Cloud C2 Not Receiving...

[Arduino415]

I am a newbie at Cloud C2, but I managed to set it up without issue on a server located on my home network. Due to my house having multiple subnets, I port forwarded Cloud C2 at port 3000 for HTTP through the network to the internet so I could access it remotely. I have had no issues with the program itself, however, when I tried to set up Hak5 devices such as the Wi-Fi Pineapple Mark IV and the Key Croc, Cloud C2 did not show any signs of life from these devices. I have tried lots troubleshooting steps, but nothing has resolved the issue. Is there anything else that I should try to get my devices working?

[dark_pyrro]

In what way are you starting your C2 server? Local IP address or the public one?

[Arduino415]

I am starting my C2 server via a private IP address. The server is specifically located on a small subnet, connected to a larger subnet, and finally the Internet.

[dark_pyrro]

If you use an IP address from a private address range when you start the C2 server, it's impossible for any Hak5 device to reach it from the internet.

[Arduino415]

Sooooo...should the server be directly connected to the Internet? In my current environment, that would be hard to accomplish. 

[dark_pyrro]

I don't know how your network architecture/design looks like, but you mention "multiple subnets" and if you "chain" different networks using NAT and on top of that is "hiding" your C2 server behind all of that, it's not a setup you would want.

I wouldn't at all suggest putting the C2 server on an internal network and open it up to the internet unless you are sure of what you're doing and also are willing to take the risks that comes with it. Using a VPS in the cloud is far better. Running it in a local network is OK if just using the C2 server and the Hak5 devices in a lab environment that is fine with local access only, but anything else than that is something I would avoid when it comes to local/private networks.

If you still want to run it in your private network, then put the C2 server in the first network (if having stacked networks) that is directly behind the firewall closest to the internet and port forward the necessary ports from the internet to the C2 server internal IP address. Then set up/start C2 using the public IP address (internet facing address) as the hostname parameter and create new device.config files and copy those files to the Hak5 devices that you want to connect to the C2 server. This is another downside with using a private network. Your internet facing address might change over time if your ISP isn't providing you a static one (which is less likely if you aren't paying extra for that service). In the case that the IP address is changing, your devices will stop showing up in the C2 web UI. You could try using some dynamic DNS service. Another alternative could be to use some service like Zerotier that creates a "LAN over" WAN" but then all of the devices needs to support a local client for that kind of service. I've used Zerotier with some Hak5 devices, but not all, so I don't know which ones that are working or not.

Edited April 20, 2023 by dark_pyrro