This image packs the amazing Hak5C² software into a secure and light weight alpine-linux based docker container. It is a fork based on https://github.com/LindezaGrey/hak5c2 using more strict docker-compose style and the ability to work with self-signed certs.
Create .env file in the same directory with the following content and modify values as needed:
DB=/db/c2.db
HTTPS=True
KEYFILE=/cert/cert.key
CERTFILE=/cert/cert.crt
# change what's needed after this line
HOSTNAME=c2.example.com
LISTENIP=0.0.0.0
LISTENPORT=8080
SSHPORT=2022
# If set, Cloud C2 will work behind a reverse proxy like nginx proxy-companion
REVERSEPROXY=
REVERSEPROXYPORT=
Run using docker-compose
docker-compose up
Copy the Setup token which is displayed during setup, otherwise, if startet with -d grep it later:
docker logs hak5c2 | grep "token"
Now you will be able to access the webinterface by navigating to <IP/Hostname>:443.
In case you want to start over fresh remove the files in the c2DB and the certs folder and restart the container. The files will be regenerated now.
There are three TLS Options:
- Self signed cert using the cetificate files created during container launch predefined through the .env files
- Reverseproxy using the .env config Options
- LetsEncrypt cert by deleting the predefined KEYFILE and CERTFILE values. -> Keep in Mind that port 80/tcp and 443/tcp need to be reachable (mind NAT and firewalls) for the certificate generation by the LetsEncrypt bot. Also a valid domain is needed.
Of course an unencrypted deployment is possible by removing the HTTPS variable.