Jump to content

[UPDATED (08/20/2022)] Hak5 C2 Cloud Installation Guide


Void-Byte

Recommended Posts

Posted

Hello Friends,
It's been quite a while! Please find a new 2022 update guide for the HAK5 C2 service below.

Notes: This installation guide is written ONLY for Ubuntu 18.04/20.04/22.04 LTS.

Step 1. Update, upgrade, and clean your machine.

sudo apt -y update && sudo apt -y upgrade && sudo apt clean

 

Step 2. Install required packages.

sudo apt -y install unzip ufw

 

Step 3. Open ports depending on your needs (20, 2022, 80, 8080, 443).

sudo ufw allow 22,2022,80,8080,443/tcp && sudo ufw enable && sudo ufw reload

 

Step 4. Download and unzip the community ZIP files in the tmp directory.

sudo wget https://c2.hak5.org/download/community -O /tmp/community && sudo unzip /tmp/community -d /tmp

 

Step 5. Move the c2_community* file to usr/local/bin, and create the require database directory.

sudo mv /tmp/c2-3.2.0_amd64_linux /usr/local/bin && sudo mkdir /var/hak5c2

 

Step 6. Create a new systemd service to run the Hak5 C2 script.

sudo vim /etc/systemd/system/hak5.service

 

Step 7. Utilize a template below, or build your own.

Template A (https)

[Unit]
Description=Hak5 C2
After=hak5.service
[Service]
Type=idle
ExecStart=/usr/local/bin/c2-3.2.0_amd64_linux -hostname IPAddressORHostname -https -db /var/hak5c2/c2.db
[Install]
WantedBy=multi-user.target

image.png.2f5b718989a913c6f5b720b021a3a9df.png

Template B (http)

[Unit]
Description=Hak5 C2
After=hak5.service
[Service]
Type=idle
ExecStart=/usr/local/bin/c2-3.2.0_amd64_linux -hostname IPAddressORHostname -db /var/hak5c2/c2.db
[Install]
WantedBy=multi-user.target

image.png.43c525150379aaf7da1a80daa1dc0473.png

Template C (http / port 80)

[Unit]
Description=Hak5 C2
After=hak5.service
[Service]
Type=idle
ExecStart=/usr/local/bin/c2-3.2.0_amd64_linux -hostname IPAddressORHostname -listenport 80 -db /var/hak5c2/c2.db
[Install]
WantedBy=multi-user.target

image.png.499357c6e370b45b11c1228dee77789b.png

Step 8. Reload the systemd daemon, enable the service, and start.

sudo systemctl daemon-reload && sudo systemctl enable hak5.service && sudo systemctl start hak5.service

 

Step 9. View the status of your service in order to view your key.

sudo systemctl status hak5.service

 

NOTE: If you receive the ERROR "http: TLS handshake error from 000.000.000.000:12345: acme/autocert: missing server name" this is due to you utilizing the IP Address of the machine, when you enabled a hostname. You can resolve this by utilizing your domain name instead, and creating the correct DNS records through your service provider.

Step 10. Visit your website and fill in the required information to finalize.

c2hak5setup.thumb.png.0d7c1d87cec9c89e3daeb03832f31660.png

Step 11. Sign into your Hak5 C2 website.

image.png.e686d04161050a81dae09e192b8c64cf.png

Step 12. Add devices, export logs, and more!

c2hak5dashboard.thumb.jpg.ec28cc29b00ccbe69f357a59a9310d5d.jpg

Note: Please ensure you close any unused ports after completion. ACME/AutoCert utilize port 80/8080 for authentication, but you should be able to close these ports once again until needed to recert.

Posted

Hi,

In step 4 you create the certificate files with certbot, but after that, the cert is not mentioned in any other step? Is it enough to just create the certificate and the server will know what to use?

Posted
On 11/13/2019 at 10:40 PM, Void-Byte said:

@UnLo @Flatlinebb

The certbot fully automates the installation of the certificate. There's currently a bug as of 11/09/2019 that signs the certificate incorrectly. I submitted a bug report, and just waiting to hear back.

Can you post more on this.  Using version 2.0.0 released on 8/6 installed on Debian had no issues.  You've got me curious to look into it.

