Void-Byte Posted November 4, 2019 Posted November 4, 2019 Hello Friends, It's been quite a while! Please find a new 2022 update guide for the HAK5 C2 service below. Notes: This installation guide is written ONLY for Ubuntu 18.04/20.04/22.04 LTS. Step 1. Update, upgrade, and clean your machine. sudo apt -y update && sudo apt -y upgrade && sudo apt clean Step 2. Install required packages. sudo apt -y install unzip ufw Step 3. Open ports depending on your needs (20, 2022, 80, 8080, 443). sudo ufw allow 22,2022,80,8080,443/tcp && sudo ufw enable && sudo ufw reload Step 4. Download and unzip the community ZIP files in the tmp directory. sudo wget https://c2.hak5.org/download/community -O /tmp/community && sudo unzip /tmp/community -d /tmp Step 5. Move the c2_community* file to usr/local/bin, and create the require database directory. sudo mv /tmp/c2-3.2.0_amd64_linux /usr/local/bin && sudo mkdir /var/hak5c2 Step 6. Create a new systemd service to run the Hak5 C2 script. sudo vim /etc/systemd/system/hak5.service Step 7. Utilize a template below, or build your own. Template A (https) [Unit] Description=Hak5 C2 After=hak5.service [Service] Type=idle ExecStart=/usr/local/bin/c2-3.2.0_amd64_linux -hostname IPAddressORHostname -https -db /var/hak5c2/c2.db [Install] WantedBy=multi-user.target Template B (http) [Unit] Description=Hak5 C2 After=hak5.service [Service] Type=idle ExecStart=/usr/local/bin/c2-3.2.0_amd64_linux -hostname IPAddressORHostname -db /var/hak5c2/c2.db [Install] WantedBy=multi-user.target Template C (http / port 80) [Unit] Description=Hak5 C2 After=hak5.service [Service] Type=idle ExecStart=/usr/local/bin/c2-3.2.0_amd64_linux -hostname IPAddressORHostname -listenport 80 -db /var/hak5c2/c2.db [Install] WantedBy=multi-user.target Step 8. Reload the systemd daemon, enable the service, and start. sudo systemctl daemon-reload && sudo systemctl enable hak5.service && sudo systemctl start hak5.service Step 9. View the status of your service in order to view your key. sudo systemctl status hak5.service NOTE: If you receive the ERROR "http: TLS handshake error from 000.000.000.000:12345: acme/autocert: missing server name" this is due to you utilizing the IP Address of the machine, when you enabled a hostname. You can resolve this by utilizing your domain name instead, and creating the correct DNS records through your service provider. Step 10. Visit your website and fill in the required information to finalize. Step 11. Sign into your Hak5 C2 website. Step 12. Add devices, export logs, and more! Note: Please ensure you close any unused ports after completion. ACME/AutoCert utilize port 80/8080 for authentication, but you should be able to close these ports once again until needed to recert.
Flatlinebb Posted November 11, 2019 Posted November 11, 2019 Hi, In step 4 you create the certificate files with certbot, but after that, the cert is not mentioned in any other step? Is it enough to just create the certificate and the server will know what to use?
UnLo Posted November 12, 2019 Posted November 12, 2019 So, we do need to create our own cert then? Didn't see anything about that in the set up guide.
Void-Byte Posted November 14, 2019 Author Posted November 14, 2019 @UnLo @Flatlinebb The certbot fully automates the installation of the certificate. There's currently a bug as of 11/09/2019 that signs the certificate incorrectly. I submitted a bug report, and just waiting to hear back.
Cap_Sig Posted November 15, 2019 Posted November 15, 2019 On 11/13/2019 at 10:40 PM, Void-Byte said: @UnLo @Flatlinebb The certbot fully automates the installation of the certificate. There's currently a bug as of 11/09/2019 that signs the certificate incorrectly. I submitted a bug report, and just waiting to hear back. Can you post more on this. Using version 2.0.0 released on 8/6 installed on Debian had no issues. You've got me curious to look into it.
