0x27
commented
5 years ago That should be directly portable from o.rc, maybe remove the wget and rely only on curl though (OSX doesn't ship with wget by default, much to my abject confusion)
Open 0xmachos opened 5 years ago
0x27
commented
5 years ago That should be directly portable from o.rc, maybe remove the wget and rely only on curl though (OSX doesn't ship with wget by default, much to my abject confusion)
0xmachos
commented
5 years ago I've copied the curl flags from Orc's orc_loadURL function:
curl --silent --location --insecureThe Akami URL https://whatismyip.akamai.com throws a cert error when using HTTPS. Would it be stealthier to use HTTP, so there isn't an invalid certificate for the SOC to detect?
@0x27 @zMarch
zMarch
commented
5 years ago it's hard to say - on the one hand, we're using akamai, so you'd figure we'll slip past SOCs based on that, but an invalid cert might be problematic, you're right. i went with it because genuinely, i figured an invalid cert makes more sense than using ipgrabber.malware or whatever.
Get external IP address
https://github.com/zMarch/Orc/wiki/getip