Posted

Hey @Void-Byte, having spent some more time with the software and reading the documentation for the C2 server, I believe that step 4 is unnecessary. Assuming the C2 bug is fixed, adding the -https switch when running the C2 binary creates the correct certificate for you. You do not need to generate the certificate manually with certbot. This would simplify your instructions for those not as familiar with certbot. However, since it does no harm, it is not critical that step 4 be skipped. If you were to actually use the certificate created by certbot, you would need to specify its location (and the key file) in the C2 command line, something like this:

/root/c2_community-linux-64 -db /root/c2.db -hostname c2.myhostname.com -https -keyFile /etc/letsencrypt/live/c2.myhostname.com/privkey.pem -certFile /etc/letsencrypt/live/c2.myhostname.com/fullchain.pem

 

Posted
On 11/20/2019 at 9:50 AM, Flatlinebb said:

Hey @Void-Byte, having spent some more time with the software and reading the documentation for the C2 server, I believe that step 4 is unnecessary. Assuming the C2 bug is fixed, adding the -https switch when running the C2 binary creates the correct certificate for you. You do not need to generate the certificate manually with certbot. This would simplify your instructions for those not as familiar with certbot. However, since it does no harm, it is not critical that step 4 be skipped. If you were to actually use the certificate created by certbot, you would need to specify its location (and the key file) in the C2 command line, something like this:


/root/c2_community-linux-64 -db /root/c2.db -hostname c2.myhostname.com -https -keyFile /etc/letsencrypt/live/c2.myhostname.com/privkey.pem -certFile /etc/letsencrypt/live/c2.myhostname.com/fullchain.pem

 

Post has been updated to reflect suggestions, and updates from Hak5. LetsEncrypt option has been removed due to the implementation of ACME V2 via C2 V2.1.0.

Posted
12 hours ago, nikmel420 said:

Right on i needed a simple guide so bad. Nut i still have a stupid question.do i put my private ip address or the generic 192. 168. Bla bla

@nikmel420 Are you asking about step 7? You put the IP address of the server where you will be running the C2 server. If you only want to access it on the local LAN, you put in the private IP address (which may  or may not be 192.168.blah.blah depending on your network). If you plan on accessing the C2 server from the public Internet, you will need to put your public IP address.

Posted

Hi @nikmel420 as @Flatlinebb stated you will want to put your Domain Name (e.g. c2.fun.com) or your Servers IP Address (e.g. 1.1.1.1) after the "-hostname" argument in steps 7. If you are using a local machine such as your PC, Laptop, or Raspberry Pi you will want to use the IP Address of that machine such as 192.168.122.x. 

Posted
6 hours ago, Void-Byte said:

Hi @nikmel420 as @Flatlinebb stated you will want to put your Domain Name (e.g. c2.fun.com) or your Servers IP Address (e.g. 1.1.1.1) after the "-hostname" argument in steps 7. If you are using a local machine such as your PC, Laptop, or Raspberry Pi you will want to use the IP Address of that machine such as 192.168.122.x. 

thank you both

  • 2 months later...
Posted

Just a note for individuals. If you are experiencing SSH issues (like others) please ensure that your C2 Cloud Server is up to date. When first logging in you should see a notification to upgrade.

  • 2 weeks later...
Posted

Hi all goes according to plan until I check the system status and I get the following-

May 19 08:37:24 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:24 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:25 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:25 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:27 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:33 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:43:30 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:43:30 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:45:04 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:45:04 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

Posted
16 hours ago, Jorchard said:

Hi all goes according to plan until I check the system status and I get the following-

May 19 08:37:24 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:24 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:25 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:25 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:27 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:37:33 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:43:30 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:43:30 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:45:04 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

May 19 08:45:04 CloudC2 systemd[1]: hak5.service: Dependency After=hak5.service dropped

Looks like you have named your systemd service something different other then hak5.service (CloudC2?). Please changed "After=hak5.service" to your systemd service name.

Posted
On 5/20/2020 at 1:53 AM, Void-Byte said:

Looks like you have named your systemd service something different other then hak5.service (CloudC2?). Please changed "After=hak5.service" to your systemd service name.

Hi thanks for your reply. I think I had remnants of a previous installation which was causing a slight naming issue. Your prompt helped solve it.

 

  • Void-Byte changed the title to [UPDATED (09/22/2020)] Hak5 C2 Cloud Guide + Video (Ubuntu 20.04LTS)
  • Void-Byte changed the title to [UPDATED (09/22/2020)] Hak5 C2 Cloud Guide + Video (Linux)
  • 1 year later...
Posted

I need help 

 

1. sudo apt -y update && sudo apt -y upgrade && sudo apt clean [done]

2. sudo apt -y install unzip ufw [done]

3. sudo ufw allow 22,2022,80,8080,443/tcp && sudo ufw enable && sudo ufw reloadRules updated [done]

4. sudo wget https://c2.hak5.org/download/community -O /tmp/community && sudo unzip /tmp/community -d /tmp [done]
--2022-01-07 00:49:21-- https://c2.hak5.org/download/community
Resolving c2.hak5.org (c2.hak5.org)... 172.67.69.87, 104.26.5.130, 104.26.4.130, ...
Connecting to c2.hak5.org (c2.hak5.org)|172.67.69.87|:443... connected.
HTTP request sent, awaiting response... 307 Temporary Redirect
Location: https://storage.googleapis.com/cloudc2/c2-3.1.2.zip [following]
--2022-01-07 00:49:21-- https://storage.googleapis.com/cloudc2/c2-3.1.2.zip
Resolving storage.googleapis.com (storage.googleapis.com)... 172.217.24.48, 172.217.167.112, 142.250.66.176, ...
Connecting to storage.googleapis.com (storage.googleapis.com)|172.217.24.48|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 46214845 (44M) [application/zip]
Saving to: ‘/tmp/community’

