C2 – Terminal – Start SSH Session never connects to devices

[hbackus]

The Cloud C2 is 3.1.2; Packet Squirrel is FW 3.2; LAN Turtle Shell is v6.2

C2 Audit Log
2021-04-29 15:21:15 my_name@my_public_IP:random_port   GET /api/sites/1/devices/2
2021-04-29 15:21:12 my_name@my_public_IP:random_port   GET /api/sites/1/devices/2/ssh/status
2021-04-29 15:21:12 my_name@my_public_IP:random_port   GET /api/sites/1/devices/2
2021-04-29 15:21:11 my_name@my_public_IP:random_port   GET /api/sites/1/stats/devices/2
2021-04-29 15:21:11 my_name@my_public_IP:random_port   GET /api/sites/1/devices/2/status

C2 Server Log
2021-04-29 15:06:13 User my_name has logged in from my_public_IP:random_port
2021-04-29 15:04:31 Device 'LAN Turtle' has started up
2021-04-29 15:03:43 Device 'Packet Squirrel' has started up

The required ports are open on the C2 server

Scanning my_public_C2_site (my_public_IP4) [1000 ports]
Discovered open port 22/tcp on my_public_IP
Discovered open port 443/tcp on my_public_IP
Discovered open port 80/tcp on my_public_IP
Discovered open port 2022/tcp on my_public_IP

The Terminal session to the devices has a spinning blue icon and never connects to the devices.

I could really use some help in troubleshooting this issue.

[chrizree]

Are you able to transfer loot the other way, i.e from the devices to the C2 instance?

[hbackus]

No I am not. 

I am confused and surprised. Today after weeks of not being able to connect to the LAN Turtle from my C2 instance, I am able to click on "Start SSH Connection" and connect back to the LAN Turtle. I am not able to scp files from the LAN Turtle to the server running C2. I remained confused at this point.

 

ssh_attemp.log

[chrizree]

scp from the Turtle to the C2 instance is not the way to transfer loot, you should use C2EXFIL

[hbackus]

Yes, I can upload to my Cloud C2 instance manually using C2EXFIL from my device.

upload_test.txt

[chrizree]

good, it's working as intended then

[hbackus]

13 hours ago, chrizree said:

good, it's working as intended then

OK.🤔