Asterix Posted October 28, 2020 Share Posted October 28, 2020 This is my first post for absolutely ages to the Hak5 community, and was prompted after I discovered an issue whilst following the various set up guides within the community, and having read some really negative and unfounded comments from others having a go at Hak5 for set up issues. [disclaimer] From the very start, let me say that the issues were caused by my Virtual Server hosts here in the UK (Fasthosts) and by there system built in Firewall policy. Kudos goes to Hak5 Darren for pointing me in the right direction as I thought I was losing the plot. With hindsight, I should have checked the default firewall policy offered by my VPS hosts first and not assumed that everything was taken care of by the control panel gui.... Having created a new Debian VPS I followed the installation and setup guide https://docs.hak5.org/hc/en-us/articles/360012947614-Installation-and-Setup which appeared to work, I was able to connect to my new Cloud C2 control panel and add the generated setup token and licence key, and then add my WIFI Pineapple Mark VII using the downloadable device.config file generated by C2, however my Pineapple VII was unable to communicate with C2 and the connection status showed "last seen: never" which was odd considering the port used showed on the server as "open" and was listed as such in the VPS firewall settings. I tried again using different ports, each time with the same results. Turns out that my VPS host (Fasthosts) automatically block ports opened using the ufw utility which I used during the set up process. ufw allow 22,2022,80,8080,443/tcp ufw enable ufw reload ufw status The results showed:- To Action From -- ------ ---- 22,43,80,2022,8080/tcp ALLOW Anywhere 22,43,80,2022,8080/tcp (v6) ALLOW Anywhere (v6) And so I believed that the firewall was created correctly and working as expected. But as the Pineapple could not see the VPS I needed to dig a little deeper. So next I verified that the ports were closed using Netcat / Nmap First I scanned for open ports :- (**replace 192.168.1.1 with the IP of your server) nmap 192.168.1.1 The results were:- PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 443/tcp closed https 2022/tcp closed down As I expected the ports to be open, I then asked nmap to check if the host was protected by a firewall nmap -sA 192.168.1.1 PORT STATE SERVICE 22/tcp filtered ssh 80/tcp filtered http 2022/tcp filtered down 8080/tcp filtered http-proxy Then I asked nmap to scan the host protected by a firewall nmap -PN 192.168.1.1 PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 2022/tcp closed down 8080/tcp closed http-proxy The results were exactly the same after I disabled the ufw firewall ? and so I spoke to the tech support guys at Fasthosts who told me that they automatically block certain ports and using ufw and their built in firewall could cause various problems. One of the VPS setting options with Fasthosts is to create a firewall rule, opening (or closing) various ports. The default settings already included 22, 80, and although I had added 2022 & 8080 and they showed as "open" in the Fasthosts GUI they were in fact "closed" as Fasthosts were themselves blocking the two ports (and some others). Enabling and disabling the ufw firewall didn't have any affect but by enabling the Fasthosts firewall and closing all ports, then enabling the ufw firewall allowed the Pineapple MkVII to finally connect to the C2 server. Lesson learned. Don't believe what the VPS host GUI tells you. Here are all of the steps I used to spin up the Cloud C2 server from a completely fresh Debian install which did not have any networking tools enabled, the steps include the changes to the filenames to version 3.0.0. I realise that you can string commands together using && and automate confirmation using -y flag First I installed all of the tools that I wanted to have on my new VPS, you may have different ideas, also I had given myself root