/tmp/community           100%[===============================>]  44.07M  3.13MB/s    in 15s     

2022-01-07 00:49:37 (3.04 MB/s) - ‘/tmp/community’ saved [46214845/46214845]

Archive:  /tmp/community
  inflating: /tmp/c2-3.1.2_amd64_darwin  
  inflating: /tmp/c2-3.1.2_amd64_linux <<<<<<<<<<<< changed
  inflating: /tmp/c2-3.1.2_amd64_windows.exe  
  inflating: /tmp/c2-3.1.2_armv5_linux  
  inflating: /tmp/c2-3.1.2_armv6_linux  
  inflating: /tmp/c2-3.1.2_armv7_linux  
  inflating: /tmp/c2-3.1.2_armv8_linux  
  inflating: /tmp/c2-3.1.2_i386_linux  
  inflating: /tmp/c2-3.1.2_i386_windows.exe  
  inflating: /tmp/sha256sums   
  
5. sudo mv /tmp/c2_community-linux-64 /usr/local/bin && sudo mkdir /var/hak5c2  
mv: cannot stat '/tmp/c2_community-linux-64': No such file or directory

sudo mv /tmp/c2-3.1.2_amd64_linux /usr/local/bin && sudo mkdir /var/hak5c2 [done]

6. sudo nano /etc/systemd/system/hak5.service [done]

7. Template A used: [done, added server IP address as hostname 192.168.111.xxx]
[Unit]
Description=Hak5 C2
After=hak5.service
[Service]
Type=idle
ExecStart=/usr/local/bin/c2-3.1.2_amd64_linux -hostname 192.168.111.xxx -https -db /var/hak5c2/c2.db
[Install]
WantedBy=multi-user.target


8. sudo systemctl daemon-reload && sudo systemctl enable hak5.service && sudo systemctl start hak5.service [done]
Created symlink /etc/systemd/system/multi-user.target.wants/hak5.service → /etc/systemd/system/hak5.service.

9. sudo systemctl status hak5.service [done]
● hak5.service - Hak5 C2
   Loaded: loaded (/etc/systemd/system/hak5.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2022-01-07 00:52:37 PST; 6s ago
 Main PID: 27541 (c2-3.1.2_amd64_)
    Tasks: 14 (limit: 4630)
   CGroup: /system.slice/hak5.service
           ├─27541 /usr/local/bin/c2-3.1.2_amd64_linux -hostname 192.168.111.xxx -https -db /var/
           └─27545 /usr/local/bin/c2-3.1.2_amd64_linux -hostname 192.168.111.xxx -https -db /var/

Jan 07 00:52:37 ubuntu systemd[1]: Started Hak5 C2.
Jan 07 00:52:37 ubuntu c2-3.1.2_amd64_linux[27541]: [*] Initializing Hak5 Cloud C2 v3.1.2
Jan 07 00:52:37 ubuntu c2-3.1.2_amd64_linux[27541]: [*] Hostname: 192.168.111.xxx
Jan 07 00:52:37 ubuntu c2-3.1.2_amd64_linux[27541]: [*] DB Path: /var/hak5c2/c2.db
Jan 07 00:52:38 ubuntu c2-3.1.2_amd64_linux[27541]: [*] First Start. Initializing...
Jan 07 00:52:39 ubuntu c2-3.1.2_amd64_linux[27541]: [*] Initial Setup Required - Setup token: xxxx-xxxx-xxxx-xxxx   <<<<<<<<<<<<<< 
Jan 07 00:52:39 ubuntu c2-3.1.2_amd64_linux[27541]: [*] Running Hak5 Cloud C2
lines 1-16/16 (END)

 

My status output says initial setup is required instead of initial setup detected. 

I can't connect to https://192.168.111.xxx or 192.168.111.xxx on browser.

Error: 

This site can’t be reached192.168.111.xxx took too long to respond.
Try:

Checking the connection
Checking the proxy and the firewall
Running Windows Network Diagnostics
ERR_CONNECTION_TIMED_OUT

 

I need help to resolve this issue. I tried on both local ubuntu server and Amazon lightsail but same issue. 

Posted
On 1/8/2022 at 1:50 AM, dark_pyrro said:

Using the https parameter requires a domain name

I have also tried some domain name but I had same issue. Not sure what seems to be wrong. 

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...