Cloud C²
Search…
Cloud C²
Cloud C² by Hak5
Getting Started
Cloud C² Basics
Licensing and Downloads
Installation and Setup
Adding Devices
Navigating the Interface
Managing Devices
Guides
Quick Deployment on an Amazon Lightsail VPS
Let's Encrypt SSL configuration and device enrollment
Enabling Cloud C² as a service on boot and Exfiltration
Cloud C² Setup with Self-Signed SSL certificates
Installing updates to the Cloud C² Server
Upgrading Cloud C² Editions
Troubleshooting
Device cannot connect to server
Account Recovery
Extras
Icon Sets
Powered By GitBook
Let's Encrypt SSL configuration and device enrollment

VIDEO GUIDE

CONFIGURING SSL WITH A LET'S ENCRYPT TLS CERTIFICATE

Generally
  1. 1.
    Add an A record for your domain to your VPS IP address
  2. 2.
    Add the -https parameter to the Cloud C² binary and set the -hostname flag to the fully qualified domain name.
For example:
sudo ./c2_community-linux-64 -hostname example.com -https
From version 3.0.0 onward all, Cloud C² editions (Community, Edition, Teams) use the same binary. Filenames for Cloud C² will differ from example — however all parameters remain the same.

ADDING DEVICES

Depending on which device you're using, this file will go in a different place.
See this article on Adding Devices to Cloud C² for more details - but generally:
  • WiFi Pineapple – put device.config in /etc/
  • LAN Turtle – put device.config in /etc/
  • Packet Squirrel – put device.config in /etc/
  • Signal Owl – put device.config in /etc/ and use C2CONNECT in your payload
  • Shark Jack – put device.config in /etc/ and use C2CONNECT in your payload
  • Screen Crab – put device.config on the root of the SD card
  • Key Croc – put device.config on the root of the KeyCroc disk from arming mode
Generally, once the device is online it'll connect back to Cloud C² and you'll be able to interact with it from the dashboard. The exception to this is the Shark Jack and Signal Owl, which require the command C2CONNECT in the payload to initialize the connection.
Likewise, run the C2DISCONNECT command to cut the connection. This is by design so that you aren't inadvertently connecting to your Cloud C² instance from every Shark Jack payload you run, as an example.
Many devices support the C2NOTIFY and C2EXFIL commands to send notifications and exfiltrate loot. The C2EXFIL command must be run for each file uploaded to the Cloud C² server.
When exfiltrating text files, you'll want to add the STRING option in order to make it viewable from the dashboard. For example, C2EXFIL STRING /root/loot/file.txt MyPayloadName.
The payload name is optional, but helpful when multiple payloads run.
Guides - Previous
Quick Deployment on an Amazon Lightsail VPS
Next - Guides
Enabling Cloud C² as a service on boot and Exfiltration
Last modified 1yr ago
Copy link
On this page
VIDEO GUIDE
CONFIGURING SSL WITH A LET'S ENCRYPT TLS CERTIFICATE
ADDING DEVICES