Jump to content

Recommended Posts

Posted

C² 3.4.0 has been released!

Tons of improvements and some new features that have been long awaited; 2FA, user account invite links, built in application firewall and many performance improvements and bug fixes!

https://downloads.hak5.org/cloudc2

If you have a server already running no need to download from the above link as always it will come through via OTA. 

New features are self explanatory however docs will be brought up to speed ASAP.

Thanks for the feedback as always ❤️ 
Enjoy!

Changelog

General

  • Added support and binaries for Apple Silicon devices.
  • Adjusted update and license check-in intervals.
  • Fixed a bug causing device online/sync/offline status to flip erratically.
  • Addressed a rare race condition resulting in server hang.
  • Drastically improved server DB performance across multiple areas.
  • Removed static title from root index to eliminate identifiable information if server is scanned.
  • Adjusted max picture upload size for sites/users/devices to ensure optimal server performance.
  • Improved state syncing in the UI when navigating between components.
  • Improved notification serving to prevent flooding users with a large number of notifications after extended periods of inactivity.
  • Corrected a typo in audit logs when renaming a site.
  • Added audit logging for user editing device actions.
  • Added or adjusted various debug logging functionalities.
  • Optimized default site/user/device pictures.

Command Line

  • Added a banner to the first start output.
  • Included a -nobanner flag to omit the banner on first start.
  • Implemented hostname checks for local/private IP ranges.
  • Added output for current configuration.
  • Detection of configuration changes now notifies the user.
  • Server setup now generates a direct link to open the Setup page with a prepopulated token.

Settings

  • Added server configuration info.
  • Added a loading spinner to log modals.
  • Reorganized settings for improved accessibility.

Application Firewall

  • Added the ability to configure allow/deny rules for device/UI access using regex.
  • Included a configurable "autoban" option for failed login attempts.
  • Added firewall reset and -allowip commands to command line arguments for recovery purposes.

User Accounts

  • Added support for direct user invite links.
  • Implemented support for 2FA.
  • Added a configuration option to force 2FA enrollment.
  • Provided the ability to force password reset upon the next login.
  • Deleted users are now forcibly and instantly disconnected.
  • Added an option to disable login for a user.

Login Page

  • Dynamically generated login prompt to enhance obscurity against scanners.
  • Polished UX by replacing the background.

Dashboard

  • Added device last seen to the dashboard for a more real-time view of device check-ins.
  • Fixed dashboard sorting issues.
  • Fixed the dark mode banner.
  • Fixed notifications theme.
  • Corrected the display of offline device rows appearing as "half online."

Overview

  • Added last seen and time online to the Uptime card.

Pineapple Recon Module

  • Improved stats, pagination, sorting, filtering, scope, and live data update experience.
  • Enhanced the cartography view with onclick filtering and camera travel.
  • Orientation of nodes loosely generated based on signal strength in the cartography view.

Pineapple Probes Module

  • Fixed "Total Probes" and "Most probed SSID" stats.
  • Added pagination, sorting, and filtering.
  • Included confirmation dialogue for clearing probes.
  • Enabled clicking on top probed SSIDs/MACs for filtering.
  • Improved page loading performance and database efficiency for high-traffic devices.

Pineapple PineAP Module

  • Added confirmation dialogs for removing SSID from the pool and clearing SSID pool.
  • Introduced deduplication when adding SSID to the pool.
  • Included an "Enable Karma" option for a less fragmented experience (duplicate of Clients module).
  • Fixed toggles flickering on load.

Terminal Module

  • Fixed UI component flickering on load.
  • Addressed a regression loading context.
  • Resolved a bug causing desync on recon status in C2 due to stopping tunneling services on a pineapple with recon running.

Clients Module

  • Improved page loading performance.
  • Fixed an issue where table columns weren't device-specific.
  • Added confirmation dialogs for "Forget" and "Disconnect" client buttons.
  • Renamed "Allow Associations" to "Enable Karma" for clarity.

Crab

  • Fixed the issue where the server failed to ingest images properly, resulting in missing loot and error notifications.
  • Improved page loading performance.
  • Made minor UI adjustments to the Configuration module.

Loot Module

  • Fixed the "Learn more" link.
  • Added titles when viewing or deleting loot.
  • Rearranged the position of delete all, export, and filter fields.
  • Automatically sorted by upload date and displayed size in a readable format.
  • Enhanced the Export dialog and displayed file names in delete dialog.

Croc

  • Fixed rendering issues in keystroke history that removed leading/trailing spaces (underlying data unaffected, correct keylogs displayed in downloads).



image.png

image.png

image.png

  • Like 1
  • Korben featured and pinned this topic
Posted

The update doesn't seem to progress at all- it just keeps constantly in spinning state and says "The page will automatically refresh when the update is complete." No log is produced either anywhere I checked (journal, syslog).

Posted

Can't reproduce that. It took 10 seconds, tops, when I updated a lab C2 instance from 3.3.0 to the newly released version. There should be some output available (command line) where you can see that the 3.3.0 server is stopped and 3.4.0 is executed, but it depends on if you are running it as a service or start it manually.

  • Upvote 1
Posted
8 hours ago, zZ1da0rKcIFFGRri said:

The update doesn't seem to progress at all- it just keeps constantly in spinning state and says "The page will automatically refresh when the update is complete." No log is produced either anywhere I checked (journal, syslog).

As dark_pyrro mentioned there should be output that the server is upgrading.
You might simply be running C2 in a context or directory that has limited permissions; does restarting the service (or command) yield 3.3.0 or is it upgraded to 3.4.0?


If youre not interested in troubleshooting further, you can always just download the bin from the link above and replace the bin manually.

  • 2 weeks later...
Posted

Thanks for the help! I finally downloaded the new binary and replaced the old one. This worked well. I did also some other changes in configurations so not sure still what was the issue exactly, but possibly file permissions indeed (or parent dir permissions more probably).

  • 1 month later...
Posted

Awesome update. Works smoothly for me. Note to anyone running their C2 through a reverse-proxy - the new firewall feature won't work as desired as all requests to the application will be routed through the reverse-proxy, so the C2 can only see the IP of the local network reverse-proxy.

  • 1 month later...
Posted

It's of course possible to post things in the Cloud C2 section of the forums, but there's no guarantee that any Hak5 officials will notice it. At least not short term. It's a community forum and not an official way of getting in touch with Hak5 representatives.

  • 3 weeks later...
Posted

My Norton and vulnerability scanner keep blocking the 3.4.0 download with a warning that the OSX.Trojan.GEN trojan is embedded. 

Posted

It's not uncommon that anti-malware gets triggered on the C2 files (Defender being one of them). I have no doubts about it myself though. I'm sure that Hak5 is releasing legit stuff. Nothing "evil" there at all. Assuming that you download it from the Hak5 downloads site, that is, and also verify checksums. If in doubt, just use a lab machine or run it in a VM.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...