NogNeetMachinaal Posted March 24, 2023 Share Posted March 24, 2023 I'm struggling with adding a Pineapple Tetra to Cloud C2 running behind a reverse proxy. The reverse proxy is Swag (which is build on NGINX) and runs in a docker container. The Docker host for Swag is known as morpheus.itv.lan. The host for Cloud C2 is known as logos.itv.lan (no Docker involved). The Hack5-C2-app is running on http with tcp port 8282. The external DNS name is c2.itv360.net. I can do a login on Cloud C2 (local and via Swag) and added the Tetra. When taking a look at the downloaded config, it shows c2.itv360.net with tcp port 443. This matches the reverse proxy setup. The config details and relevant status-es are below the sign-off What am I overlooking? Many thanks - Will ===== root@logos:/home/will# service hak5-c2 status ● hak5-c2.service - Hak5 Cloud C2 Loaded: loaded (/etc/systemd/system/hak5-c2.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2023-03-24 08:00:43 CET; 2h 4min ago Process: 946 ExecStartPre=/bin/sleep 10 (code=exited, status=0/SUCCESS) Main PID: 2089 (c2_amd64_linux) Tasks: 19 (limit: 9270) Memory: 28.1M CPU: 4.507s CGroup: /system.slice/hak5-c2.service ├─2089 /opt/hak5-c2/c2_amd64_linux -db /mnt/allData/hak5-c2/c2.db -hostname c2.itv360.net -listenport 8282> └─4037 /opt/hak5-c2/c2_amd64_linux -db /mnt/allData/hak5-c2/c2.db -hostname c2.itv360.net -listenport 8282> Mar 24 08:01:02 logos c2_amd64_linux[4037]: info | 2023-03-24 08:01:02 [*] Initializing Hak5 Cloud C2 v3.2.0 Mar 24 08:01:02 logos c2_amd64_linux[4037]: info | 2023-03-24 08:01:02 [*] Hostname: c2.itv360.net Mar 24 08:01:02 logos c2_amd64_linux[4037]: info | 2023-03-24 08:01:02 [*] DB Path: /mnt/allData/hak5-c2/c2.db Mar 24 08:01:02 logos c2_amd64_linux[4037]: info | 2023-03-24 08:01:02 [*] Validating License Mar 24 08:01:03 logos c2_amd64_linux[4037]: info | 2023-03-24 08:01:03 [*] License Valid Mar 24 08:01:03 logos c2_amd64_linux[4037]: info | 2023-03-24 08:01:03 [*] Running Hak5 Cloud C2 ===== Open ports in UFW: 22/tcp ALLOW Anywhere 80/tcp ALLOW Anywhere 443/tcp ALLOW Anywhere 8282/tcp ALLOW Anywhere 2022/tcp ALLOW Anywhere ===== root@logos:/home/will# cat /etc/systemd/system/hak5-c2.service # Replace parameters as necessary for your instance [Unit] Description=Hak5 Cloud C2 After=hak5-c2.service [Service] Type=idle ExecStartPre=/bin/sleep 10 ExecStart=/opt/hak5-c2/c2_amd64_linux -db /mnt/allData/hak5-c2/c2.db -hostname c2.itv360.net -listenport 8282 -reverseProxy -reverseProxyPort 443 -v [Install] WantedBy=multi-user.target ===== root@logos:/home/will# ss -tulpn | grep c2 tcp LISTEN 0 4096 *:8282 *:* users:(("c2_amd64_linux",pid=4037,fd=9)) tcp LISTEN 0 4096 *:2022 *:* users:(("c2_amd64_linux",pid=4037,fd=8)) ===== root@morpheus:/opt/docker/swag/config/nginx/proxy-confs# cat hak5-c2.subdomain.conf server { listen 443 ssl; server_name c2.itv360.net; include /config/nginx/ssl.conf; client_max_body_size 0; location / { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app logos.itv.lan; set $upstream_port 8282; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_max_temp_file_size 2048m; } } server { listen 80; server_name c2.itv360.net; client_max_body_size 0; location /dapi { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app logos.itv.lan; set $upstream_port 8282; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_max_temp_file_size 2048m; } location / { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app logos.itv.lan; set $upstream_port 8282; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_max_temp_file_size 2048m; } } ===== Link to comment Share on other sites More sharing options...
NogNeetMachinaal Posted April 7, 2023 Author Share Posted April 7, 2023 Bump - anyone? Link to comment Share on other sites More sharing options...
NogNeetMachinaal Posted April 7, 2023 Author Share Posted April 7, 2023 We would like to add a few additional devices. ☺️ But for this, we need to have this cloud application working! 😇 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.