permissions, but you could use the sudo command. apt install vim apt install netcat apt install net-tools apt install unzip apt install ufw apt install wget Then I opened the ports ufw allow 22,2022,80,8080,443/tcp ufw enable ufw reload ufw status Next, collect the setup file from Hak5 wget https://c2.hak5.org/download/community -O /tmp/community Then unzip it unzip /tmp/community -d /tmp The version I used (v 3.0.0) creates a folder in the temp directory called C2-3.0.0 (note capital C) and places the setup files inside. I'm going to be using c2-3.0.0_amd64_linux in my example. First move the unzipped files to the bin folder mv /tmp/C2-3.0.0 /usr/local/bin Then create a new directory mkdir /var/hak5c2 Then create a service using Vim or your favourite text editor. vim /etc/systemd/system/hak5.service Then enter the following (or cut and paste) replacing xxx.xxx.xxx.xxx with the IP address of your virtual server. This example uses https. [Unit] Description=Hak5 C2 After=hak5.service [Service] Type=idle ExecStart=/usr/local/bin/C2-3.0.0/c2-3.0.0_amd64_linux -hostname xxx.xxx.xxx.xxx -https -db /var/hak5c2/c2.db [Install] WantedBy=multi-user.target You can cut and paste into vim 1. copy the content of the text from the text file (Ctrl-C or right-click & copy) 2. open the file you want to edit with the vim editor. 3. type 'i' to enter the insert mode ( check at the bottom for — INSERT –) 4. hit this key combination: Shift + Right-click & choose the 'Paste' from the menu. To save and quit vim, press the escape key followed by : w q ( colon write quit) Now reload, enable and start the hak5 service systemctl daemon-reload systemctl enable hak5.service systemctl start hak5.service Check to see if the service is running systemctl status hak5.service You should get a confirmation that the service is running, along with a setup token which you will need to enter into the Cloud C2 setup page along with your License key and account information. It will look something like this:- Oct 28 14:15:51 localhost c2-3.0.0_amd64_linux[1665]: [*] Initial Setup Required - Setup token: ABCD-2EF3-G45H-6IMN Now open up your favourite web browser and enter the IP address of your VPS https://192.168.0.1/#/setup Fill in the blanks needed to validate your license etc You should now be able to add Hak5 gear. See https://docs.hak5.org/hc/en-us/articles/360014295634-Adding-Devices-to-Cloud-C2 I'm don't profess to be a Linux expert nor am I the best teacher, but hopefully someone will benefit from some of the information provided. Keep Safe Link to comment Share on other sites More sharing options...
odinroy Posted February 10, 2023 Share Posted February 10, 2023 impossible to mount, cloud, I'm with Debian running on a scratch, I constantly err file, does anyone know I'm doing wrong?thanks pi@raspberry:/ $ sudo systemctl status hak5.service ● hak5.service - Hak5 C2 Loaded: loaded (/etc/systemd/system/hak5.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Fri 2023-02-10 17:54:34 CET; 8s ago Process: 3399 ExecStart=/usr/local/bin/c2-3.2.0_i386_linux -hostname 192.168.5.73 -https -db /var/hak5c2/c2.db (code=exited, status=203/EXEC) Main PID: 3399 (code=exited, status=203/EXEC) CPU: 5ms Feb 10 17:54:34 raspberry systemd[1]: Started Hak5 C2. Feb 10 17:54:34 raspberry systemd[3399]: hak5.service: Failed to execute /usr/local/bin/c2-3.2.0_i386_linux: Exec format error Feb 10 17:54:34 raspberry systemd[3399]: hak5.service: Failed at step EXEC spawning /usr/local/bin/c2-3.2.0_i386_linux: Exec format error Feb 10 17:54:34 raspberry systemd[1]: hak5.service: Main process exited, code=exited, status=203/EXEC Feb 10 17:54:34 raspberry systemd[1]: hak5.service: Failed with result 'exit-code'. pi@raspberry:/ $ sudo vim /etc/systemd/system/hak5.service pi@raspberry:/ $ sudo systemctl status hak5.service Warning: The unit file, source configuration file or drop-ins of hak5.service changed on disk. Run 'systemctl daemon-reload' to reload units. ● hak5.service - Hak5 C2 Loaded: loaded (/etc/systemd/system/hak5.