Jump to content

C² - https port change - still…


Éd_D
 Share

Recommended Posts

Hi everybody.

Until now, I was playing with cloud c² locally in a private network.
Now, we can use a VPS (linux Centos 😎 in wich run an OpenVPN access server.

 

***** 1st step *****

For the fist tests, we stop the OpenVPS access server to run cloud c². (Otherwise there is a conflict: both services use HTTPS (443) port.
I run cloud c² with the command line :

admin@vps ~]$  sudo /usr/local/bin/c2-3.1.2_amd64_linux \
			-hostname fullyQuallifiedName.tld \
			-https \
			-keyFile /path/to/keys/myKey.key \
			-certFile /path/to/certs/myCert.crt \
			-db /path/to/hak5c2/c2.db
[*] Initializing Hak5 Cloud C2 v3.1.2
[*] Hostname: fullyQuallifiedName.tld
[*] DB Path: /path/to/hak5c2/c2.db
[*] Validating License
[*] License Valid
[*] Running Hak5 Cloud C2

Everything is ok! ❤️

I can connect to the cloud c² web interface at the address "https://fullyQualifiedName.tld".

To end the test, I can stop cloud c² by <ctrl-c> in the ssh client window…

^C[!] Signal caught, shutdown initiated
[*] Shutting down gracefully
[*] Server stopped
[admin@vps ~]$

 

***** when problems happen *****

Next step, we need to change the port of the cloud c² web interface to leave port 443 free for the OpenVPN access server… (we are used to choose our custom ports between 49152 and 65535.)

So I tryed the command line :

[admin@vps ~]$ sudo /usr/local/bin/c2-3.1.2_amd64_linux \
			-hostname fullyQuallifiedName.tld \
			-https \
			-keyFile /path/to/keys/myKey.key \
			-certFile /path/to/certs/myCert.crt \
			-listenport 50xyz \
			-db /path/to/hak5c2/c2.db
[*] Initializing Hak5 Cloud C2 v3.1.2
[*] Hostname: fullyQuallifiedName.tld
[*] DB Path: /path/to/hak5c2/c2.db
[*] Validating License
[*] License Valid
[*] Running Hak5 Cloud C2

Cloud c² runs properly…

But nothing happen in my web browser with the address "https://fullyQualifiedName.tld:50xyz/"!
My browser says that the server don’t answer…

Access to the cloud c² admin interface remains at the address "https://fullyQualifiedName.tld/" ("https://fullyQualifiedName.tld:443/").

It is like the "-listenport" argument was ignored!

I also tried the command line with quotes around the port number: -listenport "50xyz" (to force 50xyz to be a string and not an integer!…) but the problem is same.

 

Thank you for the help,
Best regards.

 

Éd.

Link to comment
Share on other sites

Well, if you read the output when running the c2 executable without parameters, it says:

-listenport string
        Port of the HTTP server (default "8080")

-https
        Enable https (requires ports 80 and 443)

so, "listenport" is for http if interpreting the exact words used

and, https "requires" 443
 

  • Like 1
Link to comment
Share on other sites

Thank you for this quick answer… 👍👍👍

So, I can conclude that I need to change the OpenVPN access server port if I want to keep cloud c² on the same VPS…  🤔

 

Regard,

 

Éd.

Link to comment
Share on other sites

I haven't had any reason to try to make any changes port wise when using https for my C2 instance (the only thing running on that VPS, no "conflicts") so I can't be 100% sure. But since you can't seem to get it working, I would go with the other option instead and, as you say, make changes to the OpenVPN AS instead.

  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...