Jump to content
Void-Byte

[UPDATED (04/05/2020)] Hak5 C2 Cloud Guide + Video (Ubuntu 20.04LTS)

Recommended Posts

Hello Everyone,

When this guide was first launched I was about mid-way through my studies in Networking and Systems Administration, and since I've learned a lot since then I decided to completely rework this guide (04/05/2020). I want to provide everyone with a guide that will not only get you up and running, but will also provide you with a stable environment as well. Please remember that I am NOT responsible for your actions, and you should never perform nor condone any illegal activities.

Notes: This installation guide is written ONLY for Ubuntu 18.04/20.04 LTS.

Step-By-Step Youtube Vide By Void-Byte || Step-By-Step Web Series By Hak5 (Darren)

Step 1. Update, upgrade, and clean your machine.

sudo apt -y update && sudo apt -y upgrade && sudo apt clean

step1.png.8cce7112b395eb35f04157c5df37e39b.png

Step 2. Install required packages.

sudo apt -y install unzip ufw

step2a.png.fa9399c89e2678548846c98677fa3b93.png

Step 3. Open ports depending on your needs (20, 2022, 80, 8080, 443).

sudo ufw allow 22,2022,80,8080,443/tcp && sudo ufw enable && sudo ufw reload

step3.png.4c943042024376bfd936231746ea6ed0.png

Step 4. Download and unzip the community ZIP files in the tmp directory.

sudo wget https://c2.hak5.org/download/community -O /tmp/community && sudo unzip /tmp/community -d /tmp

step4.png.7ea40a94f5828f38023f8a91328c74bd.png

Step 5. Move the c2_community* file to usr/local/bin, and create the require database directory.

sudo mv /tmp/c2_community-linux-64 /usr/local/bin && sudo mkdir /var/hak5c2

step5.png.b9a0c633ce2e8dc72a1cae30a22912f6.png

Step 6. Create a new systemd service to run the Hak5 C2 script.

sudo vim /etc/systemd/system/hak5.service

Step6.png.072c7543ac3e1f1e43357fe494e9d195.png

Step 7. Utilize a template below, or build your own.

Template A (https)

[Unit]
Description=Hak5 C2
After=hak5.service
[Service]
Type=idle
ExecStart=/usr/local/bin/c2_community-linux-64 -hostname IPAddressORHostname -https -db /var/hak5c2/c2.db
[Install]
WantedBy=multi-user.target

templateA.png.28bfb0ef4710f9267afbcf7ee2e18f14.png

Template B (http)

[Unit]
Description=Hak5 C2
After=hak5.service
[Service]
Type=idle
ExecStart=/usr/local/bin/c2_community-linux-64 -hostname IPAddressORHostname -db /var/hak5c2/c2.db
[Install]
WantedBy=multi-user.target

templateB.png.b053e980dc998107c8d0bfcd67dbdaaa.png

Template C (http / port 80)

[Unit]
Description=Hak5 C2
After=hak5.service
[Service]
Type=idle
ExecStart=/usr/local/bin/c2_community-linux-64 -hostname IPAddressORHostname -listenport 80 -db /var/hak5c2/c2.db
[Install]
WantedBy=multi-user.target

templateC.png.10bc71d750c7a501670b82e3e93c0949.png

Step 8. Reload the systemd daemon, enable the service, and start.

sudo systemctl daemon-reload && sudo systemctl enable hak5.service && sudo systemctl start hak5.service

step8.png.683110e1c2dcdc599316c42200befb62.png

Step 9. View the status of your service in order to view your key.

sudo systemctl status hak5.service

step9.png.b1a22eb5cbb925824ff2280c18f0745e.png

Step 10. Visit your website and fill in the required information to finalize.

website1.png.d4609147be939ee1b0a65bcf37950cff.png

Step 11. Sign into your Hak5 C2 website.

website2.png.247c49df53dce5eb8dd696662ca79ad2.png

Step 12. Add devices, export logs, and more!

website3.thumb.png.1a54062eb5d357cd3a50e7f4aa25a287.png

Woot!

Edited by Void-Byte
04-05-2020 Complete Guide Rework! Yay!

Share this post


Link to post
Share on other sites

Hi,

In step 4 you create the certificate files with certbot, but after that, the cert is not mentioned in any other step? Is it enough to just create the certificate and the server will know what to use?

Share this post


Link to post
Share on other sites

So, we do need to create our own cert then? Didn't see anything about that in the set up guide.

Share this post


Link to post
Share on other sites

@UnLo @Flatlinebb

The certbot fully automates the installation of the certificate. There's currently a bug as of 11/09/2019 that signs the certificate incorrectly. I submitted a bug report, and just waiting to hear back.

Share this post


Link to post
Share on other sites
On 11/13/2019 at 10:40 PM, Void-Byte said:

@UnLo @Flatlinebb

The certbot fully automates the installation of the certificate. There's currently a bug as of 11/09/2019 that signs the certificate incorrectly. I submitted a bug report, and just waiting to hear back.

Can you post more on this.  Using version 2.0.0 released on 8/6 installed on Debian had no issues.  You've got me curious to look into it.