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Fri 2023-02-10 17:54:34 CET; 4min 42s ago Process: 3399 ExecStart=/usr/local/bin/c2-3.2.0_i386_linux -hostname 192.168.5.73 -https -db /var/hak5c2/c2.db (code=exited, status=203/EXEC) Main PID: 3399 (code=exited, status=203/EXEC) CPU: 5ms Feb 10 17:54:34 raspberry systemd[1]: Started Hak5 C2. Feb 10 17:54:34 raspberry systemd[3399]: hak5.service: Failed to execute /usr/local/bin/c2-3.2.0_i386_linux: Exec format error Feb 10 17:54:34 raspberry systemd[3399]: hak5.service: Failed at step EXEC spawning /usr/local/bin/c2-3.2.0_i386_linux: Exec format error Feb 10 17:54:34 raspberry systemd[1]: hak5.service: Main process exited, code=exited, status=203/EXEC Feb 10 17:54:34 raspberry systemd[1]: hak5.service: Failed with result 'exit-code'. Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 10, 2023 Share Posted February 10, 2023 4 hours ago, odinroy said: ExecStart=/usr/local/bin/c2-3.2.0_i386_linux -hostname 192.168.5.73 -https -db /var/hak5c2/c2.db There are more than one faulty use of C2 here. If you are using a Raspberry Pi, you can't use a Intel architecture binary. You have to use one that is suitable for the Raspberry Pi. Depending on what Pi model you are using and what OS, it's one of the Arm binaries, probably Armv7. Second thing, you can't use https along with an IP address if using the built in Lets Encrypt certificate. You need to use a domain name along with https. So, get a domain name or just run C2 without https. Also use the correct C2 binary. I would suggest getting everything to work properly by executing it manually from the command line before setting it up as a service. Link to comment Share on other sites More sharing options...
odinroy Posted February 11, 2023 Share Posted February 11, 2023 Yes, the https, remove it, and I have tried with all the files, and now I get a permission error, I am by SSH and graphical desktop, with root permissions, this is crazy, I do not know that I have closed so that I do not give permissions, the server now gives me problems too, the same is now issue of router or ports nose, In the end I take a hammer and solve it quickly with the Raspberry. 🙂 pi@raspberry:~ $ sudo systemctl daemon-reload sudo systemctl enable hak5.service sudo systemctl start hak5.service sudo systemctl status hak5.service ● hak5.service - Hak5 C2 Loaded: loaded (/etc/systemd/system/hak5.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Sat 2023-02-11 11:26:07 CET; 71ms ago Process: 3487 ExecStart=/usr/local/bin/c2-3.2.0_armv7_linux -hostname 192.168.5.73 (code=exited, status=203/EXEC) Main PID: 3487 (code=exited, status=203/EXEC) CPU: 4ms Feb 11 11:26:07 raspberry systemd[1]: Started Hak5 C2. Feb 11 11:26:07 raspberry systemd[3487]: hak5.service: Failed to locate executable /usr/local/bin/c2-3.2.0_armv7_linux: Permission denied Feb 11 11:26:07 raspberry systemd[3487]: hak5.service: Failed at step EXEC spawning /usr/local/bin/c2-3.2.0_armv7_linux: Permission denied Feb 11 11:26:07 raspberry systemd[1]: hak5.service: Main process exited, code=exited, status=203/EXEC Feb 11 11:26:07 raspberry systemd[1]: hak5.service: Failed with result 'exit-code'. Link to comment Share on other sites More sharing options...
odinroy Posted February 11, 2023 Share Posted February 11, 2023 Forbidden You don't have permission to access this resource. Apache/2.4.54 (Raspbian) Server at 192.168.5.73 Port 80 Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 11, 2023 Share Posted February 11, 2023 Apache... what else are you running on that Raspberry Pi device that seem to bind ports? What's the output of sudo netstat -tulpn | grep LISTEN What processes are listening to what ports? Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 11, 2023 Share Posted February 11, 2023 And... as I said before, try to run the C2 server manually first before trying to set it up as a service. Link to comment Share on other sites More sharing options...
