hbackus Posted April 23, 2021 Share Posted April 23, 2021 The version of Cloud C2 is 3.1.2; Packet Squirrel is FW 3.2. When the Packet Squirrel is in Arming mode it is listed with the Uptime incrementing. When the Packet Squirrel is in Switch1 position the Uptime say Last Seen. The USB storage on the Packet Squirrel collects data from TCPDump OK when in postion 1. Any ideas on why, when the Packet Squirrel is in Switch1 position that the Cloud C2 Does not show it as Running? ~hbackus Link to comment Share on other sites More sharing options...
chrizree Posted April 23, 2021 Share Posted April 23, 2021 What TCPDump payload are you using? Some payload of your own or the one that's on GitHub? Is the NETMODE set to TRANSPARENT in the payload script? If so, read the documentation about NETMODE TRANSPARENT https://docs.hak5.org/hc/en-us/articles/360010554633-NETMODE https://github.com/hak5/packetsquirrel-payloads/blob/master/payloads/library/sniffing/tcpdump/payload.sh Link to comment Share on other sites More sharing options...
hbackus Posted April 24, 2021 Author Share Posted April 24, 2021 The TCPDump payload is the default payload.sh that comes with the Packet Squirrel. The NETMODE setting is set to TRANSPARENT. I will review the links you sent. Link to comment Share on other sites More sharing options...
hbackus Posted April 25, 2021 Author Share Posted April 25, 2021 I changed the NETMODE to BRIDGE and can see the device in C2. I have another issue with C2 not able to open a Terminal session back to the Packet Squirrel from C2. Do I need to open a new request or can I continue requesting assistance via this post? Link to comment Share on other sites More sharing options...
hbackus Posted April 25, 2021 Author Share Posted April 25, 2021 Disregard request to continue discussion on SSH issue. I will use post "VPN service to C2 works OK until opening SSH terminal to Hak5 device" to continue trouble shooting the issue with Terminal not connecting to devices listed in my C2 instance. Link to comment Share on other sites More sharing options...
vapekls1 Posted July 19, 2021 Share Posted July 19, 2021 On 4/23/2021 at 2:56 PM, chrizree said: What TCPDump payload are you using? Some payload of your own or the one that's on GitHub? Is the NETMODE set to TRANSPARENT in the payload script? If so, read the documentation about NETMODE TRANSPARENT https://docs.hak5.org/hc/en-us/articles/360010554633-NETMODE https://github.com/hak5/packetsquirrel-payloads/blob/master/payloads/library/sniffing/tcpdump/payload.sh PACKET SQUIRREL IS NOT WORKING IN SWITCH 1 POSTION AS WELL AFTER A LOT TROUBLE SHOOTING GOING ON. Link to comment Share on other sites More sharing options...
chrizree Posted July 19, 2021 Share Posted July 19, 2021 That sentence doesn't say much about the actual problem. How is it not working? The payload in switch1 only or not showing up in C2 (since the later is what this thread is about, if not, the question should be asked in the Packet Squirrel section of the forum)? What payload do you have in switch1? What troubleshooting have you made? And, hey, your keyboard seems stuck in caps. Link to comment Share on other sites More sharing options...
Gwozd Posted August 29, 2022 Share Posted August 29, 2022 Currently, I also faced a similar problem. So far it appears to be a problem with the ports, which the scan confirms https://www.host-tracker.com/en/ic/port-check But it takes a little more time to understand the root cause. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.