Skip to content

Setting up the C2

Installation and Quick Start

To install the Client and Server docker on the same host and set everything up, simply: 

1
2
wget -O - https://raw.githubusercontent.com/shell-dot/tuoni/main/scripts/setup.sh | bash
cd /srv/tuoni

Or if you prefer shorter curl: 

1
2
curl https://tuoni.sh | bash
cd /srv/tuoni

CLI Autocomplete

The setup will also install shell tuoni autocomplete for bash and zsh. You need to source the autocomplete script to enable it in the setup shell: 

1
source ~/.bashrc
or 
1
source ~/.zshrc
depending on the shell you are using.

All the new shell sessions will have the autocomplete enabled.

After running the installation script and sourcing the relevant rc file, just execute: 

1
tuoni start

This will start the client on port 12702 and server on port 8443 by default using snakeoil certificates. You can change the server port and certificates by editing the config/tuoni.yml file.

The client docker uses nginx docker proxy on port 12702 by default using snakeoil certificates. You can change the port and certificates by editing the docker-compose.yml file.

Configuration File Example

The default configuration file is located at config/tuoni.yml after initialization:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
server:
  port: 8443 # port to listen on
  ssl:
    enabled: true # enable ssl on the server
    key-alias: selfsigned # alias of the key in the keystore
    key-store: ssl/selfsigned.keystore # path to the keystore
    key-store-type: jks # type of the keystore
    key-store-password: selfsigned # password of the keystore
    key-password: selfsigned # password of the key

tuoni: # tuoni configuration
  data-dir: ./data # directory to store data, will be mapped out from the server container
  custom-agent-template-dir: ./agent-templates # directory to store custom agent templates

  auth: # authentication configuration
    credentials: # Default credentials for the server
      username: _credentials_placeholder_username_ # username
      password: _credentials_placeholder_password_ # password
    jwt: # JWT configuration
      expiry-seconds: 86400 # expiry time of the JWT token in seconds
      private-key: file:./prod-private.pem # path to the private key
      public-key: file:./prod-public.pem # path to the public key

logging: # logging configuration
  file: # file appender configuration
    name: ./logs/tuoni-server.log # path to the log file, will be mapped out from the server container
  threshold: # threshold configuration
    console: INFO # console threshold
    file: DEBUG # file threshold
  level: # log level configuration
    com.shelldot.tuoni: debug # application log level
    root: info # root log level
  logback: # logback configuration
    rollingpolicy: # rolling policy configuration
      clean-history-on-start: true # clean history on start
      max-file-size: 10MB # max file size
      max-history: 30 # max history
      total-size-cap: 1GB # total size cap

Operating System Support

  • Works on Debian-based systems.
  • Tested on Ubuntu 22.04 and Kali 2023.4.

CLI Commands

Tuoni CLI Commands

tuoni <start|stop|restart|logs>

C2 interactions

  • Start: Starts client and server docker. 
    1
    tuoni start
  • Stop: Stops client and server dockers. 
    1
    tuoni stop
  • Restart: Restarts client and server dockers. 
    1
    tuoni restart
  • Logs: Tails client and server dockers logs. 
    1
    tuoni logs

tuoni <clean-configuration|update|update-silent>

Maintenance interactions

  • Clean Configuration: Prompts which configuration files to remove and resets them to default. 
    1
    tuoni clean-configuration
  • Update: Perform git and docker pull. 
    1
    tuoni update
  • Update Silent: Perform git and docker pull silently. 
    1
    tuoni update-silent

tuoni <update-docker-images|export-docker-images|import-docker-images>

Docker image interactions

  • Update Docker Images: Updates the docker images. 
    1
    tuoni update-docker-images
  • Export Docker Images: Exports the docker images to /srv/tuoni/transfer/tuoni-docker-images.tar file. 
    1
    tuoni export-docker-images
  • Import Docker Images: Imports the docker images from /srv/tuoni/transfer/tuoni-docker-images.tar file. 
    1
    tuoni import-docker-images

tuoni <transfer-tuoni-package|export-tuoni-package|import-tuoni-package>

Tuoni package transferring interactions

  • Transfer Tuoni Package: Transfers the Tuoni package to remote host via rsync. More details on Offline Mode page. 
    1
    tuoni transfer-tuoni-package
  • Export Tuoni Package: Exports the Tuoni package - git and docker images to /srv/tuoni/transfer folder. 
    1
    tuoni export-tuoni-package
  • Import Tuoni Package: Imports the Tuoni package - git and docker from /srv/tuoni/transfer folder. 
    1
    tuoni import-tuoni-package

Tuoni Server CLI Commands

tuoni server

1
tuoni server <start|stop|restart|logs>
  • Start: Starts server docker. 
    1
    tuoni server start
  • Stop: Stops server docker. 
    1
    tuoni server stop
  • Restart: Restarts server docker. 
    1
    tuoni server restart
  • Logs: Tails the server docker logs. 
    1
    tuoni server logs

Tuoni Client CLI Commands

tuoni client

1
tuoni client <start|stop|restart|logs>
  • Start: Starts client dockers. 
    1
    tuoni client start
  • Stop: Stops client dockers. 
    1
    tuoni client stop
  • Restart: Restarts client dockers. 
    1
    tuoni client restart
  • Logs: Tails the client docker logs. 
    1
    tuoni client logs

Tuoni Client CLI Commands

tuoni docs

1
tuoni docs <start|stop|restart|logs>
  • Start: Starts docs dockers. 
    1
    tuoni docs start
  • Stop: Stops docs dockers. 
    1
    tuoni docs stop
  • Restart: Restarts docs dockers. 
    1
    tuoni docs restart
  • Logs: Tails the docs docker logs. 
    1
    tuoni docs logs