#+TITLE: Installing Hak5's Cloud C2 on Alpine Linux #+DATE: 2020-09-06T19:08:56-04:00 #+DRAFT: false #+DESCRIPTION: #+TAGS[]: alpine linux hak5 #+KEYWORDS[]: alpine linux hak5 #+SLUG: #+SUMMARY: #+ATTR_HTML: :title Cloud C2 on Alpine Linux #+ATTR_HTML: :alt Cloud C2 on Alpine Linux [[file:cover.png]] I recently purchased some products from [[https://hak5.org][Hak5]], some of which integrate with their self-hosted service for monitoring your equipment called the [[https://shop.hak5.org/products/c2][Cloud C2]]. I decided to run it on one of my servers which runs one of my favourite Linux distributions, Alpine Linux. You have the option to purchase the community edition for free from their shop, after which you'll receive a product registration code via email. This email will also contain a link to download the Cloud C2 software, which are distributed as (mostly) statically linked go binaries for several platforms all bundled together in a zip folder. One of the interesting thing I found was that despite my server being 64-bit x86, =c2_community-linux-64= wouldn't work on Alpine Linux. It's dynamically linked to =/lib64/ld-linux-x86-64.so.2=, which doesn't exist on musl libc machines. The =c2_community-linux-32= binary is completely statically linked however, so it runs fine. Their website provides a small tutorial for installing C2 on a systemd-based system, unfortunately it doesn't help me since Alpine uses the OpenRC init system. It's possible to run cloudc2 in something like a =tmux= session, which would work, except it provides no way to reliably restart the service should it go down, and no way to integrate it with the rest of the init system. To remedy this I wrote an OpenRC script and config file, which I've put on github [[https://github.com/dantecatalfamo/Hak5-CloudC2-OpenRC][here]]. I've decided to place the cloudc2 binary in =/opt/cloudc2= because it's not controlled by the package manager, with the logs at =/var/log/cloudc2.log=, and the database at =/var/opt/cloudc2.db=. The repository contains a [[https://github.com/dantecatalfamo/Hak5-CloudC2-OpenRC/blob/master/README.md][readme]] which goes over how to install the files and configure your instance. Here's the gist: - Download and extract the Cloud C2 zip file - Create a new folder called =/opt/cloudc2= - Copy =c2_community-linux-32= into =/opt/cloudc2= - Copy =/init.d/cloudc2= into your system's =/etc/init.d/= - Copy =/conf.d/cloudc2= into your system's =/etc/conf.d/= - Edit =/etc/conf.d/cloudc2= and fill out the variables as desired - NOTE: You must fill out =C2_HOSTNAME= or the service will fail to launch - If you want to place Cloud C2 behind a reverse proxy, you'll have to fill out the =C2_OPT= variable with the correct options #+BEGIN_SRC shell C2_OPTS="-reverseProxy -reverseProxyPort XXX" #+END_SRC Where =XXX= is the port that the reverse proxy will be serving on. - Start the daemon using #+BEGIN_SRC shell rc-service cloudc2 start #+END_SRC - Enable it at boot #+BEGIN_SRC shell rc-update add cloudc2 #+END_SRC - Check =/var/log/cloud2c.log= for your installation token (it may take a minute for it to appear) - Open the web UI and fill out the installation token from the previous step, and your registration code from the email - Done! After that Cloud 2C should restart if it crashed, courtesy of =supervise-daemon=, and launch at boot.