How to reset Cloud c2 license key or delete old server on local host and create new one or even recover account info

[GE0rGE01C]

7. https://1drv.ms/i/c/d57ad30688d56f1a/IQNKSElO6rPgQ7zwa2Mb3aqCAYpsxZpw5Lmvc6SIxVElbB8?width=582&height=95

8. https://1drv.ms/i/c/d57ad30688d56f1a/IQP2-KJxD3jhRJaqyphNK1LoAQ9TWRt11MjCb5OlflaFwTI?width=861&height=667

9. https://1drv.ms/i/c/d57ad30688d56f1a/IQMelJ1H8ceoSK976F1I_GpDAR3gtRlT5XW1rrqldiSNG1E?width=567&height=590

10. https://1drv.ms/i/c/d57ad30688d56f1a/IQPG1yi2I4bjSZDtBWllB33eAbkMs4PSo8O4G3lSdMuAQ10?width=1280&height=252

[dark_pyrro]

I want to see a screenshot of the list of files in the directory C:\Users\Georg\Downloads\c2-3.4.0\.
Can't verify that it's that specific directory content that is listed in the screenshot that is posted already.

(No actual need to mask an address from a private address range, no one is going to hack you on such an address, if so, they are most likely already inside your network...)

 

[GE0rGE01C]

3 hours ago, dark_pyrro said:

I want to see a screenshot of the list of files in the directory C:\Users\Georg\Downloads\c2-3.4.0\.
Can't verify that it's that specific directory content that is listed in the screenshot that is posted already.

 

Yes of course, here you are that all files, but I only use the amd64 Windows.exe file to try and set it up.

 

[dark_pyrro]

So, this is yet another unpacking of the zip file (since you said in your previous post you deleted all files but the amd64 Windows executable)?

Edited July 20 by dark_pyrro

[GE0rGE01C]

1 hour ago, dark_pyrro said:

So, this is yet another unpacking of the zip file (since you said in your previous post you deleted all files but the amd64 Windows executable)?

Its of another sure, but the one I have tired to use only has that one (amd 64)

here's a screenshot of it 🙂

https://1drv.ms/i/c/d57ad30688d56f1a/EbRGkCVSDQtDiOWpP5nsSXgBDHk4tOGt8WAamDcUC5hIQQ?e=CeL73u

 

[dark_pyrro]

What's the output of:

Get-ChildItem -Path C:\ -Filter c2.db -Recurse -ErrorAction SilentlyContinue -Force

(let it run until it's finished)

[GE0rGE01C]

37 minutes ago, dark_pyrro said:

What's the output of:

Get-ChildItem -Path C:\ -Filter c2.db -Recurse -ErrorAction SilentlyContinue -Force

(let it run until it's finished)

 

BTW , can I say, these codes you know are mind blowing to me lol

[dark_pyrro]

Rename the C:\Users\Georg\c2.db to C:\Users\Georg\c2.db.old (or such), or just delete the file, and then run the C2 executable again and post the output of that.

[GE0rGE01C]

https://1drv.ms/i/c/d57ad30688d56f1a/IQMYyO27uMhbRIIe7EZpO7TEAYEttoGi01BkFclAfSDaqLI?width=1024

[GE0rGE01C]

Oh, and the output when trying the set up is still sign in, if that's what you meant as well.

[dark_pyrro]

For some reason, you didn't rename the database file, but some directory (not sure which). You need to rename any occurrence of c2.db file(s) in the file system. Not some directory.

 

[GE0rGE01C]

Ok, I'm not fully understanding what you mean, please can you be more specific please?

 

I renamed the c2.db to c2.db.old as mentioned, I have now tried running the c2 exec again but still same result.

 

I don mean to keep going in circles but it seems to me that, you are right previously, setting up a cloud c2 is easy but when it comes to wanting to replace it with anew one or recovering an account, its not as easy.

[dark_pyrro]

If you renamed the "c2.db" file to "c2.db.old", why are you having a directory that is named "c2.db.old" (highlighted with the red square in my screenshot of your screenshot)? It's totally possible for you to have a directory that is called c2.db.old, but it seems highly non-logic that you would name a directory that way. It seems to me that you haven't renamed any file called "c2.db" but some directory instead.

[GE0rGE01C]

No there is no database file called that (c2.db), I wrote the old directory to that because that what I believe you meant, and Please forgive me I don't mean to cause any distress or confusion but how is this supposed to help with trying to reset the server, I've searched the whole hardware for anything related to the original c2 and there's absolutely nothing that shows any trace of the old one.

 

I'm kind of new to using cloud c2 and hak5 gear, but this is really not supposed to be part of the learning process, having to get confused with directories and trying to reset an ip address for a small server and whatnot.

[dark_pyrro]

I've been using Cloud C2 since it was released, and I've never encountered this kind of issue. That, in combination with the fact that my conclusion is that you are not tech savvy, either if it comes to basic tech or Hak5 specifically, I need to be as sure as I can about your computer environment to be able to assist. That's why I need all of this information. I need to find things that you can't explain, or see yourself due to lack of knowledge. The only thing that I've been able to identify is that you are starting the C2 server with an absolute path, from a directory other than the one where the C2 executable is located. That's why I want to try to establish the fact if you have an already existing "c2.db" file or not since that is the only way that the C2 server could present the login page instead of the setup page. My last suggestion is to be positioned in the same directory as where the C2 executable is located when starting the C2 server.