odinroy Posted February 13, 2023 Share Posted February 13, 2023 El 11/02/2023 a las 19:23, dark_pyrro dijo: Y... como dije antes, intente ejecutar el servidor C2 manualmente antes de intentar configurarlo como un servicio. Voy a empezar de cero, reinstalando debian en la raspberry, porque es cierto que ya tenía un servidor web y es posible que haya conflictos, pero no sé cómo iniciar C2 manualmente, ni siquiera en windows . Creo que soy demasiado nuevo o tengo demasiado control con ciertas configuraciones. Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 13, 2023 Share Posted February 13, 2023 In English... Link to comment Share on other sites More sharing options...
odinroy Posted February 13, 2023 Share Posted February 13, 2023 Ups sorry I'm going to start from scratch, reinstalling debian on the raspberry, because it's true that I already had a web server and there may be conflicts, but I don't know how to start C2 manually, not even on windows . I think I'm too new or have too much control with certain settings. Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 13, 2023 Share Posted February 13, 2023 Starting from scratch is most likely a good way of moving forward. Starting C2 manually is not complicated at all. Especially not if reading the documentation or just simply reading the output when running the C2 binary without parameters. Looking at the videos available is also a source for knowledge. The most simple way of starting C2 from the command line is (for a ARMv7 based Pi): ./c2-*_armv7_linux -hostname <ip address of the Pi> Link to comment Share on other sites More sharing options...
odinroy Posted February 13, 2023 Share Posted February 13, 2023 6 minutes ago, dark_pyrro said: Starting from scratch is most likely a good way of moving forward. Starting C2 manually is not complicated at all. Especially not if reading the documentation or just simply reading the output when running the C2 binary without parameters. Looking at the videos available is also a source for knowledge. The most simple way of starting C2 from the command line is (for a ARMv7 based Pi): ./c2-*_armv7_linux -hostname <ip address of the Pi> I also think that by having, apart from the router, some repeaters to provide coverage to the room, I have a lot of trouble with port forwarding and IPs, I'm going to try again and we'll see if this time I'm less messed up. Thank you for your time, I'll tell you Link to comment Share on other sites More sharing options...
odinroy Posted February 13, 2023 Share Posted February 13, 2023 Indeed, I have repeated the entire process and now if the clud is activated, it does not give me errors, but I cannot enter through any browser, I don't know if it is something from the router or firewall, I will investigate. But the previous error is fixed, there was a conflict with the web server. Link to comment Share on other sites More sharing options...
odinroy Posted February 13, 2023 Share Posted February 13, 2023 ok, it's giving me a failed ssl connection :-(( Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 13, 2023 Share Posted February 13, 2023 14 minutes ago, odinroy said: it's giving me a failed ssl connection Where? In the browser when trying to access the C2 web UI? Are you using a web browser that has "always on https" (or whatever it's called in different browsers) enabled? Assuming you are running the C2 server only using http and the local IP address of the Pi, then you should make sure the browser isn't stopping you from using http. Also remember to use port 8080 (if you haven't changed anything). Link to comment Share on other sites More sharing options...
odinroy Posted February 13, 2023 Share Posted February 13, 2023 9 minutes ago, dark_pyrro said: ¿Dónde? ¿En el navegador al intentar acceder a la interfaz de usuario web de C2? ¿Está utilizando un navegador web que tiene habilitado "siempre en https" (o como se llame en diferentes navegadores)? Suponiendo que está ejecutando el servidor C2 solo usando http y la dirección IP local de Pi, entonces debe asegurarse de que el navegador no le impida usar http. También recuerde usar el puerto 8080 (si no ha cambiado nada). I have tried chrome, firefox, I have disconnected antivirus, and I have tried in windows and linux, and they all give me the same error. This website cannot be reachedThe page ***.***.*.*** has refused the connection. Try to: check connection Check proxy and firewall ERR_CONNECTION_REFUSED Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 13, 2023 Share Posted February 13, 2023 Can you ping the Pi machine from some other device on the same network? Link to comment Share on other sites More sharing options...
