Jump to content

Struggling with adding Pineapple Tetra


NogNeetMachinaal

Recommended Posts

I'm struggling with adding a Pineapple Tetra to Cloud C2 running behind a reverse proxy.

 

The reverse proxy is Swag (which is build on NGINX) and runs in a docker container.

The Docker host for Swag is known as morpheus.itv.lan. The host for Cloud C2 is known as logos.itv.lan (no Docker involved).

 

The Hack5-C2-app is running on http with tcp port 8282. The external DNS name is c2.itv360.net.

I can do a login on Cloud C2 (local and via Swag) and added the Tetra.

When taking a look at the downloaded config, it shows c2.itv360.net with tcp port 443.

This matches the reverse proxy setup.

The config details and relevant status-es are below the sign-off

 

What am I overlooking?

 

Many thanks - Will


 

=====

root@logos:/home/will# service hak5-c2 status
● hak5-c2.service - Hak5 Cloud C2
     Loaded: loaded (/etc/systemd/system/hak5-c2.service; enabled; vendor preset: enabled)
     Active: active (running) since Fri 2023-03-24 08:00:43 CET; 2h 4min ago
    Process: 946 ExecStartPre=/bin/sleep 10 (code=exited, status=0/SUCCESS)
   Main PID: 2089 (c2_amd64_linux)
      Tasks: 19 (limit: 9270)
     Memory: 28.1M
        CPU: 4.507s
     CGroup: /system.slice/hak5-c2.service
             ├─2089 /opt/hak5-c2/c2_amd64_linux -db /mnt/allData/hak5-c2/c2.db -hostname c2.itv360.net -listenport 8282>
             └─4037 /opt/hak5-c2/c2_amd64_linux -db /mnt/allData/hak5-c2/c2.db -hostname c2.itv360.net -listenport 8282>

Mar 24 08:01:02 logos c2_amd64_linux[4037]: info        | 2023-03-24 08:01:02 [*] Initializing Hak5 Cloud C2 v3.2.0
Mar 24 08:01:02 logos c2_amd64_linux[4037]: info        | 2023-03-24 08:01:02 [*] Hostname: c2.itv360.net
Mar 24 08:01:02 logos c2_amd64_linux[4037]: info        | 2023-03-24 08:01:02 [*] DB Path: /mnt/allData/hak5-c2/c2.db
Mar 24 08:01:02 logos c2_amd64_linux[4037]: info        | 2023-03-24 08:01:02 [*] Validating License
Mar 24 08:01:03 logos c2_amd64_linux[4037]: info        | 2023-03-24 08:01:03 [*] License Valid
Mar 24 08:01:03 logos c2_amd64_linux[4037]: info        | 2023-03-24 08:01:03 [*] Running Hak5 Cloud C2


=====

Open ports in UFW:

22/tcp                     ALLOW       Anywhere
80/tcp                     ALLOW       Anywhere
443/tcp                    ALLOW       Anywhere
8282/tcp                   ALLOW       Anywhere
2022/tcp                   ALLOW       Anywhere

=====

root@logos:/home/will# cat /etc/systemd/system/hak5-c2.service

# Replace parameters as necessary for your instance
[Unit]
Description=Hak5 Cloud C2
After=hak5-c2.service

[Service]
Type=idle
ExecStartPre=/bin/sleep 10
ExecStart=/opt/hak5-c2/c2_amd64_linux -db /mnt/allData/hak5-c2/c2.db -hostname c2.itv360.net -listenport 8282 -reverseProxy -reverseProxyPort 443 -v

[Install]
WantedBy=multi-user.target

=====

root@logos:/home/will# ss -tulpn | grep c2
tcp   LISTEN 0      4096                 *:8282             *:*    users:(("c2_amd64_linux",pid=4037,fd=9))
tcp   LISTEN 0      4096                 *:2022             *:*    users:(("c2_amd64_linux",pid=4037,fd=8))

=====

root@morpheus:/opt/docker/swag/config/nginx/proxy-confs# cat hak5-c2.subdomain.conf

server {
    listen 443 ssl;
    server_name c2.itv360.net;
    include /config/nginx/ssl.conf;
    client_max_body_size 0;

    location / {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app logos.itv.lan;
        set $upstream_port 8282;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        proxy_max_temp_file_size 2048m;
    }
}

server {
    listen 80;
    server_name c2.itv360.net;
    client_max_body_size 0;

    location /dapi {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app logos.itv.lan;
        set $upstream_port 8282;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        proxy_max_temp_file_size 2048m;
    }

    location / {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app logos.itv.lan;
        set $upstream_port 8282;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        proxy_max_temp_file_size 2048m;
    }
}

=====

 

Link to comment
Share on other sites

  • 2 weeks later...

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...