Let's Encrypt SSL configuration and device enrollment
VIDEO GUIDE
CONFIGURING SSL WITH A LET'S ENCRYPT TLS CERTIFICATE
Generally
Add an A record for your domain to your VPS IP address
Add the
-https
parameter to the Cloud C² binary and set the -hostname flag to the fully qualified domain name.
For example:
remember to specify the right architecture and version
From version 3.0.0 onward all, Cloud C² editions (Community, Edition, Teams) use the same binary. Filenames for Cloud C² will differ from example — however all parameters remain the same.
ADDING DEVICES
Depending on which device you're using, this file will go in a different place.
See this article on Adding Devices to Cloud C² for more details - but generally:
WiFi Pineapple – put
device.config
in/etc/
LAN Turtle – put
device.config
in/etc/
Packet Squirrel – put
device.config
in/etc/
Signal Owl – put
device.config
in/etc/
and useC2CONNECT
in your payloadShark Jack – put
device.config
in/etc/
and useC2CONNECT
in your payloadScreen Crab – put
device.config
on the root of the SD cardKey Croc – put
device.config
on the root of the KeyCroc disk from arming mode
Generally, once the device is online it'll connect back to Cloud C² and you'll be able to interact with it from the dashboard. The exception to this is the Shark Jack and Signal Owl, which require the command C2CONNECT
in the payload to initialize the connection.
Likewise, run the C2DISCONNECT
command to cut the connection. This is by design so that you aren't inadvertently connecting to your Cloud C² instance from every Shark Jack payload you run, as an example.
Many devices support the C2NOTIFY
and C2EXFIL
commands to send notifications and exfiltrate loot. The C2EXFIL
command must be run for each file uploaded to the Cloud C² server.
When exfiltrating text files, you'll want to add the STRING
option in order to make it viewable from the dashboard. For example, C2EXFIL STRING /root/loot/file.txt MyPayloadName
.
The payload name is optional, but helpful when multiple payloads run.
Last updated