Share this post


Link to post
Share on other sites

Hey @Void-Byte, having spent some more time with the software and reading the documentation for the C2 server, I believe that step 4 is unnecessary. Assuming the C2 bug is fixed, adding the -https switch when running the C2 binary creates the correct certificate for you. You do not need to generate the certificate manually with certbot. This would simplify your instructions for those not as familiar with certbot. However, since it does no harm, it is not critical that step 4 be skipped. If you were to actually use the certificate created by certbot, you would need to specify its location (and the key file) in the C2 command line, something like this:

/root/c2_community-linux-64 -db /root/c2.db -hostname c2.myhostname.com -https -keyFile /etc/letsencrypt/live/c2.myhostname.com/privkey.pem -certFile /etc/letsencrypt/live/c2.myhostname.com/fullchain.pem

 

Share this post


Link to post
Share on other sites
On 11/20/2019 at 9:50 AM, Flatlinebb said:

Hey @Void-Byte, having spent some more time with the software and reading the documentation for the C2 server, I believe that step 4 is unnecessary. Assuming the C2 bug is fixed, adding the -https switch when running the C2 binary creates the correct certificate for you. You do not need to generate the certificate manually with certbot. This would simplify your instructions for those not as familiar with certbot. However, since it does no harm, it is not critical that step 4 be skipped. If you were to actually use the certificate created by certbot, you would need to specify its location (and the key file) in the C2 command line, something like this:


/root/c2_community-linux-64 -db /root/c2.db -hostname c2.myhostname.com -https -keyFile /etc/letsencrypt/live/c2.myhostname.com/privkey.pem -certFile /etc/letsencrypt/live/c2.myhostname.com/fullchain.pem

 

Post has been updated to reflect suggestions, and updates from Hak5. LetsEncrypt option has been removed due to the implementation of ACME V2 via C2 V2.1.0.

Share this post


Link to post
Share on other sites

Right on i needed a simple guide so bad. Nut i still have a stupid question.do i put my private ip address or the generic 192. 168. Bla bla

Share this post


Link to post
Share on other sites
12 hours ago, nikmel420 said:

Right on i needed a simple guide so bad. Nut i still have a stupid question.do i put my private ip address or the generic 192. 168. Bla bla

@nikmel420 Are you asking about step 7? You put the IP address of the server where you will be running the C2 server. If you only want to access it on the local LAN, you put in the private IP address (which may  or may not be 192.168.blah.blah depending on your network). If you plan on accessing the C2 server from the public Internet, you will need to put your public IP address.

Share this post


Link to post
Share on other sites

Hi @nikmel420 as @Flatlinebb stated you will want to put your Domain Name (e.g. c2.fun.com) or your Servers IP Address (e.g. 1.1.1.1) after the "-hostname" argument in steps 7. If you are using a local machine such as your PC, Laptop, or Raspberry Pi you will want to use the IP Address of that machine such as 192.168.122.x. 

Share this post


Link to post
Share on other sites
6 hours ago, Void-Byte said:

Hi @nikmel420 as @Flatlinebb stated you will want to put your Domain Name (e.g. c2.fun.com) or your Servers IP Address (e.g. 1.1.1.1) after the "-hostname" argument in steps 7. If you are using a local machine such as your PC, Laptop, or Raspberry Pi you will want to use the IP Address of that machine such as 192.168.122.x. 

thank you both

Share this post


Link to post
Share on other sites

Just a note for individuals. If you are experiencing SSH issues (like others) please ensure that your C2 Cloud Server is up to date. When first logging in you should see a notification to upgrade.

Share this post


Link to post
Share on other sites

@Void-Byte

Apologies. I had a "senior moment". I now see that this thread has been going for some time and your post reminds users to ensure they are on the most current (2.1.2) release.

Share this post


Link to post
Share on other sites
On 11/4/2019 at 1:38 AM, Void-Byte said:

Step 8: Make your bash script executable.


sudo chmod +x scriptname

 

Share this post


Link to post
Share on other sites
Posted (edited)

A new version of the guide will be released today which will utilize systemd instead of a bash script. This will allow you to simplify the operation of Hak5 C2.

edit: It has been released on 04/05/2020 at 16:37 MST

Edited by Void-Byte

Share this post


Link to post
Share on other sites

Hi all goes according to plan until I check the system status and I get the following-

May 19 08:37:24 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:24 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:25 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:25 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:27 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:33 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:43:30 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:43:30 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:45:04 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:45:04 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

Share this post


Link to post
Share on other sites
16 hours ago, Jorchard said:

Hi all goes according to plan until I check the system status and I get the following-

May 19 08:37:24 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:24 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:25 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:25 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:27 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:33 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:43:30 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:43:30 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:45:04 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:45:04 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

Looks like you have named your systemd service something different other then hak5.service (CloudC2?). Please changed "After=hak5.service" to your systemd service name.

Share this post


Link to post
Share on other sites
On 5/20/2020 at 1:53 AM, Void-Byte said:

Looks like you have named your systemd service something different other then hak5.service (CloudC2?). Please changed "After=hak5.service" to your systemd service name.

Hi thanks for your reply. I think I had remnants of a previous installation which was causing a slight naming issue. Your prompt helped solve it.

 

Share this post


Link to post
Share on other sites

Just noticed that Darren made his own version with credit to me. I went ahead and updated the link to point to that video.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...