Skip to content

C2

Jump to bottom
OMG-MG edited this page May 2, 2024 · 5 revisions

C2

Table of Contents

Control your O.MG Devices from anywhere. Control a fleet of them if you need!

The latest Web UI on O.MG Devices has proven to be extremely powerful while also being very easy to use. But it requires that you connect your controlling device to the O.MG Device’s webserver. (either over an Access Point created by the O.MG Device, or on an existing wifi network where the O.MG Device is connected to). With C2, the O.MG Device can be configured to connect out to a C2 server. Your controlling device will then communicate directly with the C2 server, allowing you to control your O.MG Device from anywhere.

The O.MG C2 Server is available as a Stand-Alone Beta, implemented in python. The python is designed to be run from any server, and provides an easy to follow implementation that can be integrated into other C2 products if desired.

Overview C2

The O.MG C2 Server acts as an asynchronous relay, where the AdminUI will leave commands for the O.MG Elite device to later retrieve on its next poll, where it will also respond with the command output.

This means that traffic is NOT real-time as you may be familiar with from StandAlone mode. Messages will process as fast or as slow as you configure under the Poll Intervals, explained in greater detail below.

While data is sent over HTTP, it is encrypted using MonoCypher. This was chosen to ensure the data would be encrypted, while also more likely to work within networks that may contain packet inspection or content filtering. After all, the traffic will appear inspectable.

You should ideally restrict C2Admin to a private network, and only open C2Server to the public internet. You can do this via a firewall rule, Nginx reverse proxy, etc.

Requirements

  • To run the O.MG C2 Server, you will need python3 installed on your computer. See: https://www.python.org/downloads/
  • You may also need to install pymonocypher via pip. To do that, you can run the following command: pip3 install pymonocypher
  • Depending on your Host, open the required ports in your Firewall configuration (Default: 8080 & 8000)

Instructions

  • Download the c2server folder from our GitHub O.MG-Firmware Repo: https://github.com/O-MG/O.MG-Firmware/tree/beta/c2server. (Note where you've downloaded it, and where you wish to run it from.)

  • Open your Terminal, navigate to the downloaded c2server folder (probably: ~/Downloads/c2server) And then run the following command to provision a new O.MG Elite Device: python3 c2server.py provision

    • cableName = An alias for you to easily identify different devices.
    • slowInterval = How often the O.MG Device should connect to C2Server to see if there are any queued commands waiting to run. Time is measured in Seconds between 1 and 2600000 (approx: 1 month).
    • fastInterval = How often the O.MG Device should connect to the C2Server to continue executing queued commands when data is waiting. Time is measured in Seconds between 1 and 600 (10 minutes).
    • connectInterval = How often the O.MG Device should connect to the C2Server to try completing provisioning. Time is measured in Seconds between 1 and 2600000 (approx: 1 month).

Example: python3 ./c2server.py provision cableOne 60 1 600 This example will run a normal polling check every 60 seconds, and then on the next check, if there is data waiting, will check in every second until the backlog has been cleared. If unable to connect to the C2 Server, it will back off for 10 minutes and then try again. You will be given a Provision-File, which will look something like this:

C2 provision

Copy the content without including the header, so your configuration string will look like this: host_pk = 02b81b0ebc514c3d6d6236c6c3d4e8bdfa72c2fd64bd4e7c4d281d69d6b88e6d,host_url = 192.168.50.107,host_port = 8000,host_path = "",client_id = 894703,client_sk = 9f68355f14968d70bdcda1be6a14e72cf8a9c66782bdbf3fadf70a44819a3f92,poll_rate = 30,fast_rate = 5

The given Provision-String needs to be copy/pasted into the Cable's WebUI under [SETTINGS] -> [NET] -> C2 Config

C2 config

Press the [Change Settings] button to Apply.

If you have multiple devices you wish to provision at once, you can append them to the provision command. Example: python3 ./c2server.py provision cableOne 60 2 60 cableTwo 30 5 300 cableThree 15 15 600

Once you have completed provisioning, start the server via the command: python3 ./c2server.py

C2 start

Default Ports: C2Server: 8000 C2Admin: 8080

Once the server is running, just open your browser and connect to your bound IP Address at port 8080. Example: http://192.168.1.107:8080/

User Interface

In general, the user interface matches the frontend of the OMG Elite device as you already know it. The main differences are the [Queue] tab as also the device selection.

In the Top-Left of the Header Bar, you can select the device you want to control, these are named after the identifiers you used while provisioning. The name of the device you are currently in control of acts as a button. When pressed, it will let you select which provisioned device you wish to administer.

C2 device_select

The other main difference is the [Queue] tab. Selecting this tab allows you to send commands directly, checking the command queue and different C2 specific options.

C2 queuetab

Otherwise, the C2 Frontend behaves pretty much the same as it does on the OMG Elite device.

Clone this wiki locally