Hak5 Cloud C2 as a Windows service

As long as the C2 Windows binary is just a plain and simple exe (i.e. a "non-service" executable), it won't be allowed to start as a service in Windows (error 1053). To do this, either A) the C2 binary for Windows needs to be developed in a way that it is allowed to be started as a service or B) use one of the utilities out there on the interwebs that allows using an "ordinary" exe as a service. The "Plan B" is used here building on the tool "srvstart".

Download the latest C2 zip file from Hak5 and extract it

Download srvstart and extract the zip file
https://github.com/rozanski/srvstart/blob/master/srvstart/srvstart_run.v110.zip

Copy/move the two DLL and two EXE files from the srvstart zip to the C:\Windows folder of the computer (or somewhere in PATH)

Make sure that there is a "msvcrt.dll" file in C:\Windows\System32

Rename the Hak5 C2 executable (64 bit variant used here) to c2_amd64_windows.exe

This makes it more "transparent" when the version of the binary isn't a part of the file name (not at all mandatory though)

Open a Command Prompt and execute the C2 binary manually the first time just to make sure that it executes without errors

C:\Tmp\C2\bin\c2_amd64_windows.exe -hostname <PC IP address>

(Confirm any popup from the Defender firewall)

Start a browser and visit http://<PC IP address>:8080 to verify that the web gui can be reached then close the browser or browser tab.

Stop C2 by hitting Ctrl + C

Create a service configuration file using Notepad (or fav text editor) with the following content (replace paths etc according to the environment at hand). Always use full pathnames in the configuration file.

[C2-Win-Service]
startup=C:\Tmp\C2\bin\c2_amd64_windows.exe -hostname <PC IP address>

Save the file with an ini file extension, for example "C2-Win-Service.ini", save it in the same directory as the C2 executable (not mandatory, but neat...)

Start the Command Prompt as admin and execute the following (still notice that changes might be needed to be compatible with paths for the specific PC setup)

srvstart.exe install C2-Win-Service -c C:\Tmp\C2\bin\C2-Win-Service.ini

Some text will show, the important part to notice is "Successfully created non-desktop service"

Open the Services dialog via the Control Panel and the new service should be in the list

Right click the service and select Properties

Click Start and the service should start without any errors

Again, start a browser and visit http://<PC IP address>:8080 to verify that the web gui can be reached, it should work all fine

Go back to the window specific to the C2-Win-Service service (from where the service recently was started)

Notice that it is set to "Manual" startup, change that to "Automatic" and then click Apply

Restart the computer and then verify that the C2 service has been started at Windows boot; verify either by checking the Control Panel > Services and/or visiting the C2 web gui in the browser.

Done!

Popular posts from this blog

Hak5 Cloud C2 on a Raspberry Pi

Setting up the Raspberry Pi (RPi) itself isn't covered here, a default installation of Raspberry Pi OS Lite will do the job. This setup will work on a LAN only, i.e. no external access to the C2 instance from the internet. To get that working, port openings and stuff is needed but that isn't covered here. If needed, run the following to get information about which C2 version to run on the RPi: cat /proc/cpuinfo Note! You need a license key from Hak5 in order to activate/validate the installation (the community edition is free, but still needs a license key). The RPi also needs to have a working connection to the internet since the C2 license is validated at service start, and during runtime as well. Download the C2 zip file to the RPi and unzip it wget https://c2.hak5.org/download/community -O c2.zip unzip c2.zip Start the server manually to verify that it works: ./c2-3.1.2_armv7_linux -hostname <ip address> (or whatever version that was downloaded) When the C2 instance h
Read more

Project name: WEIRDFEED

  Project name: WEIRDFEED Instruction on installing Kali Linux 2020.4 AMD64 using an ISO file downloaded from kali.org on a Windows 10 2004 host/"hypervisor" running VirtualBox 6.1.16 r140961 (w/ VirtualBox Extension Pack) and get the Hak5 Shark Jack available to the VM Make sure that virtualization is enabled in BIOS/UEFI (VT-x/AMD-V) otherwise you might get the turtle Create a new VM in VirtualBox by clicking "New" Name the VM and select Linux as Type and Debian 64-bit as Version Set the desired amount of RAM (using 2048 MB here) Create a Virtual storage device (using 24 GB here) The VM is now created, click "Settings" and make any additional config to the VM (# of CPUs/cores, video RAM, disable floppy, disable audio, shared folders, etc. anything of choice that is valid) Last but not least, attach the Kali Linux ISO file to the virtual optical drive of the VM Click "OK" Click "Start" to boot the VM Select the startup disk if asked (o
Read more