Cloud C2 hung

[donnerparty]

I'd like to preface this with the fact I'm new to pen testing and networking in general. I created a server on Amazons Lightsail, it spun up as it should and I connected to Cloud C2. After about 5 minutes the webpage seems to become hung and nothing will load. If I navigate to the webpage from a different device I get the log in screen but then after putting in my credentials I get a spinning load wheel indefinitely. Has anyone seen this before? Thank you!

[chrizree]

Similar scenarios have been reported recently, both here in some threads and on Discord. Not sure if it's exactly the same but it sounds like it. As I've understood it, it's being checked to see if there are some real problems behind it all or a result of other circumstances.

[Handy Geek]

I am not sure, but it may have to do with the update 3.1.1.  I had my C2 up and running for weeks with LightSail, then I updated and it worked while I was using it that session and when I came back to it a couple of days later it would not load at all. I reviewed everything I setup by re-going though the steps to see if something had changed but it was all the same. I ended up deleting the service and c2 setup and have not gone back to it yet, but I do remember reading somewhere in my troubleshooting there was an issue with the (  After= Line in the vi code ) but I could not figure out why, it was the same as before ¯\_(ツ)_/¯.  I was going to go back here soon and reset-up the whole service with the 3.1.1 file instead of the previous 3.0.1 file and see if that helps, I am sure there is a way just swap the file in Linux but I thought it best to just do a fresh install.

[chrizree]

I've been on 3.1.1 since the day it was released and I haven't experienced any of the problems I've read about here and on Discord, perhaps I'm just lucky

[Handy Geek]

did you update via the GUI?

 

[chrizree]

yes

[Handy Geek]

Yeah I did too.  One thing I noticed with mine was that the ( /usr/...)  file remained the same file for the 3.0.1 version after the update. Should that have changed with the update or does it just add the necessary files into that same bin?

[donnerparty]

Thank you for the replies. It's nice to hear it wasn't just me. Being new to this I was excited I simply got it up and running, so when it wouldn't load I just attributed it to user error.

[chrizree]

10 hours ago, Handy Geek said:

Yeah I did too.  One thing I noticed with mine was that the ( /usr/...)  file remained the same file for the 3.0.1 version after the update. Should that have changed with the update or does it just add the necessary files into that same bin?

It depends on how your C2 instance is set up. If it updates to 3.1.1 it should update what's needed to "jump" to that version. Not sure what you mean by "add the necessary files into that same bin"; there is just one binary executable involved. Or, do you mean the directory /usr/local/bin? If you still have the 3.0.1 C2 binary in that directory after the update, I would say that the update wasn't successful. In what way do you verify that it is a 3.0.1 related file?

[Handy Geek]

It was still showing /usr/local/bin/c2-3.0.1 in the vi command. I did try to replace it after everything stopped working, but I am sure I just made it worst at that point lol. But I just went back to the download website to look at the file name for this post and realized that I was on 3.0.1 and then updated to 3.1.1 but skipped 3.0.2. So I am sure my update failed but I wonder if it had to do with skipping a version?

[chrizree]

vi? in what way does vi show anything related to that? you mean to display the service configuration file (if you have enabled C2 as a service that is)? how many C2 binary files do you have in /usr/local/bin ? what binary does the C2 service start? I'm not sure of how transparent the c2 database (c2.db) is when it comes to different versions of the C2 binary, but in worst case (if the db is binary version dependent), then you might start the C2 instance with an older binary and a newer c2.db "version" that expects a newer binary. I would advise not to use version specific naming in the service config file, but instead use a more generic approach with something like "c2_community-linux-64" as the name for the binary in the service.

[Handy Geek]

Yeah I had it enabled as service when I updated it. The ( ExecStart=/usr/local/bin/c2-3.0.1_amd64_linux -hostname ****.com -https -db /var/cloudc2/c2.db )  was the vi portion I was referring to, I am guessing that is service config file.  I probably had two files in the /usr/local/bin directory and tried to change it in the vi code after it stopped working. When you say "use generic approach" does that mean renaming the file, downloaded from the website, to something else and then using the new name in the service config file? I am still super new to all of this and am just running at it head long lol currently learning Linux, CCNA, VPS, VMs, and use playing with these tools, as a way to get hands on with the stuff that I am learning. 🙂

[chrizree]

It's rather difficult to troubleshoot when not having the full picture. I have a more "transparent" name for my binary when running the service, but not sure what effect it has during upgrades. All I know is that I haven't had any problems that others describe. I would rename the current binary and also temporarily stop the service and start the C2 instance manually (i.e. the same command string as in the service config file) and make sure that the output states that the most recent version is executed and not some older version (the output should be:   [*] Initializing Hak5 Cloud C2 v3.1.1 ).

[Handy Geek]

yeah I am actually just resetting it up completely from scratch. Do you have any tips to help keep it secure from the start. I use strong password and use a https domain, but is there any other small best practices, I can to at the beginning to help re-enforce, the security when running the the c2 as service?

[chrizree]

Not really, when it comes to the C2 binary itself, I trust that Hak5 keeps it secure as a concept. The only thing is to set the server itself up as secure as possible, but nothing special there apart from keeping just the needed ports open an upgrading the OS on a regular basis. When it comes to C2 setup, I used Darren's videos (2701 - 2703) and I've had no problems with that way of doing it.

[Handy Geek]

nice, that seems simple enough. Thank You 😁