect (I spent a long time just getting to this point). When I try to light up an SSH connection from the browser, it doesn't work. From the browser's perspective it just looks like a timeout. From the turtle, I was able to capture a command that was executing: 1673 root 3616 SN {ssh} C2TERM -NR 22:localhost:22 XXXXX.YYYYY.cloudapp.azure.com -p 2022 This command executed for a little while on the turtle and then stopped. It certainly looks like a reverse SSH shell command, but why in the world is it assuming port 22 is open on the remote host (the -R option)? Of course it's not, and I'd venture to guess that's the reason this is failing. Is there any way to override that? Link to comment Share on other sites More sharing options...
Audrick Posted August 16, 2019 Share Posted August 16, 2019 I am confused since I see the -p with 2022. I thought you only use one. Either -p or -R. Am I just not understanding the command. Link to comment Share on other sites More sharing options...
Darren Kitchen Posted August 18, 2019 Share Posted August 18, 2019 I recommend checking your firewall settings. The C2 Server listens by default on port 2022 for incoming SSH connections. This is configurable with the -sshport parameter. From the CLI usage: -certFile string Custom SSL Certificate file (disabled letsencrypt) -db string Path to the c2 database (default "c2.db") -hostname string Hostname of server (ip or DNS name) -https Enable https (requires ports 80 and 443) -keyFile string Custom SSL Key file (disables letsencrypt) -listenip string IP address to listen on (default "0.0.0.0") -listenport string Port of the HTTP server (default "8080") -reverseProxy If set, Cloud C2 will work behind a reverse proxy -reverseProxyPort string If reverseProxyPort is set, this port will be the internet facing port the Cloud C2 will be available at -sshport string Port of the SSH server (default "2022") Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.