Jump to content

Can't connect Keycroc to Cloud C2


surb
 Share

Recommended Posts

Hello!

I've been looking at the forums for the past couple of days hoping to find a solution to my keycroc/c2 connection problem and haven't had much luck yet.  Here are the details:

  • Keycroc is connected to wifi.  
  • I can SSH into the keycroc from wifi.  I can also ping it.
  • I can SSH into my cloud C2 server (VPS) from my keycroc on my lan.  I can also ping it.
  • I am not currently using https/SSL (that is coming after I figure this out).
  • I have tried the certificate purge/refresh that has been suggested on most of the threads in the forum here.
  • Server is being started on boot using systemd with "/usr/local/bin/c2-3.1.2_amd64_linux -hostname http://serverip -listenport serverport -db /var/cloudc2/c2.db
  • When I download the device config from C2 and check the text, the IP and ports listed are all correct.
  • The necessary ports are open (via nmap)

Anyone have any ideas?

Link to comment
Share on other sites

  • 4 months later...

I have what looks to be the exact same problem getting the key croc to connect to c2. NOTE I didn't have http:// in the -hostname part of the command as per dark_pyrro advice. I'm using the server name of the machine I'm hosting the c2 software with -hostname. 

I've checked with netcat (nc) on the croc in conjunction with tcpdump on my c2 server that port ports 22, 80, 8080, 2022 are listening and getting traffic when I I've not checked port 443 as I've not set up a certificate yet.  

The key croc is getting an IP from DHCP off my home router. I have no way of confirming the device.config is the right one though but I've downloaded this and placed in the root of the device folder.  Windows 10  when it pops up in file explorer. When I use the example payload with 'hello' and see the world bit added, even if I use the C2NOTIFY command, I see nothing back in the C2 UI.    Are there any more steps I can check??   One last point. I did type ssh <my c2 IP address> with ports 22 and 2022 and in both cases got a fingerprint response. I didn't accept these as I say nothing in the instructions suggesting I should.

Any help gratefully received.

 

 

Link to comment
Share on other sites

If you cat the device.config file on the Croc, is the name of the C2 machine in the file the same as what you use when starting the C2 server (hostname parameter)?

Can you resolve the hostname of the server on the Croc?

Also check the cc-client error log on the Croc. I think it's in /tmp (if I remember it correctly).

Edited by dark_pyrro
Link to comment
Share on other sites

  • 1 month later...

OK...

So... I am having issues with my croc connecting to my c2 instance on my VPS... My nano, tetra, and mk7 all connect just fine. My c2 instance automagicly spins up whenever i

initiate my VPS instance i have my domain name, https, etc. etc. basically i just followed the videos, looking at the above post i checked cc-client error log and it repeats

[1596077524 !ERR       DEVICE ]  Error getting wan interface name
[1596077524 !ERR       DEVICE ]  WAN interface not found.
[1596077525 !ERR         CURL ]  Error posting update to server...
[1596077525 !ERR     INITSYNC ]  Error in startup sync post
[1596077525 !ERR         MAIN ]  Device startup sync failed. Retrying...
[1596077530 !ERR         CURL ]  Error posting update to server...
[1596077530 !ERR     INITSYNC ]  Error in startup sync post
[1596077530 !ERR         MAIN ]  Device startup sync failed. Retrying...

over and over. and i thought well duh of course startup sync failed. lmao. N E way, I digress, I checked my divice.config, make out my domain name and ports, its ssh

key. Obviously i cant get the croc to communicate with c2. and i dont know what/where to look for the next clue. Also did a factory reset on the croc but the version returns

with the current 1.3_513 (twice) first time password reverted to hak5croc, everything else seems to work logs keys, deploys and triggers just fine. Someone, anyone, please, 

Help! 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...