FAQ / Troubleshooting Tips

This page will keep a running set of frequently asked questions or troubleshooting tips

Tried starting Apfell, but the apfell_postgres container keeps restarting.

This likely means that the postgres container can't bind to the port it needs. Check to make sure there isn't already something listening locally on 5432. If you're using Kali Linux, it's likely that metasploit is already using that port for its postgres database.

Started the default container, created a payload, but it's not connecting back.

This is likely just due to specifying the wrong IP/port somewhere. All of the C2 profile docker containers simply accept connections from agents, remove any special C2 magic that you're using, and redirect the actual agent message to your Apfell instance. Let's take the default profile as an example:

  • Say your main web UI is listening on http://192.168.205.151

  • All C2 profiles need to point to this address (or localhost) on port 80 for their apfellBase parameter. Let's say your default docker container is listening on port 9000. So, your apfellBase should be http://192.168.205.151.

  • When creating your agent, you either need to specify a redirector IP/Domain and port, or specify your C2 profile docker container. Assuming you're connecting directly to the docker container, you'd specify your callback_host as http://192.168.205.151 and callback_port as 9000.

Your actual C2 flow would look like:

Agent -> Default Docker (http://192.168.205.151:9000) -> Apfell Main Server (http://192.168.205.151).