Flatlinebb Posted November 20, 2019 Posted November 20, 2019 @Cap_Sig, I think @Void-Byte might be talking about this bug I ran across as well: Darren acknowledged it to be a bug and promised a fix soon.
Flatlinebb Posted November 20, 2019 Posted November 20, 2019 Hey @Void-Byte, having spent some more time with the software and reading the documentation for the C2 server, I believe that step 4 is unnecessary. Assuming the C2 bug is fixed, adding the -https switch when running the C2 binary creates the correct certificate for you. You do not need to generate the certificate manually with certbot. This would simplify your instructions for those not as familiar with certbot. However, since it does no harm, it is not critical that step 4 be skipped. If you were to actually use the certificate created by certbot, you would need to specify its location (and the key file) in the C2 command line, something like this: /root/c2_community-linux-64 -db /root/c2.db -hostname c2.myhostname.com -https -keyFile /etc/letsencrypt/live/c2.myhostname.com/privkey.pem -certFile /etc/letsencrypt/live/c2.myhostname.com/fullchain.pem
Void-Byte Posted November 22, 2019 Author Posted November 22, 2019 On 11/20/2019 at 9:50 AM, Flatlinebb said: Hey @Void-Byte, having spent some more time with the software and reading the documentation for the C2 server, I believe that step 4 is unnecessary. Assuming the C2 bug is fixed, adding the -https switch when running the C2 binary creates the correct certificate for you. You do not need to generate the certificate manually with certbot. This would simplify your instructions for those not as familiar with certbot. However, since it does no harm, it is not critical that step 4 be skipped. If you were to actually use the certificate created by certbot, you would need to specify its location (and the key file) in the C2 command line, something like this: /root/c2_community-linux-64 -db /root/c2.db -hostname c2.myhostname.com -https -keyFile /etc/letsencrypt/live/c2.myhostname.com/privkey.pem -certFile /etc/letsencrypt/live/c2.myhostname.com/fullchain.pem Post has been updated to reflect suggestions, and updates from Hak5. LetsEncrypt option has been removed due to the implementation of ACME V2 via C2 V2.1.0.
nikmel420 Posted November 25, 2019 Posted November 25, 2019 Right on i needed a simple guide so bad. Nut i still have a stupid question.do i put my private ip address or the generic 192. 168. Bla bla
Flatlinebb Posted November 26, 2019 Posted November 26, 2019 12 hours ago, nikmel420 said: Right on i needed a simple guide so bad. Nut i still have a stupid question.do i put my private ip address or the generic 192. 168. Bla bla @nikmel420 Are you asking about step 7? You put the IP address of the server where you will be running the C2 server. If you only want to access it on the local LAN, you put in the private IP address (which may or may not be 192.168.blah.blah depending on your network). If you plan on accessing the C2 server from the public Internet, you will need to put your public IP address.
Void-Byte Posted November 26, 2019 Author Posted November 26, 2019 Hi @nikmel420 as @Flatlinebb stated you will want to put your Domain Name (e.g. c2.fun.com) or your Servers IP Address (e.g. 1.1.1.1) after the "-hostname" argument in steps 7. If you are using a local machine such as your PC, Laptop, or Raspberry Pi you will want to use the IP Address of that machine such as 192.168.122.x.
McFly Posted November 26, 2019 Posted November 26, 2019 @Void-Byte thank you very much for this great tutorial.
nikmel420 Posted November 26, 2019 Posted November 26, 2019 6 hours ago, Void-Byte said: Hi @nikmel420 as @Flatlinebb stated you will want to put your Domain Name (e.g. c2.fun.com) or your Servers IP Address (e.g. 1.1.1.1) after the "-hostname" argument in steps 7. If you are using a local machine such as your PC, Laptop, or Raspberry Pi you will want to use the IP Address of that machine such as 192.168.122.x. thank you both
Void-Byte Posted February 24, 2020 Author Posted February 24, 2020 Just a note for individuals. If you are experiencing SSH issues (like others) please ensure that your C2 Cloud Server is up to date. When first logging in you should see a notification to upgrade.
