Jump to content

Cloud C2 TLS and Cipher Suites


Recommended Posts


I have just created a VPS with Cloud C2 and by following your video instruction it was extremely easy. Thanks for the detailed information and making the software so easy to install and set up HTTPS. I have my Pineapple MKVII, Packet Squirrel MKII and LAN Turtle connected and working. I am have a challenge with my original Packet Squirrel but  am still working on that. Not being too familiar with VPSs or HTTPS from an implementation perspective I was surprised how quickly I could get it up and running securely.

I do have a question: I ran my Web URL against Qualys SSL Server Test and it states that TLS v1.0 and v1.1 are supporeted and the there are some non ECDHE ciphers in use that are weak. I looked through all the documentation and found nothing on that topic. Therefore I assume the config in the executable would need to be updated to selves those issues. Is that a good assumption? If so do you have plans to update the server config?



Link to comment
Share on other sites

I think these values are hardcoded to the binary itself. You could set up a reverse-proxy server in front of the C2 service and then configure the server acting as a reverse-proxy to only allow updated protocols and cipher suites. I've just done this myself for my nginx reverse-proxy sitting in front of my C2 service and everything seems to be working fine.






Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...