Installing Hak5 C2 3.1.1 in a Docker

Running Hak5 C2 with HTTPS will required ports 80 and 443 necessarily, changing the listening ports will not work.

To run C2 on a server that already runs a webserver will be necessary to use a container to prevent ports conflict.

The docker will be configured HTTP port 8080 external -> port 443 internal. Same to the SSH, 2022 -> 22.

sudo apt update
sudo apt install docker.io
sudo docker run --name c2 -d -it -p 8080:443 -p 2022:22 ubuntu:latest /bin/bash
sudo docker attach c2

Setup the environment in the docker:

apt update && apt upgrade -y && apt install nano locate openssh-server -y && apt autoremove
service ssh start
passwd root
adduser user

Copy all necessary files:

sudo docker cp c2-3.1.1_amd64_linux c2:/c2
sudo docker cp c2.db c2:/c2
sudo docker cp c2_setup_token.txt c2:/c2
sudo docker cp privkey.pem c2:/c2
sudo docker cp pubcert.pem c2:/c2
sudo docker cp sha256sums c2:/c2

Copy your SSH-Key to the docker [Link], then connect to it and run C2 for the first time:

ssh-copy-id [email protected] -p 2022
ssh [email protected] -p 2022
/c2/c2-3.1.1_amd64_linux -hostname domain.com -https -keyFile /c2/privkey.pem -certFile /c2/pubcert.pem

Access on your browser to configure the C2: https://domain.com:8080

After configuring the C2 and getting access to it use the commands below to manage the new docker:

sudo docker start c2
sudo docker exec -d c2 service ssh start
sudo docker exec -d c2 /c2/c2-3.1.1_amd64_linux -hostname domain.com -https -keyFile /c2/privkey.pem -certFile /c2/pubcert.pem
sudo docker stop c2

Follow a script to automate turn ON and OFF plus the firewall rules on the host machine:

nano c2.sh

Add the following content:

#!/bin/bash
if [ $1 == 'on' ]
then
        sudo ufw allow 8080 comment 'C2 HTTPS'
        sudo ufw allow 2022 comment 'C2 SSH'
        sudo docker start c2
        sudo docker exec -d c2 service ssh start
        sudo docker exec -d c2 /c2/c2-3.1.1_amd64_linux -hostname domain.com -https -keyFile /c2/privkey.pem -certFile /c2/pubcert.pem
elif [ $1 == 'off' ]
then
        sudo docker stop c2
        sudo ufw deny 8080 comment 'C2 HTTPS'
        sudo ufw deny 2022 comment 'C2 SSH'
else
        echo ''
        echo 'Missing parameter [on/off]'
        echo ''
fi

Set the script executable:

chmod +x c2.sh

Now you can turn the docker on and off using the following commands:

./c2.sh on
./c2.sh off