I.e. NOT being located in:

C:\Users\Georg

and running the C2 executable with the absolute path, such as:

C:\Users\Georg\whatever-directory-the-C2-executable-is-located\c2-3.4.0_amd64_windows.exe -hostname 192.168.0.19 -listenport 80

BUT INSTEAD, be positioned in the directory where the C2 executable is located (such as):

C:\Users\Georg\whatever-directory-the-C2-executable-is-located

make sure there is NO "c2.db" file in that directory, just the C2 Windows 64 bit executable, and run:

.\c2-3.4.0_amd64_windows.exe -hostname 192.168.0.19 -listenport 80

(just as I wrote in the "instructions" in my previous post)

[GE0rGE01C]

Hi, I'm sorry if I ranted a bit before, I didn't mean to offend in anyway, shape or form.

 

Yes, did do that, but i actually just used the '-remove item' command once I found the location of the c2.db file, using the '-get child item' and I've run the get child item again and its not showing anything, safe to assume its probably gone now.

 

But again, I'm sorry if I've cause you any agro (slang for aggressive behaviour), but hopefully what I've done now may mean something good, I'll provide some photos too.

 

 

[GE0rGE01C]

Hello, Dark Pyrro, you still there?

 

Please can you still assist with this issue?

 

TIA

[dark_pyrro]

I can't assist you in any other way than I already have, since what I've told you to do should highlight any possible issue. Or really, start the C2 server properly.

So, you have to start the C2 executable from the directory where it's located, not from anywhere else.

1)
Create a brand new directory:
C:\Users\Georg\C2_temp_test01

2)
Copy the C2 executable (Windows variant) to the directory mentioned above

3)
Open a terminal and change directory to where the C2 executable was copied to:
cd C:\Users\Georg\C2_temp_test01

4)
Post a screenshot of the fact that you are actually in the directory mentioned above *before* starting the C2 server, a screenshot that also shows the directory contents (which should only be the Windows C2 executable)

5)
Start the C2 server from that directory with the following command exactly, not some other variant:
.\c2-3.4.0_amd64_windows.exe -hostname 192.168.0.19 -listenport 80

6)
Post a screenshot that shows the C2 output *in the terminal* when the C2 server has been started

7)
Post a screenshot of the page that is shown *in the web browser* when you first visit http://192.168.0.19 (or whatever IP address that is relevant, in the case you have changed it for some reason)

[GE0rGE01C]

Ok I'll be right on that once I get back from work.

 

Please can you forgive me if I have been a bit aggressive in our last few conversations, I don't mean any offence at all.

 

Also, Like I said 2 posts before, I have removed the c2.db file, because when I run the command -Get-ChildItem, it doesn't appear so it indicates it gone properly. So should this mean its actually gone and if instructions now provided are followed, then hopefully the outcome should be different, fingers crossed.

 

Please let me know your thoughts on this

 

Thanks again BTW and I'll get on it later this afternoon when I'm back

[GE0rGE01C]

Hey good news, I re-tired the set up after the c2.db file was removed and it gave me the appropriate setup page instead of login

Looks like the problem is fixed and I'd like to say thanks for your support, I really appreciate it, I'll provide some screenshots too just below:

Just one last question I have if you don't mind: that is if in theory I shut down the laptop the server is running on, and I want to log back into the account, do I need to set it up on PowerShell/cmd again using the same command which results in it saying 'Running Hak5 Cloud C2' at the bottom, or just go to the search engine and enter the hostname?

This is because as the server is on the laptop where I'm accessing the account and if the laptop is shutdown, does the server need to be manually reactivated via PowerShell in order to get to the login page to access the dashboard again?

 

TIA as well, its just one bog adventure for me learning all this new stuff haha

[dark_pyrro]

4 hours ago, GE0rGE01C said:

as the server is on the laptop where I'm accessing the account and if the laptop is shutdown, does the server need to be manually reactivated via PowerShell in order to get to the login page to access the dashboard again?

yes, using the very same command you used when starting it the first time

to have the C2 server start automatically when the laptop starts, you need to set it up as a service, but since the Windows exe isn't of the type that let's you set it up as a service, it's not possible (at least it hasn't in previous versions of C2), there are workarounds but the easiest way is to run C2 on a Linux based machine and set it up as a service

[GE0rGE01C]

Ok, I may set it up as a service one day, but for now I'm just glad its accessible again, thank you again.

 

Since you would have to set it up again manually, any registered devices should be saved to it as well right? The config info would remain persistent across server restarts?

[dark_pyrro]

9 minutes ago, GE0rGE01C said:

Since you would have to set it up again manually

You don't need to set it up again, once started and configured, you just need to start it again with the same command line as when you started it the first time.

12 minutes ago, GE0rGE01C said:

Since you would have to set it up again manually, any registered devices should be saved to it as well right? The config info would remain persistent across server restarts?

Devices that are set up will be stored in the database. All of the config is stored there as well.

[GE0rGE01C]

On 7/29/2024 at 11:16 PM, dark_pyrro said:

You don't need to set it up again, once started and configured, you just need to start it again with the same command line

No that's what I mean by the single command line, I just call it setting up again to make it sound more logic as you are actually turning it on again and setting it up again without configuration required.

 

On 7/29/2024 at 11:16 PM, dark_pyrro said:

Devices that are set up will be stored in the database. All of the config is stored there as well.

That's good, knowing you wouldn't have to configure devices to the server again after its shutdown.