aethernaut Posted February 26, 2020 Posted February 26, 2020 @Void-Byte For something newer than 2.1.2 released in December 2019? Hak5 downloads doesn't show it...
aethernaut Posted February 26, 2020 Posted February 26, 2020 @Void-Byte Apologies. I had a "senior moment". I now see that this thread has been going for some time and your post reminds users to ensure they are on the most current (2.1.2) release.
aethernaut Posted March 2, 2020 Posted March 2, 2020 On 11/4/2019 at 1:38 AM, Void-Byte said: Step 8: Make your bash script executable. sudo chmod +x scriptname
Jorchard Posted May 19, 2020 Posted May 19, 2020 Hi all goes according to plan until I check the system status and I get the following- May 19 08:37:24 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped May 19 08:37:24 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped May 19 08:37:25 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped May 19 08:37:25 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped May 19 08:37:27 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped May 19 08:37:33 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped May 19 08:43:30 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped May 19 08:43:30 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped May 19 08:45:04 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped May 19 08:45:04 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped
Void-Byte Posted May 20, 2020 Author Posted May 20, 2020 16 hours ago, Jorchard said: Hi all goes according to plan until I check the system status and I get the following- May 19 08:37:24 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped May 19 08:37:24 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped May 19 08:37:25 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped May 19 08:37:25 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped May 19 08:37:27 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped May 19 08:37:33 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped May 19 08:43:30 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped May 19 08:43:30 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped May 19 08:45:04 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped May 19 08:45:04 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped Looks like you have named your systemd service something different other then hak5.service (CloudC2?). Please changed "After=hak5.service" to your systemd service name.
Jorchard Posted May 21, 2020 Posted May 21, 2020 On 5/20/2020 at 1:53 AM, Void-Byte said: Looks like you have named your systemd service something different other then hak5.service (CloudC2?). Please changed "After=hak5.service" to your systemd service name. Hi thanks for your reply. I think I had remnants of a previous installation which was causing a slight naming issue. Your prompt helped solve it.
Void-Byte Posted September 23, 2020 Author Posted September 23, 2020 New updated video has been added. Major quality improvements.
Jayel Posted January 7, 2022 Posted January 7, 2022 I need help 1. sudo apt -y update && sudo apt -y upgrade && sudo apt clean [done] 2. sudo apt -y install unzip ufw [done] 3. sudo ufw allow 22,2022,80,8080,443/tcp && sudo ufw enable && sudo ufw reloadRules updated [done] 4. sudo wget https://c2.hak5.org/download/community -O /tmp/community && sudo unzip /tmp/community -d /tmp [done] --2022-01-07 00:49:21-- https://c2.hak5.org/download/community Resolving c2.hak5.org (c2.hak5.org)... 172.67.69.87, 104.26.5.130, 104.26.4.130, ... Connecting to c2.hak5.org (c2.hak5.org)|172.67.69.87|:443... connected. HTTP request sent, awaiting response... 