Jump to content

KeyCroc refuses to connect to c2


pissinthewind
 Share

Recommended Posts

I'm running the c2 community center edition on my windows 10 x64 machine.  I have c2 configured using:

 

c2_community-windows-64.exe -hostname 127.0.0.1 -listenport 80

 

C2 server gets up and running fine.  I log into it, create a new device for keycroc, download the device.config to the keycroc root dir, eject keycroc, reboot it (unplug and replug).  I set a ping to the croc's IP address (obtained from my router monitoring) and I see it is online and accessible on my internal network with the right IP address.  Nothing I do will get it online within C2 though.  I read a previous poster having similar issues who resolved it by SCP'ing the config file directly to the keycroc, since there is some translation issue across non*nix OS's I suppose.  Regardless, I have tried the same method as I just outlined, to no avail.  I have used winscp to transfer the config file, still no connection in C2.  I have connected over SSH to transfer the file and even edit it manually... no c2 connection.  I've reset up c2 to use an actual hostname, an internal IP, local ip.  I've stopped and restarted the server after copying and restarting the keycroc... no dice.  I have reset the keycroc to factory and updated to the latest 1.3_510 firmware and again tried every method i've outlined here but it will.not.connect.to.c2!  This is driving me insane.  Any thoughts or advice as to what I can try?  I should mention that I also copied the config file to every root folder and udisk folder and etc folder I could find in case I was just interpreting the location it is needed wrong.  Additionally, I have added the config file while in arming mode and attack mode in case that made any difference (it did not).  HELP!

Link to comment
Share on other sites

What address/hostname is visible in the device.config file that is created? (It's mainly binary garbage, but you can spot the port and hostname/address in plain text). Are you sure that the C2 server is set up in a way that it is accepting communications from other devices, i.e. is there any firewall (local or network) stopping the traffic? Run an nmap scan against the server (not the Key Croc) to find out if ports are listening and open or just dropping knocks on the door. Have you tried another IP address when starting Cloud C2 using parameters (i.e. a "real" IP address on the LAN or public IP) since 127.0.0.1 is localhost?

Edit: And also verify that you have port 2022 open since that's the port the devices connect to. "listenport" is just for the C2 web server.

Edited by chrizree
Added info
Link to comment
Share on other sites

Excellent points.  The address/hostname in the config file is always whatever I set the server to along w/ the port 80.  I set the c2 server up in the very most basic way and there are definitely no firewalls preventing communications or access.  I'll double check on the 2022 port and try an actual internal IP address as opposed to localhost.  That last bit really got me thinking... I'm not sure why I thought the keycroc would be able to communicate with localhost or any dns that isn't set in my router as well. 

Link to comment
Share on other sites

Oh boy.  It's always the simple thing that I overlook that causes me issues.  Thanks for pointing me in the right direction.  For anyone following this or for posterity in general: 


If your goal is to test c2 on a local network on a windows device, simply download c2 from hak5, extract the folder to whatever directory you want, then open admin cmd prompt, cd to the directory with the extracted c2 folder, run the x64 or x86 exe in that folder (pick the same as your OS architecture) appended with "-hostname windowsserverIPaddress -listenport 80".  Once you get the setup token, open a browser to localhost or 127.0.0.1 and fill out the appropriate details, log in, add device, download the setup device.config file, scp or copy it to the device you're connecting, restart the device and you should be good to go. 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...