Flatlinebb Posted November 12, 2019 Share Posted November 12, 2019 (edited) *sigh* I didn't think of myself a newb, but the Shark Jack has got me by the short and curly ones. I cannot get it connected to the C2 server. I have a C2 server running on a VPS. I solved the SSL issue I was having earlier by using certbot and issuing my own valid certificate for the public domain name. I can get to the C2 webui no problem. The Shark Jack is on the latest firmware, 1.1.0 I'm using the IP Blinker payload in attack mode, so I can SSH to the Shark Jack and confirm I have internet access. I can ssh into the SJ from a machine on the same LAN. I go to add the Shark Jack to C2 by adding a new device and then downloading the setup file "device.config". I scp that file to the Shark Jack and put it in the /etc/ folder. I manually run the C2CONNECT command .... and nothing happens. I took at a look at the C2CONNECT script, which, amongst other things, runs cc-client /etc/device.config When I run that manually, it executes and just sits there, not giving me the prompt back. And the SJ never checks into the C2 webui. I took a look at the device.config file and it has the public host name of the C2 server, port 443, and an ssh key. I even explicitly set the SSH port on the C2 server to port 2022 to make sure it matches the default settings. Help me, Darren Wan Kenobi, you're my only hope. Where am I going wrong here? EDIT: And then it magically started to work! The force is strong with this one. Just kidding. I fiddled with the C2 server options, after curl gave me some lip about the SSL certificate not being trusted. I looked into the issue and found that since I created the SSL certs and key manually, I had to specify the key, the cert AND the ca-bundle file at the command line when starting the C2 server. After changing the cert.pem file for the fullchain.pem file in the command line, curl stopped complaining and the SJ connected! Here is the full command line (with some obfuscation): /root/c2_community-linux-64 -db ./c2.db -hostname xxx.xxxxxxxx.xxx -https -keyFile /etc/letsencrypt/live/xxx.xxxxxxxx.xxx/privkey.pem -certFile /etc/letsencrypt/live/xxx.xxxxxxxx.xxx/fullchain.pem I even put some test loot files in the loot folder to further test the functionality, but the C2 server did not see them, claiming that the loot directory was empty. Is it looking specifically for .txt files only? I had the nmap output files in there (i like the -oA switch) which outputs the .xml, .nmap and .gnmap files: 192.168.0.1-24.gnmap 192.168.0.1-24.nmap 192.168.0.1-24.xml I'm just hoping to get answers to the little issues, and I'm hoping my adventures will help others. Edited November 12, 2019 by Flatlinebb Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.