307 Temporary Redirect Location: https://storage.googleapis.com/cloudc2/c2-3.1.2.zip [following] --2022-01-07 00:49:21-- https://storage.googleapis.com/cloudc2/c2-3.1.2.zip Resolving storage.googleapis.com (storage.googleapis.com)... 172.217.24.48, 172.217.167.112, 142.250.66.176, ... Connecting to storage.googleapis.com (storage.googleapis.com)|172.217.24.48|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 46214845 (44M) [application/zip] Saving to: ‘/tmp/community’ /tmp/community 100%[===============================>] 44.07M 3.13MB/s in 15s 2022-01-07 00:49:37 (3.04 MB/s) - ‘/tmp/community’ saved [46214845/46214845] Archive: /tmp/community inflating: /tmp/c2-3.1.2_amd64_darwin inflating: /tmp/c2-3.1.2_amd64_linux <<<<<<<<<<<< changed inflating: /tmp/c2-3.1.2_amd64_windows.exe inflating: /tmp/c2-3.1.2_armv5_linux inflating: /tmp/c2-3.1.2_armv6_linux inflating: /tmp/c2-3.1.2_armv7_linux inflating: /tmp/c2-3.1.2_armv8_linux inflating: /tmp/c2-3.1.2_i386_linux inflating: /tmp/c2-3.1.2_i386_windows.exe inflating: /tmp/sha256sums 5. sudo mv /tmp/c2_community-linux-64 /usr/local/bin && sudo mkdir /var/hak5c2 mv: cannot stat '/tmp/c2_community-linux-64': No such file or directory sudo mv /tmp/c2-3.1.2_amd64_linux /usr/local/bin && sudo mkdir /var/hak5c2 [done] 6. sudo nano /etc/systemd/system/hak5.service [done] 7. Template A used: [done, added server IP address as hostname 192.168.111.xxx] [Unit] Description=Hak5 C2 After=hak5.service [Service] Type=idle ExecStart=/usr/local/bin/c2-3.1.2_amd64_linux -hostname 192.168.111.xxx -https -db /var/hak5c2/c2.db [Install] WantedBy=multi-user.target 8. sudo systemctl daemon-reload && sudo systemctl enable hak5.service && sudo systemctl start hak5.service [done] Created symlink /etc/systemd/system/multi-user.target.wants/hak5.service → /etc/systemd/system/hak5.service. 9. sudo systemctl status hak5.service [done] ● hak5.service - Hak5 C2 Loaded: loaded (/etc/systemd/system/hak5.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2022-01-07 00:52:37 PST; 6s ago Main PID: 27541 (c2-3.1.2_amd64_) Tasks: 14 (limit: 4630) CGroup: /system.slice/hak5.service ├─27541 /usr/local/bin/c2-3.1.2_amd64_linux -hostname 192.168.111.xxx -https -db /var/ └─27545 /usr/local/bin/c2-3.1.2_amd64_linux -hostname 192.168.111.xxx -https -db /var/ Jan 07 00:52:37 ubuntu systemd[1]: Started Hak5 C2. Jan 07 00:52:37 ubuntu c2-3.1.2_amd64_linux[27541]: [*] Initializing Hak5 Cloud C2 v3.1.2 Jan 07 00:52:37 ubuntu c2-3.1.2_amd64_linux[27541]: [*] Hostname: 192.168.111.xxx Jan 07 00:52:37 ubuntu c2-3.1.2_amd64_linux[27541]: [*] DB Path: /var/hak5c2/c2.db Jan 07 00:52:38 ubuntu c2-3.1.2_amd64_linux[27541]: [*] First Start. Initializing... Jan 07 00:52:39 ubuntu c2-3.1.2_amd64_linux[27541]: [*] Initial Setup Required - Setup token: xxxx-xxxx-xxxx-xxxx <<<<<<<<<<<<<< Jan 07 00:52:39 ubuntu c2-3.1.2_amd64_linux[27541]: [*] Running Hak5 Cloud C2 lines 1-16/16 (END) My status output says initial setup is required instead of initial setup detected. I can't connect to https://192.168.111.xxx or 192.168.111.xxx on browser. Error: This site can’t be reached192.168.111.xxx took too long to respond. Try: Checking the connection Checking the proxy and the firewall Running Windows Network Diagnostics ERR_CONNECTION_TIMED_OUT I need help to resolve this issue. I tried on both local ubuntu server and Amazon lightsail but same issue.
dark_pyrro Posted January 7, 2022 Posted January 7, 2022 Using the https parameter requires a domain name
Jayel Posted January 10, 2022 Posted January 10, 2022 On 1/8/2022 at 1:50 AM, dark_pyrro said: Using the https parameter requires a domain name I have also tried some domain name but I had same issue. Not sure what seems to be wrong.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.