odinroy Posted February 13, 2023 Share Posted February 13, 2023 20 minutes ago, dark_pyrro said: ¿Puede hacer ping a la máquina Pi desde algún otro dispositivo en la misma red? I have the cloud working, it gives me a token and the ip address perfectly, but I can't enter. I have tried ping from another pc and it works fine, it gives me a response. And the server starts ok: pi@server:~ $ sudo systemctl status hak5.service * hak5.service - hak5 C2 Loaded: loaded (/etc/systemd/system/hak5.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2023-02-13 13:13:39 CET; 1min 28s ago Main PID: 449 (c2-3.2.0_armv7_) Tasks: 19 (limit: 1596) CPU: 779ms CGroup: /system.slice/hak5.service |-449 /usr/local/bin/C2-3.2.0/c2-3.2.0_armv7_linux -hostname 192.168.5.221 -https -db /var/hak5c2/c2.db `-804 /usr/local/bin/C2-3.2.0/c2-3.2.0_armv7_linux -hostname 192.168.5.221 -https -db /var/hak5c2/c2.db Feb 13 13:13:39 systemd server[1]: Started Hak5 C2. Feb 13 13:13:46 server c2-3.2.0_armv7_linux[804]: [*] Initializing Hak5 Cloud C2 v3.2.0 Feb 13 13:13:46 server c2-3.2.0_armv7_linux[804]: [*] Hostname: 192.***.***.*** Feb 13 13:13:46 server c2-3.2.0_armv7_linux[804]: [*] DB Path: /var/hak5c2/c2.db Feb 13 13:13:46 server c2-3.2.0_armv7_linux[804]: [*] Initial Setup Required - Setup token: B1BT-****-O2EZ-**** Feb 13 13:13:46 server c2-3.2.0_armv7_linux[804]: [*] Running Hak5 Cloud C2 Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 13, 2023 Share Posted February 13, 2023 I quote myself: On 2/10/2023 at 10:30 PM, dark_pyrro said: Second thing, you can't use https along with an IP address if using the built in Lets Encrypt certificate. You need to use a domain name along with https. https://forums.hak5.org/topic/53537-step-by-step-cloud-c2-setup/?do=findComment&comment=360804 You can not use the https parameter along with an IP address if using the built in LetsEncrypt certificate handling! Still you start the service with: 8 minutes ago, odinroy said: /usr/local/bin/C2-3.2.0/c2-3.2.0_armv7_linux -hostname 192.168.5.221 -https -db /var/hak5c2/c2.db Link to comment Share on other sites More sharing options...
odinroy Posted February 13, 2023 Share Posted February 13, 2023 5 minutes ago, dark_pyrro said: I quote myself: https://forums.hak5.org/topic/53537-step-by-step-cloud-c2-setup/?do=findComment&comment=360804 You can not use the https parameter along with an IP address if using the built in LetsEncrypt certificate handling! Still you start the service with: OMG it's true, I didn't realize in that command line to remove it, I'm going to repeat the process again, we'll see what happens now. Thank you Link to comment Share on other sites More sharing options...
odinroy Posted February 13, 2023 Share Posted February 13, 2023 It's finally here!!! , now I'm afraid to turn off the raspberry ;-), I hope it will still work when I start it. Thank you very much for the help, otherwise it would have been impossible. Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 13, 2023 Share Posted February 13, 2023 One thing that might be a problem is that the Pi most likely doesn't get the network up and running before the Cloud C2 service starts. This will lead to a situation where Cloud C2 isn't starting on boot as it should be doing. This is happening because C2 checks if it's a valid license at every start and if C2 hasn't got any internet connection to verify the license, then the service will fail. You can solve this by adding a "sleep" to the service file. 20-30 seconds will be enough. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.