Joao Almeida Posted February 5 Share Posted February 5 Hello. i configure my lan turtle to do a reverse shell to my cloud server. i setup to when it turns on to make a connection and it works good. when i close the connection i can´t connect again so i setup the cron module of my lan turtle to communicate every minute to but i dont get any contact. can have some help? thanks Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 6 Share Posted February 6 14 hours ago, Joao Almeida said: i configure my lan turtle to do a reverse shell to my cloud server What type of reverse shell is used, and what type of cloud server? Is the server running netcat or something similar? Quote Link to comment Share on other sites More sharing options...
Joao Almeida Posted February 6 Author Share Posted February 6 hi. i create a reverse shell in the menu of lan turtle to my server. my server is on the lightsail on the AWS. yes i comunicate using netcat. Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 6 Share Posted February 6 Is there an active/running netcat listener process started each time you try to get the Turtle to connect? I.e. the netcat listener on the server needs to be started and up and running before the Turtle can "phone home" using the reverse shell. 15 hours ago, Joao Almeida said: i setup to when it turns on to make a connection and it works good. when i close the connection i can´t connect again Observe what happens on the server side when the Turtle drops the reverse shell. What happens to the netcat listener? Quote Link to comment Share on other sites More sharing options...
Joao Almeida Posted February 6 Author Share Posted February 6 when i connect the turtle and the turtle tur on the turtle connect with the server with no problems because i have configured to connect when the turtle turn on. in the server i run the command "nc -lnvp 8080". i'm using port 8080 after i use for what i need i close the connection on the server. when i wnat to get connected again i star again the command "nc -lnvp 8080" i wait but i dont get a connection from the turtle Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 6 Share Posted February 6 I guess you have to be more detailed when it comes to your setup (cron jobs, etc) to be able to assist in troubleshooting and try to find what might be wrong. What is the actual goal of using netcat this way? There might be other ways of solving your use case scenario, but more info is needed to be able to understand why you want to do it the way you do now. Quote Link to comment Share on other sites More sharing options...
Joao Almeida Posted February 6 Author Share Posted February 6 i saw the setup for cron to reverse shell on internet (youtube). Is there any other place to see how to configure the cron setup? I want to use it for pentests. I want to acess the network of the client to do penetration tests. I have a lan turtle, a shark jack, wifi pineapple... and i think lan turtle is the best for that. Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 6 Share Posted February 6 2 minutes ago, Joao Almeida said: I want to acess the network of the client to do penetration tests And when saying that, you mean the client that the Turtle is connect to using USB? Or do you mean "client" as in "customer"? Have you considered using the AutoSSH module for this? Quote Link to comment Share on other sites More sharing options...
Joao Almeida Posted February 6 Author Share Posted February 6 yes. i want to leave the lan turtle in the network of my client so i can acess to the network to do pentest. yes i have consider. when i generate a par of key and want to copy key for remote host the key dont appear. i generate the key but they dont show up. problem again. Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 6 Share Posted February 6 14 minutes ago, Joao Almeida said: problem again That's not a very informative way of trying to solve things. There is a root cause for this, and just labeling it as a "problem" doesn't help much. If you have issues copy the key, you need to be more specific about what you are doing and details of the actual result (error messages, other indicators of possible issues, etc.). If you're not detailed, then it's very difficult to try to assist you. Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 6 Share Posted February 6 And, since already having a Lightsail VPS, why not use Cloud C2 for this?! Quote Link to comment Share on other sites More sharing options...
Joao Almeida Posted February 6 Author Share Posted February 6 you´re right. but I'm trying to solve it but without success. if i use the cloud c2 i dont need the lightsail vps? Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 6 Share Posted February 6 It totally depends on what you want to do. If you have the Hak5 devices located on the same local network as the Cloud C2 server, you don't need to use anything on the internet (such as a VPS for Cloud C2). But, if you want your Hak5 devices to be located where you normally don't have access, you most likely will need something that is facing the internet. You could place the C2 server in your own network, but then you will have to open ports in firewalls, etc. (depending on what your network looks like) and that's not something I would suggest doing if you're not 100% sure you're doing it the correct way. A dedicated VPS is better since it will "only" be the VPS being compromised if doing things wrong. If you set up your own network/firewalling the wrong way, the whole network might be compromised and that's not a scenario that will make you happy. Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 6 Share Posted February 6 Setting up Cloud C2 in a Lightsail VPS as a service is really a convenient way to add functionality and make use of the Hak5 "eco system". Of course, it's good to learn about things like the AutoSSH concept of the Turtle and netcat and so on, but if you want a way to set up management of your Hak5 device, then start with Cloud C2, it's the easiest way in my opinion. Quote Link to comment Share on other sites More sharing options...
Joao Almeida Posted February 6 Author Share Posted February 6 so.. when i try to create a autossh i go to the my server and add a new user. afer that i go and generate. after i go to the key manager and generate a new ssh key pair. after i go and do the process to copy the key. I put the remot ssh server (ip of the my remote server), de port (22) and the user that i create. this process is suppose to add a remote host to the local know-hosts but when i go check if he add the host it seems that nothing was created. Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 6 Share Posted February 6 What OS/distro are you running on the Lightsail VPS? Quote Link to comment Share on other sites More sharing options...
Joao Almeida Posted February 6 Author Share Posted February 6 ubuntu Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 6 Share Posted February 6 What happens if you run the following manually in a terminal on the Turtle? ssh-copy-id -i /root/.ssh/id_rsa.pub -p PORT USER@HOST where: PORT is the ssh port of your Lightsail VPS server USER is the ssh user on your Lightsail VPS server HOST is the IP address or the domain name of your Lightsail VPS server Quote Link to comment Share on other sites More sharing options...
Joao Almeida Posted February 6 Author Share Posted February 6 this is what happens when i write this /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed expr: warning: '^ERROR: ': using '^' as the first character of a basic regular expression is not portable; it is ignored /usr/bin/ssh-copy-id: ERROR: ssh: connect to host 13.39.239.254 port 22: Host is unreachable i have the 22 port open. i check Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 6 Share Posted February 6 Your VPS is obviously not available. Where did you check that port 22 is open? Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 6 Share Posted February 6 (And perhaps not a good idea to post the public IP of your VPS here) Quote Link to comment Share on other sites More sharing options...
Joao Almeida Posted February 6 Author Share Posted February 6 i check with the comand "sudo ufw status". i already change my VPS. thanks 🙂 if i can connect with netcat with reverse shell is suppose the vps be available or not? Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 6 Share Posted February 6 I have no idea how/why you were able to get netcat working, but checking the OS firewall shouldn't be enough to get things working on a Lightsail VPS, you need to open ports in the Lightsail firewall as well. Quote Link to comment Share on other sites More sharing options...
Joao Almeida Posted February 6 Author Share Posted February 6 the port 22 on firewall is open too. do you think its a problem on the server? Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted February 6 Share Posted February 6 You have to be more detailed about the setup. Is ssh even installed/active/running? 1 minute ago, Joao Almeida said: the port 22 on firewall is open too "open too", where? iptables in Ubuntu and/or the Lightsail firewall? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.